Worm:Win32/Ainslot.A


  1. CommandoBob
    Posts : 215
    Windows 8 Professional x64
       New #1

    Worm:Win32/Ainslot.A


    Category: Worm

    Description: This program is dangerous and self-propagates over a network connection.

    Recommended action: Remove this software immediately.

    Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the Allow action and click Apply actions. If this option is not available, log on as administrator or ask the security administrator for help.

    Items:
    processid:2196

    Get more information about this item online.



    I somehow got this worm on my PC and whenever I try to remove it Microsoft Security Essentials it gives me an BSOD 0x0000004. Help!
      My Computer
    Quote Quote

  3. Layback Bear
    Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       New #2

    https://connect.microsoft.com/systemsweeper
    Give this a shot. It's free from Microsoft.
    Please let us know what is found
      My Computer
    Quote Quote

  4. CommandoBob
    Posts : 215
    Windows 8 Professional x64
    Thread Starter
       New #3

    Will try once home, ty
      My Computer
    Quote Quote

  6. StalkeR
    Posts : 8,679
    Windows 10 Pro x64
       New #4

    We have tutorial also. :)
    https://www.sevenforums.com/tutorials...m-sweeper.html
      My Computer
    Quote Quote

  7. CommandoBob
    Posts : 215
    Windows 8 Professional x64
    Thread Starter
       New #5

    Full scan and didn't found anything.


    --------------------------------------------------------------------------------
    Standalone System Sweeper Log, (c) 2006
    Started On Mon Sep 26 2011 15:35:20
    ************************************************************
    Product Version: 2.0.213.0
    Engine Version: 1.1.2803.0
    AS Signature Version: 1.0.0.0
    AV Signature Version: 1.0.0.0
    ************************************************************
    Signature updated on Mon Sep 26 2011 15:35:41
    Product Version: 2.0.213.0
    Engine Version: 1.1.7702.0
    AS Signature Version: 1.113.275.0
    AV Signature Version: 1.113.275.0
    ************************************************************
    Standalone System Sweeper Log, (c) 2006
    Stopped On Mon Sep 26 2011 16:33:21 (Exit Code = 0x0)
    ************************************************************
    --------------------------------------------------------------------------------
    Standalone System Sweeper Log, (c) 2006
    Started On Mon Sep 26 2011 16:43:45
    ************************************************************
    Product Version: 2.0.213.0
    Engine Version: 1.1.2803.0
    AS Signature Version: 1.0.0.0
    AV Signature Version: 1.0.0.0
    ************************************************************
    Signature updated on Mon Sep 26 2011 16:43:58
    Product Version: 2.0.213.0
    Engine Version: 1.1.7702.0
    AS Signature Version: 1.113.275.0
    AV Signature Version: 1.113.275.0
    ************************************************************
    --------------------------------------------------------------------------------
    Standalone System Sweeper Log, (c) 2006
    Started On Mon Sep 26 2011 17:12:34
    ************************************************************
    Product Version: 2.0.213.0
    Engine Version: 1.1.2803.0
    AS Signature Version: 1.0.0.0
    AV Signature Version: 1.0.0.0
    ************************************************************
    Signature updated on Mon Sep 26 2011 17:12:47
    Product Version: 2.0.213.0
    Engine Version: 1.1.7702.0
    AS Signature Version: 1.113.275.0
    AV Signature Version: 1.113.275.0
    ************************************************************










    ERRORS_ONLY=0
    MAX_SIZE=5120
    APPEND=1
    MAX_LINE_SIZE=256
    -------------------------------------------------
    START 2011/09/26 15:35:01:502 TID:800 PID:768

    INFO 2011/09/26 15:35:01:502 TID:800 PID:768
    Binary architecture is amd64

    INFO 2011/09/26 15:35:01:534 TID:800 PID:768
    IsFileExists(C:\Windows\SysWOW64\ntdll.dll) returned 0x00000000

    INFO 2011/09/26 15:35:01:534 TID:800 PID:768
    CheckProcessorArchitecture returned 0x00000000

    INFO 2011/09/26 15:35:01:534 TID:800 PID:768
    SetRecoveryEnvironmentKey returned 0x00000000

    INFO 2011/09/26 15:35:01:534 TID:800 PID:768
    GetSystemSweeperPath returned 0x00000000

    INFO 2011/09/26 15:35:01:534 TID:800 PID:768
    System Sweeper Directory = 'x:\Program Files\Standalone System Sweeper'

    WARNING 2011/09/26 15:35:01:534 TID:800 PID:768
    Missing definitions file in 'C:\mpam-fex64.exe'

    INFO 2011/09/26 15:35:01:534 TID:800 PID:768
    Found definitions file in 'D:\mpam-fex64.exe'

    INFO 2011/09/26 15:35:01:534 TID:800 PID:768
    Signatures File Target = 'x:\Program Files\Standalone System Sweeper\mpam-fe.exe'

