Fix Corrupted Windows Services After Virus Infection


Yesterday a client rang about a slow computer, it had recently had a virus removed from it but still wasn’t working quite right. Closer inspection revealed that a lot of the Windows Services were corrupted and would not start at all, while others were missing completely!

Some of the error messages that you might run into that are symptomatic of this problem include:

  • Windows Firewall service (MpsSvc): Error Code 5 or Error Code 0x8007042c.
  • Windows Update: Service cannot be started or service is missing from services list.
  • Base filtering engine (BFE): couldn’t be started (Error 5: Access is denied).

An attempt to run Windows Updates from the control panel failed, as the service was corrupt. While in a lot of cases it is probably a good idea to reinstall Windows from scratch following an issue like this, there are some cases where it is not viable.

This article is aimed at repairing the Windows Update services after a corruption, however it should also restore any other corrupted services back to their default states.

  • Firstly, download ESET’s Service Repair Tool for Windows.
  • Run the tool in Administrator mode (this is important) by right clicking on ServicesRepair.exe and selecting “Run as administrator”.
  • The Service Repair Tool may prompt you to make sure you wish to proceed, click yes and let the tool do it’s thing.
  • Run the Windows Update Troubleshooter¬†utility from Microsoft for either Windows Vista, Windows 7 or Windows 8. (I ran the fix on Win7 so I can only vouch for the fix working on there, but there should be no problem running the troubleshooters in other versions of Windows).
  • Stop the Windows Update service. This can be done by opening the Run dialogue (Hold the Win key and press R on the keyboard if you can’t find it), type in services.msc and press Enter. Scroll down to ‘Windows Update’, right click on it and select ‘Stop’.
  • Navigate to your ‘Windows’ folder and locate the ‘SoftwareDistribution’ folder. The default path is ‘C:\Windows\SoftwareDistribution\. You will need to rename this folder, rename it to ‘SoftwareDistributionOld’.
  • Lastly, restart the Windows Update service, this is done exactly the same way as you stopped it, but instead of clicking ‘Stop’ you will need to click ‘Start’ instead.

Reboot Windows for all the changes to take effect, Windows Update should now work and the rest of your services should be restored. Once you are happy that Windows Update is working correctly, you can delete the ‘SoftwareDistributionOld’ folder.


Leave a Reply