Base Filtering Engine Service repair resolution

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by g264, Dec 13, 2011.

  1. g264

    g264 Private E-2

    There seem to be several variations of infections going around that are damaging the Windows service Base Filtering Engine. The infection is easy enough to remove. The variation on my machine is "Win 7 Internet Security 2012", essentially a garbage file created in %appdata%, hidden there, and linked through the run/open command in the registry.

    I was following a thread here at: http://forums.majorgeeks.com/showthread.php?t=249071 in which admin chaslang seems to have corrected a similar issue (though doing it on TeamView and not posting resolution steps). At this point, I've gotten the service back, dll is in place, but the service will not start (error 5: access is denied).

    If it's not too much trouble, what follow up steps am I missing? The BFE service is now in place after removing the infection with various tools. The unit gets online fine now and after following the prior chaslang thread with user EStrother I now have the BFE service back where it belongs and it's dependencies no longer alert me that BFE is missing. The service is set to auto start, but it won't start, when I run services.msc to start it, it tries to and crashes to the previous error 5 issue. What's going on? Thanks in advance for any help.
     
  2. thisisu

    thisisu Malware Consultant

    Hi and welcome to Major Geeks, g264!

    I apologize for the delay. We have been working on making it easier for users to restore their Windows 7 Firewall.

    I don't know everything that chaslang did step by step, but basically it comes down to registry permissions and missing services in the registry.

    I have blogged about my first hand experience with this infection here: http://thisisudax.blogspot.com/2011/12/windows-7-internet-security-2012-fakeav.html

    I hope this helps! If you still need help restoring your Windows 7 Firewall, please follow this thread: READ and Run Me First
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds