Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Worm:Win32/Ainslot.A

26 Sep 2011   #1
CommandoBob

Windows 8 Professional x64
 
 
Worm:Win32/Ainslot.A

Category: Worm

Description: This program is dangerous and self-propagates over a network connection.

Recommended action: Remove this software immediately.

Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the Allow action and click Apply actions. If this option is not available, log on as administrator or ask the security administrator for help.

Items:
processid:2196

Get more information about this item online.



I somehow got this worm on my PC and whenever I try to remove it Microsoft Security Essentials it gives me an BSOD 0x0000004. Help!


My System SpecsSystem Spec
.
26 Sep 2011   #2
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

https://connect.microsoft.com/systemsweeper
Give this a shot. It's free from Microsoft.
Please let us know what is found
My System SpecsSystem Spec
26 Sep 2011   #3
CommandoBob

Windows 8 Professional x64
 
 

Will try once home, ty
My System SpecsSystem Spec
.

26 Sep 2011   #4
StalkeR

Windows 7 Ultimate SP1 / Windows 10 Pro x64
 
 

My System SpecsSystem Spec
26 Sep 2011   #5
CommandoBob

Windows 8 Professional x64
 
 

Full scan and didn't found anything.


--------------------------------------------------------------------------------
Standalone System Sweeper Log, (c) 2006
Started On Mon Sep 26 2011 15:35:20
************************************************************
Product Version: 2.0.213.0
Engine Version: 1.1.2803.0
AS Signature Version: 1.0.0.0
AV Signature Version: 1.0.0.0
************************************************************
Signature updated on Mon Sep 26 2011 15:35:41
Product Version: 2.0.213.0
Engine Version: 1.1.7702.0
AS Signature Version: 1.113.275.0
AV Signature Version: 1.113.275.0
************************************************************
Standalone System Sweeper Log, (c) 2006
Stopped On Mon Sep 26 2011 16:33:21 (Exit Code = 0x0)
************************************************************
--------------------------------------------------------------------------------
Standalone System Sweeper Log, (c) 2006
Started On Mon Sep 26 2011 16:43:45
************************************************************
Product Version: 2.0.213.0
Engine Version: 1.1.2803.0
AS Signature Version: 1.0.0.0
AV Signature Version: 1.0.0.0
************************************************************
Signature updated on Mon Sep 26 2011 16:43:58
Product Version: 2.0.213.0
Engine Version: 1.1.7702.0
AS Signature Version: 1.113.275.0
AV Signature Version: 1.113.275.0
************************************************************
--------------------------------------------------------------------------------
Standalone System Sweeper Log, (c) 2006
Started On Mon Sep 26 2011 17:12:34
************************************************************
Product Version: 2.0.213.0
Engine Version: 1.1.2803.0
AS Signature Version: 1.0.0.0
AV Signature Version: 1.0.0.0
************************************************************
Signature updated on Mon Sep 26 2011 17:12:47
Product Version: 2.0.213.0
Engine Version: 1.1.7702.0
AS Signature Version: 1.113.275.0
AV Signature Version: 1.113.275.0
************************************************************










ERRORS_ONLY=0
MAX_SIZE=5120
APPEND=1
MAX_LINE_SIZE=256
-------------------------------------------------
START 2011/09/26 15:35:01:502 TID:800 PID:768

INFO 2011/09/26 15:35:01:502 TID:800 PID:768
Binary architecture is amd64

INFO 2011/09/26 15:35:01:534 TID:800 PID:768
IsFileExists(C:\Windows\SysWOW64\ntdll.dll) returned 0x00000000

INFO 2011/09/26 15:35:01:534 TID:800 PID:768
CheckProcessorArchitecture returned 0x00000000

INFO 2011/09/26 15:35:01:534 TID:800 PID:768
SetRecoveryEnvironmentKey returned 0x00000000

INFO 2011/09/26 15:35:01:534 TID:800 PID:768
GetSystemSweeperPath returned 0x00000000

INFO 2011/09/26 15:35:01:534 TID:800 PID:768
System Sweeper Directory = 'x:\Program Files\Standalone System Sweeper'

WARNING 2011/09/26 15:35:01:534 TID:800 PID:768
Missing definitions file in 'C:\mpam-fex64.exe'

INFO 2011/09/26 15:35:01:534 TID:800 PID:768
Found definitions file in 'D:\mpam-fex64.exe'

INFO 2011/09/26 15:35:01:534 TID:800 PID:768
Signatures File Target = 'x:\Program Files\Standalone System Sweeper\mpam-fe.exe'

INFO 2011/09/26 15:35:14:575 TID:800 PID:768
CopySignatureFile returned 0x00000000

