Sysinternals Homepage
Forum Home Forum Home > Windows Discussions > Troubleshooting
  New Posts New Posts RSS Feed - Defender "The handle is invalid." error on Vista64
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Defender "The handle is invalid." error on Vista64

 Post Reply Post Reply
Author
Message
Tabs View Drop Down
Newbie
Newbie


Joined: 24 November 2005
Status: Offline
Points: 29
Post Options Post Options   Thanks (0) Thanks(0)   Quote Tabs Quote  Post ReplyReply Direct Link To This Post Topic: Defender "The handle is invalid." error on Vista64
    Posted: 02 February 2008 at 10:31am
I started getting this error at startup yesterday after rebooting my system:

Windows Defender
---------------------------
Application failed to initialize: 0x80070006. The handle is invalid.

MS's KB article says reinstalling Windows in the only way to fix it - please tell me that's not true!

Thanks,
Ryan
Back to Top
molotov View Drop Down
Moderator Group
Moderator Group
Avatar

Joined: 04 October 2006
Status: Offline
Points: 17516
Post Options Post Options   Thanks (0) Thanks(0)   Quote molotov Quote  Post ReplyReply Direct Link To This Post Posted: 02 February 2008 at 10:34am
Hi Ryan,
 
What MS KB article are you referring to?
 
Have you tried restarting again?  Does the error continue to come up?
 
Any noteworthy events in the event logs?
Daily affirmation:
net helpmsg 4006
Back to Top
Tabs View Drop Down
Newbie
Newbie


Joined: 24 November 2005
Status: Offline
Points: 29
Post Options Post Options   Thanks (0) Thanks(0)   Quote Tabs Quote  Post ReplyReply Direct Link To This Post Posted: 02 February 2008 at 12:41pm
http://support.microsoft.com/?kbid=935511

I have System Restore off (it's a gaming machine) so I can't use the first "solution"...

The only thing I remember doing before this started was clearing out some "File not found" type entries with Autoruns.

No event log things related to Defender since the time this started.  Happens on reboot or when I try to run Defender from the Start Menu.

Ryan


Edited by Tabs - 02 February 2008 at 12:41pm
Back to Top
molotov View Drop Down
Moderator Group
Moderator Group
Avatar

Joined: 04 October 2006
Status: Offline
Points: 17516
Post Options Post Options   Thanks (0) Thanks(0)   Quote molotov Quote  Post ReplyReply Direct Link To This Post Posted: 02 February 2008 at 12:49pm
From the KB:
Quote If you receive the error message that is mentioned in the "Symptoms" sections but you have not uninstalled Windows Defender through Programs and Features, you may be receiving this error message because of a different issue. The steps in this article address only issues in which Windows Defender has been removed from the system.
 
Did you attempt to uninstall Defender?  If not, this specific article may not apply to you.  But, that doesn't mean that it cannot be used to some benefit.  If you haven't tried uninstalling Defender, you might consider it...  If the installation is damaged, uninstalling and reinstalling may be worth a shot.
 
Quote The only thing I remember doing before this started was clearing out some "File not found" type entries with Autoruns.
Can you undo what you did in Autoruns?  Or did you Delete instead of Disable?  If you removed something Defender considers important, it may have damaged the install.
Daily affirmation:
net helpmsg 4006
Back to Top
Tabs View Drop Down
Newbie
Newbie


Joined: 24 November 2005
Status: Offline
Points: 29
Post Options Post Options   Thanks (0) Thanks(0)   Quote Tabs Quote  Post ReplyReply Direct Link To This Post Posted: 02 February 2008 at 5:16pm
molotov,

No - it's Vista, I don't even think there is a way to uninstall/reinstall Defender on it is there?

Deleted in autoruns unfortunately - it was all things that had "File not found" as if they were old entries and not even valid things.
Back to Top
molotov View Drop Down
Moderator Group
Moderator Group
Avatar

Joined: 04 October 2006
Status: Offline
Points: 17516
Post Options Post Options   Thanks (0) Thanks(0)   Quote molotov Quote  Post ReplyReply Direct Link To This Post Posted: 02 February 2008 at 7:32pm
Quote I don't even think there is a way to uninstall/reinstall Defender on it is there?
Until I read the KB article, I didn't think so.  But, the KB article states:
Quote If you receive the error message that is mentioned in the "Symptoms" sections but you have not uninstalled Windows Defender through Programs and Features,
This is why said, "that doesn't mean that it cannot be used to some benefit" - if the KB article indicates that Defender can be uninstalled through "Programs and Features", it may be worth checking out.
 
