W7 64-bit possible rootkit infection Error Code 0x80070424 on Firewall

Page 1 of 3 123 LastLast

  1. Posts : 40
    Windows 7 Ultimate 64-Bit
       #1

    W7 64-bit possible rootkit infection Error Code 0x80070424 on Firewall


    Hi there

    I've been experiencing some weird problems where a 'System64' folder has been created in my Windows folder, when I am running Windows 7 64-Bit, I am led to believe that there should be no folder called 'System64' - instead there's just system32 & SysWOW64 (am I correct in that?)

    Anyway, other than that, the other reason I think I have some gremlin in my system is because the Windows Firewall service refuses to run, it comes up with the Error Code 0x80070424

    Would appreciate if you could provide any help you can with this, I am in the process of running a scan with aswMBR and will post the log results if it finds anything (will a quick scan be sufficient?)

    I have updated my PC specs on my profile.

    Kind Regards
      My Computer


  2. Posts : 40
    Windows 7 Ultimate 64-Bit
    Thread Starter
       #2

    Here are the results of the scan

    14:24:23.167 File: C:\Windows\system32\consrv.dll **INFECTED** Win32:Sirefef-HO [Rtk]
    14:29:15.299 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-FQ [Drp]
    14:29:16.707 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-HO [Rtk]
    14:30:04.884 File: C:\Windows\assembly\temp\U\80000032.@ **INFECTED** Win32NSChanger-VJ [Trj]
    14:30:04.928 File: C:\Windows\assembly\temp\U\80000064.@ **INFECTED** Win32:Malware-gen
      My Computer


  3. Posts : 1,533
    Windows 7 Professional x64 Service Pack 1
       #3

    Simcut said:
    Hi there

    I've been experiencing some weird problems where a 'System64' folder has been created in my Windows folder, when I am running Windows 7 64-Bit, I am led to believe that there should be no folder called 'System64' - instead there's just system32 & SysWOW64 (am I correct in that?)

    Anyway, other than that, the other reason I think I have some gremlin in my system is because the Windows Firewall service refuses to run, it comes up with the Error Code 0x80070424

    Would appreciate if you could provide any help you can with this, I am in the process of running a scan with aswMBR and will post the log results if it finds anything (will a quick scan be sufficient?)

    I have updated my PC specs on my profile.

    Kind Regards
    Run a Windows Defender offline scan: Windows Defender Offline
    Next, run a scan with Malwarebytes: Malwarebytes Anti-Malware - CNET Download.com

    Finally, run a scan with TDSS Killer: TDSSKiller Download
    After you have removed the infections that each scanner has found, run scans with all 3 again and make sure that the infections have been removed. Also, remove the infections that were found with your antivirus.
      My Computer


  4. Posts : 40
    Windows 7 Ultimate 64-Bit
    Thread Starter
       #4

    Thanks, will make a bootable CD for Windows Defender Offline now, is it worth scanning all of my hard drives, not just the C drive?

    Kind Regards
      My Computer


  5. Posts : 1,533
    Windows 7 Professional x64 Service Pack 1
       #5

    Simcut said:
    Thanks, will make a bootable CD for Windows Defender Offline now, is it worth scanning all of my hard drives, not just the C drive?

    Kind Regards
    Yes. Scan all of your hard drives and any flash drives you may have too.
      My Computer


  6. Posts : 40
    Windows 7 Ultimate 64-Bit
    Thread Starter
       #6

    Windows Defender found some infections and it's removed them all, I am now doing a scan with Malwarebytes Anti-Malware

    By the way, Windows Firewall still wont open, this time it comes up with an error saying:-

    "Windows Firewall can't change some of your settings.
    Error code 0x8007042c"

    Regards
      My Computer


  7. Posts : 1,533
    Windows 7 Professional x64 Service Pack 1
       #7

    Simcut said:
    Windows Defender found some infections and it's removed them all, I am now doing a scan with Malwarebytes Anti-Malware
    This is great! We're making good progress:)
      My Computer


  8. Posts : 40
    Windows 7 Ultimate 64-Bit
    Thread Starter
       #8

    Indeed we are!

    Malwarebytes found some items too, which have been deleted, I'm going to reboot my machine now and do a re-scan firstly with aswMBR

    Cheers
      My Computer


  9. Posts : 10,200
    MS Windows 7 Ultimate SP1 64-bit
       #9

    Your system should not be re-infected that quickly.

    Are you perhaps using P2P software, for example, torrent, bittorrent, vuze?

    Are you reinserting an infected usb stick?
      My Computer


  10. Posts : 40
    Windows 7 Ultimate 64-Bit
    Thread Starter
       #10

    I do use utorrent normally, but I downloaded the software from filehippo, and I do not use any form of public tracker to download anything, and I have used that particular version for a long time without any problems.

    I am not using any usb stick whatsoever, so that can be ruled out :)

    Anyway, I have now scanned with Malwarebytes, aswMBR, tdsskiller and they all report no issues, so far so good it seems the rootkit has gone, I just need to get Windows Firewall working again though.

    "Windows Firewall can't change some of your settings.
    Error code 0x8007042c"

    any ideas? thanks!
      My Computer


 
Page 1 of 3 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 10:18.
Find Us