INFO 2011/09/26 16:33:24:395 TID:800 PID:768
RunCallisto returned 0x00000000

FINISH 2011/09/26 16:33:24:395 TID:772 PID:768


START 2011/09/26 16:43:27:014 TID:816 PID:808

INFO 2011/09/26 16:43:27:014 TID:816 PID:808
Binary architecture is amd64

INFO 2011/09/26 16:43:27:061 TID:816 PID:808
IsFileExists(C:\Windows\SysWOW64\ntdll.dll) returned 0x00000000

INFO 2011/09/26 16:43:27:061 TID:816 PID:808
CheckProcessorArchitecture returned 0x00000000

INFO 2011/09/26 16:43:27:061 TID:816 PID:808
SetRecoveryEnvironmentKey returned 0x00000000

INFO 2011/09/26 16:43:27:061 TID:816 PID:808
GetSystemSweeperPath returned 0x00000000

INFO 2011/09/26 16:43:27:061 TID:816 PID:808
System Sweeper Directory = 'x:\Program Files\Standalone System Sweeper'

WARNING 2011/09/26 16:43:27:061 TID:816 PID:808
Missing definitions file in 'C:\mpam-fex64.exe'

INFO 2011/09/26 16:43:27:061 TID:816 PID:808
Found definitions file in 'D:\mpam-fex64.exe'

INFO 2011/09/26 16:43:27:061 TID:816 PID:808
Signatures File Target = 'x:\Program Files\Standalone System Sweeper\mpam-fe.exe'

INFO 2011/09/26 16:43:40:087 TID:816 PID:808
CopySignatureFile returned 0x00000000
START 2011/09/26 17:12:15:624 TID:824 PID:768

INFO 2011/09/26 17:12:15:624 TID:824 PID:768
Binary architecture is amd64

INFO 2011/09/26 17:12:15:656 TID:824 PID:768
IsFileExists(C:\Windows\SysWOW64\ntdll.dll) returned 0x00000000

INFO 2011/09/26 17:12:15:656 TID:824 PID:768
CheckProcessorArchitecture returned 0x00000000

INFO 2011/09/26 17:12:15:656 TID:824 PID:768
SetRecoveryEnvironmentKey returned 0x00000000

INFO 2011/09/26 17:12:15:656 TID:824 PID:768
GetSystemSweeperPath returned 0x00000000

INFO 2011/09/26 17:12:15:656 TID:824 PID:768
System Sweeper Directory = 'x:\Program Files\Standalone System Sweeper'

WARNING 2011/09/26 17:12:15:656 TID:824 PID:768
Missing definitions file in 'C:\mpam-fex64.exe'

INFO 2011/09/26 17:12:15:656 TID:824 PID:768
Found definitions file in 'D:\mpam-fex64.exe'

INFO 2011/09/26 17:12:15:656 TID:824 PID:768
Signatures File Target = 'x:\Program Files\Standalone System Sweeper\mpam-fe.exe'

INFO 2011/09/26 17:12:28:697 TID:824 PID:768
CopySignatureFile returned 0x00000000
My System SpecsSystem Spec
26 Sep 2011   #6
CommandoBob

Windows 8 Professional x64
 
 

Ran in safe mode and removed with Malwarebytes. Close please!
My System SpecsSystem Spec
Reply

 Worm:Win32/Ainslot.A




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
ainslot.a virus help!
hello guys few days ago i got a virus named ainslot.a i tried to remove it with microsoft security essentials but i got bluescreen then i downloaded malwarebytes and removed it but my uncle and his friends say that i need to clean the computer completely? do i need to do that or is the virus...
System Security
Windows xp Win32 worm malware unable to work with keybord
Hello there, i was surfing the internet and i turned off my firewall :o and a virus entered my system. It's calledd internet security and it come's with several infeccions such as win32 worm that doesn't allow me to open .exe files. I have entered in safe mode and dowloaded Avast antivirus and i...
System Security
Win32/Blaster Worm Affected !!
Hi everyone..my system is Win 7 32 bit Ultimate edition.. A new virus? named Win32/BlasterWorm is affecti my laptop now since the past 3 days... I am not able to open any Files or Flders nor open Ie nor firefox..i had avg home edition installed n y laptop but whenever i try it open it the...
System Security
MSE Worm:Win32/Ainslot32.A
Mse Keeps giving me an alert on this worm. I have deleted and quarantined it but shows up on each reboot. Ithink it is some how connected to this C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe as after deleting or quarantine MSE wants to send this for asessment to detemine if it is...
System Security
Got a win32 blaster worm and can't get rid of it?
Microsoft essentials didn't detect it, maleware bytes didn't detect it. I can't open any programs, the option to open or install as administrator is NOT THERE. I used ESET online scanner it detected the two worms and "said" it cleaned them. And I just found out win 7 deletes all my restore points....
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 08:19.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App