Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cacls.exe


  • Please log in to reply
6 replies to this topic

#1 GaGlets

GaGlets

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:51 AM

Posted 26 July 2011 - 05:54 AM

I used cacls.exe on `C:\Windows\system32\services.exe` process, setted `everyone:N` and my windows wont load now. I used cacls because I though it is `trojan backdoor` which I searched for while on my OS - it used half of my cpu etc..
Windows boot screen shows up and after that I see only cursor and black/blank screen. Installed Recovery console works completely fine everything else have the same problem (Safe mode, Last Known Good Config...). How can I fix my problem without 100% reinstall?

Edited by hamluis, 26 July 2011 - 06:38 AM.
Moved from Am I Infected to Windows XP.

I made you to read this.

Regards GaGlets

BC AdBot (Login to Remove)

 


#2 .X.

.X.

  • Members
  • 490 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:51 AM

Posted 26 July 2011 - 06:26 AM

I don't know whether this will work but how about trying to delete it from recovery console and then copy it over from the dllcache folder? If you get permission denied you could try resetting the permission with a Windows PE disk like Ultimate Boot CD.

#3 GaGlets

GaGlets
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:51 AM

Posted 26 July 2011 - 06:31 AM

Uhm great idea! But where I could found that dllchache folder? I am just a newbie in windows repairing.

Edit:
OS : Windows XP SP3

Edited by GaGlets, 26 July 2011 - 06:36 AM.

I made you to read this.

Regards GaGlets

#4 .X.

.X.

  • Members
  • 490 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:51 AM

Posted 26 July 2011 - 07:57 AM

system32\dllcache

#5 GaGlets

GaGlets
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:51 AM

Posted 27 July 2011 - 07:29 AM

Thank you for your help, reinstalled OS, just before last post. Feeling smarter now.

I know this is not the right place to ask, but please PM me with information you know about what kind of malware I had. It changed permissions for any programme which touched its registry entry/file ( Anti-virus softwares were unable to load showing that user dont have permissions to run it, even ccleaner was unable to start after registry scan, the same with Hijackthis, Malware-bytes etc.. )

Edit:
Allright got it, it was the newest one - TrojanFakeAV - real user told me that he installed unknown flash player from youtube after facebook message.

Edited by GaGlets, 27 July 2011 - 07:49 AM.

I made you to read this.

Regards GaGlets

#6 .X.

.X.

  • Members
  • 490 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:51 AM

Posted 27 July 2011 - 08:17 AM

Glad you got it sorted.

I'm afraid I don't do malware. Never been infected.

#7 hamluis

hamluis

    Moderator


  • Moderator
  • 56,086 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:02:51 AM

Posted 27 July 2011 - 10:14 AM

Malware issues...should be initiated via a new post in either of our two forums for dealing with such.

Am I infected What do I do - http://www.bleepingcomputer.com/forums/forum103.html

BC Virus, Trojan, Spyware, and Malware Removal Logs - http://www.bleepingcomputer.com/forums/forum22.html , following the guidance contained in the Preparation Guide, Before Using Malware Removal Tools and Requesting Help - http://www.bleepingcomputer.com/forums/topic34773.html .

These are the two primary forums for dealing with/discussing malware issues.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users