    INFO 2011/09/26 15:35:14:575 TID:800 PID:768
    CopySignatureFile returned 0x00000000

    INFO 2011/09/26 16:33:24:395 TID:800 PID:768
    RunCallisto returned 0x00000000

    FINISH 2011/09/26 16:33:24:395 TID:772 PID:768


    START 2011/09/26 16:43:27:014 TID:816 PID:808

    INFO 2011/09/26 16:43:27:014 TID:816 PID:808
    Binary architecture is amd64

    INFO 2011/09/26 16:43:27:061 TID:816 PID:808
    IsFileExists(C:\Windows\SysWOW64\ntdll.dll) returned 0x00000000

    INFO 2011/09/26 16:43:27:061 TID:816 PID:808
    CheckProcessorArchitecture returned 0x00000000

    INFO 2011/09/26 16:43:27:061 TID:816 PID:808
    SetRecoveryEnvironmentKey returned 0x00000000

    INFO 2011/09/26 16:43:27:061 TID:816 PID:808
    GetSystemSweeperPath returned 0x00000000

    INFO 2011/09/26 16:43:27:061 TID:816 PID:808
    System Sweeper Directory = 'x:\Program Files\Standalone System Sweeper'

    WARNING 2011/09/26 16:43:27:061 TID:816 PID:808
    Missing definitions file in 'C:\mpam-fex64.exe'

    INFO 2011/09/26 16:43:27:061 TID:816 PID:808
    Found definitions file in 'D:\mpam-fex64.exe'

    INFO 2011/09/26 16:43:27:061 TID:816 PID:808
    Signatures File Target = 'x:\Program Files\Standalone System Sweeper\mpam-fe.exe'

    INFO 2011/09/26 16:43:40:087 TID:816 PID:808
    CopySignatureFile returned 0x00000000
    START 2011/09/26 17:12:15:624 TID:824 PID:768

    INFO 2011/09/26 17:12:15:624 TID:824 PID:768
    Binary architecture is amd64

    INFO 2011/09/26 17:12:15:656 TID:824 PID:768
    IsFileExists(C:\Windows\SysWOW64\ntdll.dll) returned 0x00000000

    INFO 2011/09/26 17:12:15:656 TID:824 PID:768
    CheckProcessorArchitecture returned 0x00000000

    INFO 2011/09/26 17:12:15:656 TID:824 PID:768
    SetRecoveryEnvironmentKey returned 0x00000000

    INFO 2011/09/26 17:12:15:656 TID:824 PID:768
    GetSystemSweeperPath returned 0x00000000

    INFO 2011/09/26 17:12:15:656 TID:824 PID:768
    System Sweeper Directory = 'x:\Program Files\Standalone System Sweeper'

    WARNING 2011/09/26 17:12:15:656 TID:824 PID:768
    Missing definitions file in 'C:\mpam-fex64.exe'

    INFO 2011/09/26 17:12:15:656 TID:824 PID:768
    Found definitions file in 'D:\mpam-fex64.exe'

    INFO 2011/09/26 17:12:15:656 TID:824 PID:768
    Signatures File Target = 'x:\Program Files\Standalone System Sweeper\mpam-fe.exe'

    INFO 2011/09/26 17:12:28:697 TID:824 PID:768
    CopySignatureFile returned 0x00000000
      My Computer
    Quote Quote

  8. CommandoBob
    Posts : 215
    Windows 8 Professional x64
    Thread Starter
       New #6

    Ran in safe mode and removed with Malwarebytes. Close please!
      My Computer
    Quote Quote

 

  Related Discussions
Hi, I have been infected with a Worm that comes from a flash drive. According to my current antivirus (MSE), it was Worm:Win32/Mogoogwi.A!Ink and listed as a severe. My current anti virus detects it but it keeps coming back. Can you please help me getting rid of this worm or virus (whatever you...
Hello there, i was surfing the internet and i turned off my firewall :o and a virus entered my system. It's calledd internet security and it come's with several infeccions such as win32 worm that doesn't allow me to open .exe files. I have entered in safe mode and dowloaded Avast antivirus and i...
Hi everyone..my system is Win 7 32 bit Ultimate edition.. A new virus? named Win32/BlasterWorm is affecti my laptop now since the past 3 days... I am not able to open any Files or Flders nor open Ie nor firefox..i had avg home edition installed n y laptop but whenever i try it open it the...
MSE Worm:Win32/Ainslot32.A
in System Security

Mse Keeps giving me an alert on this worm. I have deleted and quarantined it but shows up on each reboot. Ithink it is some how connected to this C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe as after deleting or quarantine MSE wants to send this for asessment to detemine if it is...
Microsoft essentials didn't detect it, maleware bytes didn't detect it. I can't open any programs, the option to open or install as administrator is NOT THERE. I used ESET online scanner it detected the two worms and "said" it cleaned them. And I just found out win 7 deletes all my restore points....
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 22:13.
Find Us