New
#1
Sasser worm Lsass.exe help please
Hi all. Thought I had problems before, during all my messing around I somehow got the Sasser Worm, Lsass.exe variant.
This thing has actually overwritten my Master Boot Record and locked up my Hdd. Says I need password then shuts down or locks on spot. BIOS also overwritten options grayed out and 'new' shell options added. It had also hijacked my router, using udp mostly, but using aliases under every program I've had the past 10 years, thanks to my legacy desktop.
Hi all. New to forums, been browsing for some time. Need serious help.
Have Asus g73jh bst laptop. Seagate momentus hdd, sata, Intel chipset. Installation came with os partition. Also have old winxp desktop, amd 2400+, nvidia MB, 2 IDE hdd (homebuilt in 2002, yep old).
Here's the situation. Somehow got the virus, when or how can't say, but has to be a few months at least as when my laptop was bricked, started pc for 1st time in at least 3-4 months, and it was fully infected.
The worm has over written my MBR and BIOS, sending false reports of password, so can't post with HD installed. I do have a DVD with malwarebytes, but it's not bootable. Can boot in with recovery cd to cmd prompt, but can't gain any access to sc, wmi, etc. Not anything close to a cmd line expert, just been trying to learn as I go.
I'm locked out of network, so can't download anything, both systems. I was able to run mal on xp machine, isolated 5 Trojans, but don't know how to regain control. Slowly being locked out of various items, mmc's. Locked out of device mgr, but at least can get into os on this.
For laptop, nothing I can do until I can somehow get into system with hdd installed, currently pulled out.
Probably missing details. Oh, this thing has also infected router, creates its own share accounts even after hard reset. Just a mess. Any help would be great.
I'm almost hopeless, and hope you can advise. Have Seagate Momentus, with Ata password (I think) stored on Hd itself, though with MBR and BIOS overwritten, can't tell for sure. It's blocked all access to network, I'm on iPhone atm.
I can't get past bios w/ hdd on to even reformat or restore. It's remapped the onboard mem sector, virtual mount, and I'm no cmd line expert. Man I'm tired, hurricane not enough, dealing with this between outages. Just want to somehow regain access to Hdd and write/pass the the thing 10 times and begin recovering what I can.
Chastity, if you happen to read this, I did create your install CD, maybe a tool there that can help?
Thanks all.