Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: W7 64-bit possible rootkit infection Error Code 0x80070424 on Firewall


30 May 2012   #1

Windows 7 Ultimate 64-Bit
 
 
W7 64-bit possible rootkit infection Error Code 0x80070424 on Firewall

Hi there

I've been experiencing some weird problems where a 'System64' folder has been created in my Windows folder, when I am running Windows 7 64-Bit, I am led to believe that there should be no folder called 'System64' - instead there's just system32 & SysWOW64 (am I correct in that?)

Anyway, other than that, the other reason I think I have some gremlin in my system is because the Windows Firewall service refuses to run, it comes up with the Error Code 0x80070424

Would appreciate if you could provide any help you can with this, I am in the process of running a scan with aswMBR and will post the log results if it finds anything (will a quick scan be sufficient?)

I have updated my PC specs on my profile.

Kind Regards


My System SpecsSystem Spec
.

30 May 2012   #2

Windows 7 Ultimate 64-Bit
 
 

Here are the results of the scan

14:24:23.167 File: C:\Windows\system32\consrv.dll **INFECTED** Win32:Sirefef-HO [Rtk]
14:29:15.299 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-FQ [Drp]
14:29:16.707 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-HO [Rtk]
14:30:04.884 File: C:\Windows\assembly\temp\U\80000032.@ **INFECTED** Win32NSChanger-VJ [Trj]
14:30:04.928 File: C:\Windows\assembly\temp\U\80000064.@ **INFECTED** Win32:Malware-gen
My System SpecsSystem Spec
30 May 2012   #3

Windows 7 Professional x64 Service Pack 1
 
 

Quote   Quote: Originally Posted by Simcut View Post
Hi there

I've been experiencing some weird problems where a 'System64' folder has been created in my Windows folder, when I am running Windows 7 64-Bit, I am led to believe that there should be no folder called 'System64' - instead there's just system32 & SysWOW64 (am I correct in that?)

Anyway, other than that, the other reason I think I have some gremlin in my system is because the Windows Firewall service refuses to run, it comes up with the Error Code 0x80070424

Would appreciate if you could provide any help you can with this, I am in the process of running a scan with aswMBR and will post the log results if it finds anything (will a quick scan be sufficient?)

I have updated my PC specs on my profile.

Kind Regards
Run a Windows Defender offline scan: Windows Defender Offline
Next, run a scan with Malwarebytes: Malwarebytes Anti-Malware - CNET Download.com

Finally, run a scan with TDSS Killer: TDSSKiller Download
After you have removed the infections that each scanner has found, run scans with all 3 again and make sure that the infections have been removed. Also, remove the infections that were found with your antivirus.
My System SpecsSystem Spec
.


30 May 2012   #4

Windows 7 Ultimate 64-Bit
 
 

Thanks, will make a bootable CD for Windows Defender Offline now, is it worth scanning all of my hard drives, not just the C drive?

Kind Regards
My System SpecsSystem Spec
30 May 2012   #5

Windows 7 Professional x64 Service Pack 1
 
 

Quote   Quote: Originally Posted by Simcut View Post
Thanks, will make a bootable CD for Windows Defender Offline now, is it worth scanning all of my hard drives, not just the C drive?

Kind Regards
Yes. Scan all of your hard drives and any flash drives you may have too.
My System SpecsSystem Spec
30 May 2012   #6

Windows 7 Ultimate 64-Bit
 
 

Windows Defender found some infections and it's removed them all, I am now doing a scan with Malwarebytes Anti-Malware

By the way, Windows Firewall still wont open, this time it comes up with an error saying:-

"Windows Firewall can't change some of your settings.
Error code 0x8007042c"

Regards
My System SpecsSystem Spec
30 May 2012   #7

Windows 7 Professional x64 Service Pack 1
 
 

Quote   Quote: Originally Posted by Simcut View Post
Windows Defender found some infections and it's removed them all, I am now doing a scan with Malwarebytes Anti-Malware
This is great! We're making good progress
My System SpecsSystem Spec
30 May 2012   #8

Windows 7 Ultimate 64-Bit
 
 

Indeed we are!

Malwarebytes found some items too, which have been deleted, I'm going to reboot my machine now and do a re-scan firstly with aswMBR

Cheers
My System SpecsSystem Spec
30 May 2012   #9

MS Windows 7 Ultimate SP1 64-bit
 
 

Your system should not be re-infected that quickly.

Are you perhaps using P2P software, for example, torrent, bittorrent, vuze?

Are you reinserting an infected usb stick?
My System SpecsSystem Spec
30 May 2012   #10

Windows 7 Ultimate 64-Bit
 
 

I do use utorrent normally, but I downloaded the software from filehippo, and I do not use any form of public tracker to download anything, and I have used that particular version for a long time without any problems.

I am not using any usb stick whatsoever, so that can be ruled out

Anyway, I have now scanned with Malwarebytes, aswMBR, tdsskiller and they all report no issues, so far so good it seems the rootkit has gone, I just need to get Windows Firewall working again though.

"Windows Firewall can't change some of your settings.
Error code 0x8007042c"

any ideas? thanks!
My System SpecsSystem Spec
Reply

 W7 64-bit possible rootkit infection Error Code 0x80070424 on Firewall




Thread Tools



Similar help and support threads for2: W7 64-bit possible rootkit infection Error Code 0x80070424 on Firewall
Thread Forum
Receiving error code: 0x80070424 Windows Firewall can't change some... System Security
Solved Windows 7 Firewall Error 0x80070424 System Security
Solved Error Code 0x80070424 System Security
window 7 firewall error code 0x80070424 System Security
Solved Possible rootkit infection - Error Code 0x80070424 with Windows System Security
Problem with Firewall,error 0x80070424 System Security
Win7 Firewall won't turn on error code 0x6D9 and error code 0x80070424 System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:17 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33