The Broadband Guide
search advanced
FAQs Categories:

Possible rootkit infection, Windows Firewall error code 0x80070424 ?

Error code 0x80070424 (or 0x80070422) occuring when trying to enable the Windows Firewall, or Defender usually indicates the presence of a trojan/rootkit on a 64-bit Windows 7/Vista.

The key to resolving this issue is cleaning the rootkit/virus from your computer.

One of the most widely spread rootkits, and a likely cause is the Zero Access Rootkit , a.k.a. Win32:Sirefef

You can confirm its presence by looking for the following folder:
C:/WINDOWS/SYSTEM64 (not the sysWOW64)
and the following file:

First, try to clean the rootkit, you can use one of the following tools:

ESET Sirefef (ZeroAccess) Cleaner Tool
McAfee Rootkit Remover

Once your system is cleaned up, you should run a full scan with a reputable recent Antivirus program, and install Windows Security updates. It is also a good idea to run the rootkit removal tools again after a reboot to verify that they do not find the same issue and were able to clean it successfully.

Below is a short list of some free Antivirus/Antimalware programs we recommend. Please note you should only run one antivirus program, as they may interfere with each other. You can, however, install both antivirus and anti-spyware software, as long as you only leave one running.

Microsoft Security Essentials
Bitdefender Antivirus Free
Avast! Free Antivirus
Malwarebytes Anti-Malware Free

  Post your review/comments
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About