Repairing Critical Windows 7 Services After Virus Infection

After recovering from nasty malware and rootkit infections, often, users encounter issues with certain Windows services, especially those related to the Windows Security Center, Windows Firewall, and Base Filtering Engine. Such services may not starting due to missing registry keys, permissions, and DLL file registrations. After researching the issue, I came across a couple of methods to fixed the problem. Depending on your technical skills, you may choose to fix the issues with the BFE service, Windows Firewall service, and Windows Security Center automatically by running the utility provided. Manual repair options are provided as well.

Fixing Windows Security Services Automatically

Automated Services Repair Tool

Run as Administrator. Restart the PC. After rebooting, Firewall and critical missing services should work.

 

Fixing Windows Security Services Manually

  • Download both the registry files listed below
    • Windows Firewall – Firewall
    • Base Filtering Engine – BFE
  • Double click each file and accept the UAC prompt. Then restart your PC
  • When computer boots up, press Windows+ R key
  • Type “regedit” and click ok
  • Navigate to “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy”
  • Right click on it and click Permissions click on “Add”
  • Type “NT Service\BFE” and click “Check Names”
  • Now Click on BFE – Below you have Permission for Users
  • Select
    • “Query Value”
    • “Set Value”
    • “Create Subkey”
    • “Enumerate Subkeys”
    • “Notify”
    • “Read Control”
  • Click ok
  • Now, open RUN and type “services.msc” and click ok
  • Start Base Filtering Engine service and then windows firewall service

If you still have the following error “Windows could not start Windows Firewall on local Computer. See event log, if non-windows services contact vendor. Error code 5.”

  • Download and run the Shared access registry key, click YES on the UAC prompt
  • Grant full control permission to the following registry key like previously done above
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess
  • Right click on it, select “Permissions”
  • Click on “Add” and type
    • “Everyone” and select Full control
  • You should able to start firewall now

** You may also be missing Windows Security Center, Windows Defender, BITS, and Windows Update Services. In such case, download the registry keys listed below and follow the same process described above.

Launch them and click YES when you get a UAC prompt