The Broadband Guide
search advanced
 search
FAQs Categories:

Possible rootkit infection, Windows Firewall error code 0x80070424 ?

Error code 0x80070424 (or 0x80070422) occuring when trying to enable the Windows Firewall, or Defender usually indicates the presence of a trojan/rootkit on a 64-bit Windows 7/Vista.

The key to resolving this issue is cleaning the rootkit/virus from your computer.

One of the most widely spread rootkits, and a likely cause is the Zero Access Rootkit , a.k.a. Win32:Sirefef

You can confirm its presence by looking for the following folder:
C:/WINDOWS/SYSTEM64 (not the sysWOW64)
and the following file:
C:/WINDOWS/SYSTEM32/CONSRV.DLL

First, try to clean the rootkit, you can use one of the following tools:

ESET Sirefef (ZeroAccess) Cleaner Tool
McAfee Rootkit Remover

Once your system is cleaned up, you should run a full scan with a reputable recent Antivirus program, and install Windows Security updates. It is also a good idea to run the rootkit removal tools again after a reboot to verify that they do not find the same issue and were able to clean it successfully.

Below is a short list of some free Antivirus/Antimalware programs we recommend. Please note you should only run one antivirus program, as they may interfere with each other. You can, however, install both antivirus and anti-spyware software, as long as you only leave one running.

Microsoft Security Essentials
Bitdefender Antivirus Free
Avast! Free Antivirus
Malwarebytes Anti-Malware Free


  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About