Solved W7 64-bit possible rootkit infection Error Code 0x80070424 on Firewall

[Jacee]

My recommendation regarding a "Backdoor Trojan" and Rootkit, is to do a "clean" installation of the OS... Your computer has been severly compromised!!

I only gave you a link to see if you could start Windows firewall, and since you can't, you'd be best advised to follow karlsnooks and my assessment of your current situation.

 

[Slartybart]

@Simcut: I should have looked a little closer at the output from RepairWinfire.bat - it looks as though you ran it in a regular command prompt. It's difficult to tell solely from the output, but I'm basing that on the directory in the prompt. It is your user\desktop. I would expect Windows\system32 >
It is possible that you changed directories...

If you did run the batch file in an elevated command prompt, then ignore this post.

If you just clicked on Command Prompt, then try the batch file again - this time with elevated rights

HowTo: Right click on command Prompt, select Run as Administrator - answer yes to User Account control.

Sorry I missed that before.

-->edit: I should just go to bed. I read your 2nd post again and saw that you did have some infections reported. Even if your firewall does start, it's good advice to follow from karl and Jacee.

-->edit2: I queried FwcAgent on my machine and it did not exist. I thought that was odd until I realized Norton Security is acting in place of Windows firewall. So my final question is "Do you have another firewall that replaces Windows firewall?" That really is the last bit I can offer. karl and Jacee have the com. Now I am going to bed - goodnight all.

 

[F5ing]

Sorry Jacee, I should've realized you and the OP weren't done with the clean/install.

 

[windude99]

This will help you transfer your data over to the new install. (Be sure to scan your new install of Windwos for viruses after transfering your data from the old, infected installation: http://www.sevenforums.com/tutorials/11470-windows-easy-transfer-transfer-computers.html

 

[Simcut]

Hi guys

Glad to report that I did a reformat of the C drive, and everything is groovy now, Windows Firewall is working again, no pesky viruses either, thanks for your help everyone!

 

[F5ing]

Glad you're all fixed up! You can mark the thread as solved (at the top of the page).

 

[Simcut]

Will do, thank you again

 

[Vikinglord]

If the firewall will not start, run ComboFix from Bleeping Computer. It will restore all of the firewall keys, permissions, and policies.

ComboFix Download