Sasser worm residual problem
vanagon40
Indiana Member
I got the Sasser worm last Saturday. I'm running Windows XP home on fairly new Dell. I got rid of the Worm (I think) by running updated McAfee, the McAfee stinger, and a manual search for the Worm files. I then installed the Microsoft patch for the vulnerability issue.
Everything runs fine, but when I log onto Windows, I get the following message: "msvcirt.exe has encountered a problem and needs to close. . ."
I never saw this before the Worm, and the other users on this computer do not get this message when logging on. All programs seem to work fine otherwise.
Any suggestions?
Everything runs fine, but when I log onto Windows, I get the following message: "msvcirt.exe has encountered a problem and needs to close. . ."
I never saw this before the Worm, and the other users on this computer do not get this message when logging on. All programs seem to work fine otherwise.
Any suggestions?
0
Comments
This is the Sasser (A-D) Worm Removal Tool (KB841720)
Looks like it infected your user session. Are you running as admin or as a user??? Try running the tool CSIMON linked to, twice. Once as admin, THEN as your user. In this case, your user startup stuff for the virus, possibly background run and not in your startup folder in this case, did not get wiped. XP, now that it is patched, is killing an app that is virused, or the virus executable itself, that is run for your user and not the rest.
Tool run both ways should check things for you, and possibly fix your startup error problem if this is not an infected app.
Yup, Sasser residue....