- Admin
- #1
System
Staff member
- May 19, 2012
Attempts to start the Windows Firewall from the Control Panel, result in error message "Due to an unidentified problem, Windows cannot display Windows Firewall settings." And, the Services tab is inspected, Windows Firewall is not listed.
This problem started a few days ago as a result of some malware that infected the PC. I believe the malware is gone now. At least the Microsoft Security Scanner (msert.exe), MalwareBytes and Hitman Pro all report no issues - even after a reboot and use of
Internet Explorer.
Belowis the list of malware stopped/removed chronologically, by tool.
Threats stopped by TrendMico Antivirus:
Threat Files Affected
Mal_Xin12 C:RECYLERS-1-5-21-3319695166-3526112567-1141$a7f1669b049d81421a31d2a5a58d40af@
Mal_Xin12 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40af@
Mal_Xin12 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40af@
Mal_Xin12 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40af@
TROJ_GEN.RCBCDL6 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40afU000000a.@
TROJ_ZEROA.SM2 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40afU800000cb.@
TROJ_SPRN.03L812 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40afU80000000.@
TROJ_SPRN.03L812 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40afU80000000.@
JAVA_EXPLOIT.JS C
ocuments and SettingsApplication DataSunJavaDeploymentcache6.04647861 dee-5378mordorgorlum.class
JAVA_EXPLOIT.JS Cocuments and SettingsApplication DataSunJavaDeploymentcache6.04647861 dee-5378gendalfpoison.class
JAVA_EXPLOIT.JS Cocuments and SettingsApplication DataSunJavaDeploymentcache6.04647861 dee-5378gendalflightening.class
JAVA_EXPLOIT.JS Cocuments and SettingsApplication DataSunJavaDeploymentcache6.04647861 dee-5378gendalffrost.class
JAVA_RILLY.AB Cocuments and SettingsLocal SettingsTempjar_cache2208438118051375752.tmpMilliap.class
TROJ_GEN.R3BCDLM Cocuments and SettingsApplication DataSunJavaDeploymentcache6.0251d98d5d9-6495f90
TROJ_GEN.R3BCDLM Cocuments and SettingsTempNQLUTT.exe
Threats stopped by Microsoft Saftey Scanner 1.0.3001.0:
Trojan: Win32/Medfos.A
Trojan: Win32/Medfos.B (partially)
Rogue: Win32/WinWebsec
Trojan: JS/Medfos.A
Trojan: JS/Tracor.F
Trojan Downloader: Win32/Karagamy.I
Threats removed by Hitman Pro (the log can be forwarded if it's helpful):
Malware: rfweit
Trojan: n
Trojan: n
No threats were found or removed by MalwareBytes.
I'm running Windows XP sp3 with all but the very latest updates. The latest update were released just after the problem started so I'm holding off installing the updates until this issue is resolved. As part of the virus removal, all versions of Java have
been removed from the PC.
At this point, I think I just need help getting Windows Firewall working again unless I'm unknowingly missing something. Can you help?
Thanks in advance!
View this thread
This problem started a few days ago as a result of some malware that infected the PC. I believe the malware is gone now. At least the Microsoft Security Scanner (msert.exe), MalwareBytes and Hitman Pro all report no issues - even after a reboot and use of
Internet Explorer.
Belowis the list of malware stopped/removed chronologically, by tool.
Threats stopped by TrendMico Antivirus:
Threat Files Affected
Mal_Xin12 C:RECYLERS-1-5-21-3319695166-3526112567-1141$a7f1669b049d81421a31d2a5a58d40af@
Mal_Xin12 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40af@
Mal_Xin12 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40af@
Mal_Xin12 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40af@
TROJ_GEN.RCBCDL6 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40afU000000a.@
TROJ_ZEROA.SM2 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40afU800000cb.@
TROJ_SPRN.03L812 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40afU80000000.@
TROJ_SPRN.03L812 C:RECYLERS-1-5-18$a7f1669b049d81421a31d2a5a58d40afU80000000.@
JAVA_EXPLOIT.JS C
ocuments and SettingsApplication DataSunJavaDeploymentcache6.04647861 dee-5378mordorgorlum.classJAVA_EXPLOIT.JS C
ocuments and SettingsApplication DataSunJavaDeploymentcache6.04647861 dee-5378gendalfpoison.classJAVA_EXPLOIT.JS C
ocuments and SettingsApplication DataSunJavaDeploymentcache6.04647861 dee-5378gendalflightening.classJAVA_EXPLOIT.JS C
ocuments and SettingsApplication DataSunJavaDeploymentcache6.04647861 dee-5378gendalffrost.classJAVA_RILLY.AB C
ocuments and SettingsLocal SettingsTempjar_cache2208438118051375752.tmpMilliap.classTROJ_GEN.R3BCDLM C
ocuments and SettingsApplication DataSunJavaDeploymentcache6.0251d98d5d9-6495f90TROJ_GEN.R3BCDLM C
ocuments and SettingsTempNQLUTT.exeThreats stopped by Microsoft Saftey Scanner 1.0.3001.0:
Trojan: Win32/Medfos.A
Trojan: Win32/Medfos.B (partially)
Rogue: Win32/WinWebsec
Trojan: JS/Medfos.A
Trojan: JS/Tracor.F
Trojan Downloader: Win32/Karagamy.I
Threats removed by Hitman Pro (the log can be forwarded if it's helpful):
Malware: rfweit
Trojan: n
Trojan: n
No threats were found or removed by MalwareBytes.
I'm running Windows XP sp3 with all but the very latest updates. The latest update were released just after the problem started so I'm holding off installing the updates until this issue is resolved. As part of the virus removal, all versions of Java have
been removed from the PC.
At this point, I think I just need help getting Windows Firewall working again unless I'm unknowingly missing something. Can you help?
Thanks in advance!
View this thread