The KB article MAY be referring to the scenario where one has XP installed, and has installed Defender.  Then, one upgrades to Vista, and attempts to uninstall Defender.  But it is not clear to me if this is truly what the article is talking about. 
Daily affirmation:
net helpmsg 4006
Back to Top
Tabs View Drop Down
Newbie
Newbie


Joined: 24 November 2005
Status: Offline
Points: 29
Post Options Post Options   Thanks (0) Thanks(0)   Quote Tabs Quote  Post ReplyReply Direct Link To This Post Posted: 03 February 2008 at 2:02am
Yeah I think that's what it is - I can't find any reference to Defender anywhere in Programs and Features...  This is a clean install of Vista, not an upgrade anyway...

Time to reformat I guess... ugh.


Edited by Tabs - 03 February 2008 at 2:03am
Back to Top
molotov View Drop Down
Moderator Group
Moderator Group
Avatar

Joined: 04 October 2006
Status: Offline
Points: 17516
Post Options Post Options   Thanks (0) Thanks(0)   Quote molotov Quote  Post ReplyReply Direct Link To This Post Posted: 03 February 2008 at 2:01pm
Though a repair install may be sufficient, I can understand the desire to completely reformat in a situation like this.
Daily affirmation:
net helpmsg 4006
Back to Top
jmburton2001 View Drop Down
Newbie
Newbie
Avatar

Joined: 17 April 2007
Location: United States
Status: Offline
Points: 2
Post Options Post Options   Thanks (0) Thanks(0)   Quote jmburton2001 Quote  Post ReplyReply Direct Link To This Post Posted: 13 November 2008 at 11:17am
I have had this problem for over 200 days and was not going to wipe my system (Vista Home Premium SP1 64bit) just to get rid of this error. I found the following and merged it into my registry. The issue went away and Defender is now working! Big%20smile

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend]
"DisplayName"="@%ProgramFiles%\\Windows Defender\\MsMpRes.dll,-103"
"ErrorControl"=dword:00000001
"Group"="COM Infrastructure"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,73,00,65,00,63,00,73,00,76,00,63,00,73,00,00,00
"Start"=dword:00000002
"Type"=dword:00000020
"Description"="@%ProgramFiles%\\Windows Defender\\MsMpRes.dll,-3068"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00
"ObjectName"="LocalSystem"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,42,00,61,00,63,00,6b,00,75,00,70,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,52,00,65,00,73,00,\
74,00,6f,00,72,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,44,00,65,00,62,00,75,00,67,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,\
6c,00,65,00,67,00,65,00,00,00,53,00,65,00,53,00,65,00,63,00,75,00,72,00,69,00,74,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,00,01,00,00,00,60,ea,00,00,01,00,00,00,60,ea,00,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceDll"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,44,00,65,00,66,00,65,00,6e,00,64,00,65,00,72,00,5c,00,6d,00,70,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\Security]
"Security"=hex:01,00,14,80,04,01,00,00,10,01,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,d4,00,07,00,00,00,00,00,28,00,ff,01,0f,00,01,06,00,00,00,00,00,05,50,00,00,00,b5,89,fb,38,19,84,c2,cb,5c,6c,23,6d,57,00,77,6e,c0,02,64,87,00,0b,28,00,00,00,00,10,01,06,00,00,00,00,00,05,50,00,00,00,b5,89,fb,38,19,84,c2,cb,5c,6c,23,6d,57,00,77,6e,c0,02,64,87,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,28,00,15,00,00,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\Enum]
"0"="Root\\LEGACY_WINDEFEND\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

I copied this out of their post, pasted it into notepad, saved the file as Defender.reg and then merged it. Rebooted and all is well.
Back to Top
molotov View Drop Down
Moderator Group
Moderator Group
Avatar

Joined: 04 October 2006
Status: Offline
Points: 17516
Post Options Post Options   Thanks (0) Thanks(0)   Quote molotov Quote  Post ReplyReply Direct Link To This Post Posted: 13 November 2008 at 11:24am
Hi jmburton2001,

Thanks for posting what fixed the problem for you.

Quote I copied this out of their post
Who is "their"?

Did you happen to compare your original settings, to what this .REG file replaced them with?


Edited by molotov - 13 November 2008 at 11:28am
Daily affirmation:
net helpmsg 4006
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down