I am receiving the following message when I boot the computer:
lsass.exe - access denied
a process has requested access to an object, but has not been granted
those access rights.
I have:
1) Ran F-Prot virus scan via Hiren's Boot CD v7.9 [found FormatC@troj,
Munga.D, W32/Dialer.BSK) deleted infected files.
2) Restored lsass.exe (windows\system32) with the XP CD
Any ideas?
I see you found the Munga Trojan. As you mentioned FormatC@troj and
Munga.D. When I google munga trojan format c I get a lot of interesting
information.
Apparantly there have been different variants of a trojan called Munga. It
originally was a batch file then an exe file then it became more complex.
But it all did the same thing: attempt to format your hard drive and make
your date irrecoverable. Hope that has not happened to you but if you can
find someone who knows DOS (disk operating system not denial of service} you
can find if your data is still on your hard disk. What my concern is that
the data may be overwritten and hard to recover if the trojan is as nasty as
it claims to be. You had a dialer too and I wonder if the hacker wanted to
wipe your hard drive in order to cover his tracks once the dialer has been
used.
I do not seem very helpful but if you find that you are not stung with a big
phone bill and your data if safe you will be a very happy camper. But it
goes to show how important it is to keep your computer safe. Years ago to
have a disk formated the destructive way such as creating bad sectors would
cost the person mega bucks to get a new computer. Today it is much cheaper
to replace the harddisk and/or the computer but one could still stand to
lose mega bucks through hefty phone bills from dialers. All the more reason
to practise safe computing.