Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: W7 64-bit possible rootkit infection Error Code 0x80070424 on Firewall

30 May 2012   #1
Simcut

Windows 7 Ultimate 64-Bit
 
 
W7 64-bit possible rootkit infection Error Code 0x80070424 on Firewall

Hi there

I've been experiencing some weird problems where a 'System64' folder has been created in my Windows folder, when I am running Windows 7 64-Bit, I am led to believe that there should be no folder called 'System64' - instead there's just system32 & SysWOW64 (am I correct in that?)

Anyway, other than that, the other reason I think I have some gremlin in my system is because the Windows Firewall service refuses to run, it comes up with the Error Code 0x80070424

Would appreciate if you could provide any help you can with this, I am in the process of running a scan with aswMBR and will post the log results if it finds anything (will a quick scan be sufficient?)

I have updated my PC specs on my profile.

Kind Regards


My System SpecsSystem Spec
.

30 May 2012   #2
Simcut

Windows 7 Ultimate 64-Bit
 
 

Here are the results of the scan

14:24:23.167 File: C:\Windows\system32\consrv.dll **INFECTED** Win32:Sirefef-HO [Rtk]
14:29:15.299 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-FQ [Drp]
14:29:16.707 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-HO [Rtk]
14:30:04.884 File: C:\Windows\assembly\temp\U\80000032.@ **INFECTED** Win32NSChanger-VJ [Trj]
14:30:04.928 File: C:\Windows\assembly\temp\U\80000064.@ **INFECTED** Win32:Malware-gen
My System SpecsSystem Spec
30 May 2012   #3
windude99

Windows 7 Professional x64 Service Pack 1
 
 

Quote   Quote: Originally Posted by Simcut View Post
Hi there

I've been experiencing some weird problems where a 'System64' folder has been created in my Windows folder, when I am running Windows 7 64-Bit, I am led to believe that there should be no folder called 'System64' - instead there's just system32 & SysWOW64 (am I correct in that?)

Anyway, other than that, the other reason I think I have some gremlin in my system is because the Windows Firewall service refuses to run, it comes up with the Error Code 0x80070424

Would appreciate if you could provide any help you can with this, I am in the process of running a scan with aswMBR and will post the log results if it finds anything (will a quick scan be sufficient?)

I have updated my PC specs on my profile.

Kind Regards
Run a Windows Defender offline scan: Windows Defender Offline
Next, run a scan with Malwarebytes: Malwarebytes Anti-Malware - CNET Download.com

Finally, run a scan with TDSS Killer: TDSSKiller Download
After you have removed the infections that each scanner has found, run scans with all 3 again and make sure that the infections have been removed. Also, remove the infections that were found with your antivirus.
My System SpecsSystem Spec
.


30 May 2012   #4
Simcut

Windows 7 Ultimate 64-Bit
 
 

Thanks, will make a bootable CD for Windows Defender Offline now, is it worth scanning all of my hard drives, not just the C drive?

Kind Regards
My System SpecsSystem Spec
30 May 2012   #5
windude99

Windows 7 Professional x64 Service Pack 1
 
 

Quote   Quote: Originally Posted by Simcut View Post
Thanks, will make a bootable CD for Windows Defender Offline now, is it worth scanning all of my hard drives, not just the C drive?

Kind Regards
Yes. Scan all of your hard drives and any flash drives you may have too.
My System SpecsSystem Spec
30 May 2012   #6
Simcut

Windows 7 Ultimate 64-Bit
 
 

Windows Defender found some infections and it's removed them all, I am now doing a scan with Malwarebytes Anti-Malware

By the way, Windows Firewall still wont open, this time it comes up with an error saying:-

"Windows Firewall can't change some of your settings.
Error code 0x8007042c"

Regards
My System SpecsSystem Spec
30 May 2012   #7
windude99

Windows 7 Professional x64 Service Pack 1
 
 

Quote   Quote: Originally Posted by Simcut View Post
Windows Defender found some infections and it's removed them all, I am now doing a scan with Malwarebytes Anti-Malware
This is great! We're making good progress
My System SpecsSystem Spec
30 May 2012   #8
Simcut

Windows 7 Ultimate 64-Bit
 
 

Indeed we are!

Malwarebytes found some items too, which have been deleted, I'm going to reboot my machine now and do a re-scan firstly with aswMBR

Cheers
My System SpecsSystem Spec
30 May 2012   #9
karlsnooks

MS Windows 7 Ultimate SP1 64-bit
 
 

Your system should not be re-infected that quickly.

Are you perhaps using P2P software, for example, torrent, bittorrent, vuze?

Are you reinserting an infected usb stick?
My System SpecsSystem Spec
30 May 2012   #10
Simcut

Windows 7 Ultimate 64-Bit
 
 

I do use utorrent normally, but I downloaded the software from filehippo, and I do not use any form of public tracker to download anything, and I have used that particular version for a long time without any problems.

I am not using any usb stick whatsoever, so that can be ruled out

Anyway, I have now scanned with Malwarebytes, aswMBR, tdsskiller and they all report no issues, so far so good it seems the rootkit has gone, I just need to get Windows Firewall working again though.

"Windows Firewall can't change some of your settings.
Error code 0x8007042c"

any ideas? thanks!
My System SpecsSystem Spec
Reply

 W7 64-bit possible rootkit infection Error Code 0x80070424 on Firewall




Thread Tools





Similar help and support threads
Thread Forum
Receiving error code: 0x80070424 Windows Firewall can't change some...
Originally I wanted to turn my Windows firewall off because I heard I can get a better online experience when playing a game, but when I go "turn Windows Firewall on or off" in the Control Panel, it tells me "Windows is not using recommended settings to protect your computer", so I click on " use...
System Security
Windows 7 Firewall Error 0x80070424
Recently I have decided to check up on my firewall and I noticed an error message 0x80070424 if I try to start it. I have run malwarebytes and Microsoft Security Essential scans and there were no signs of any viruses. I have no idea when this happened, but any information on how to fix this problem...
System Security
window 7 firewall error code 0x80070424
my computer is window7 ultimate 32 bit. Recently, I just got error code of firewall. I could not change firewall at all. the code error is like this. error code 0x80070424 when I try to change it in Window Normal Start. error code 0x6D9 when I try to change it in Safe Mode. here are the...
System Security
Possible rootkit infection - Error Code 0x80070424 with Windows
I cannot open Firewall, Defender or any security functions within windows without this error message popping up. However, I have run Anti-rootkit utility TDSSKiller as well as Sophos anti-rootkit, but they both say that my machine is clean. I am running Win 7 64 bit. I read this in another...
System Security
Problem with Firewall,error 0x80070424
I cannot control my Firewall. Here is on English!! http://www.zaslike.com/files/ht6ud7w1wdwcz6c2wms.png
System Security
Win7 Firewall won't turn on error code 0x6D9 and error code 0x80070424
Ok - I'm trying to fix my friends' computer - Toshiba Satellite L455-S5975 running Windows 7 32-bit Windows firewall is off and I need to "Update Firewall Settings". When I click use recommended settings, I get a message that says it "can't change some of your settings. Error code 0x80070424" I...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 02:40.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App