Anyone Know How To Remove Vista Security 2011?

Help and Discussion

Moderator: The Mod Squad

Anyone Know How To Remove Vista Security 2011?

Postby OneSpirit » Wed Apr 27, 2011 9:43 am

I have this friend that has this vista security 2011 on their computer and it is causing problems ... asking for money to fix things that don't exist it's not in the add remove so how does one get rid of it ... the OS is vista home edition.

Is a special tool required? Thanks.
Main Rig_Intel i7 4770k@3.50
ECS H87H3-WM Ver1
16Gb DDR3 1600
Evga GTX 1050Ti GPU
WD100000 SATA 7200RPM
Seagate 1TB SATA 7200RPM
Corsair CX750M
Win7 Ultimate x64
Rig2_AMD FX8120
GIGABYTE GA-M68MT-S2 Mobo
4Gb DDR3 1600
ZOTAC GeForce GTX 550TI
Seagate 1TB SATA 7200RPM
WD100000 SATA 7200RPM
Rosewill M650
Win7 64
OneSpirit
Black Belt
Black Belt
 
Posts: 912
Joined: Mon Feb 25, 2002 1:01 am
Location: The Great State of Ohio

Never mind ... problem solved

Postby OneSpirit » Wed Apr 27, 2011 12:35 pm

I used spybot to get rid of it. It would not allow me to install AVG free, but I was able to install spybot and that took care of the beast. What an insult that is. It will not allow you to go online through any of the browsers until you get the "registered" version of that rip off. There should be a law against dummies like that!
Main Rig_Intel i7 4770k@3.50
ECS H87H3-WM Ver1
16Gb DDR3 1600
Evga GTX 1050Ti GPU
WD100000 SATA 7200RPM
Seagate 1TB SATA 7200RPM
Corsair CX750M
Win7 Ultimate x64
Rig2_AMD FX8120
GIGABYTE GA-M68MT-S2 Mobo
4Gb DDR3 1600
ZOTAC GeForce GTX 550TI
Seagate 1TB SATA 7200RPM
WD100000 SATA 7200RPM
Rosewill M650
Win7 64
OneSpirit
Black Belt
Black Belt
 
Posts: 912
Joined: Mon Feb 25, 2002 1:01 am
Location: The Great State of Ohio

Postby bdub » Wed Apr 27, 2011 12:52 pm

you should prolly still do at least one or two other scans... malwarebytes and super anti-spware, and run them in safe mode. it would also be prudent to turn off all system restore points, reboot, then turn system restore back on.
my main rig...
asrock 970 extreme3
AMD athlonII X3 440
zalman cpns5x performa hs/fan
crucial ballistix 2x4gb sport ddr3-1333
powercolor ax7750 1GBK3-H vga
antec neo he 650r
Samsung 840 EVo SSD 120 GB
toshiba 2TB HDD 64M cache sata3
seagate 1TB HDD 64M cache sata3
hitachi 2TB HDD 64M cache sata3
lg wh14ns40 bd burner
optiarc ad-7240s sata dvdrw (nec chipset)
bdub
Black Belt 3rd Degree
Black Belt 3rd Degree
 
Posts: 3657
Joined: Wed Feb 19, 2003 2:12 am
Location: Washington D.C.

Re: Never mind ... problem solved

Postby Roach412 » Wed Apr 27, 2011 1:05 pm

OneSpirit wrote:I used spybot to get rid of it. It would not allow me to install AVG free, but I was able to install spybot and that took care of the beast. What an insult that is. It will not allow you to go online through any of the browsers until you get the "registered" version of that rip off. There should be a law against dummies like that!


considering that vista security 2011 is a virus/malware, it's trying to get you to provide banking/credit card information - it wouldn't provide you with any "registered" version...it's a ploy to get you to think you're being stopped by a valid security software, which it's not.

do like bdub said - get malwarebytes at the least and run it in safe mode. have your friend be more vigilant to the sites they frequent, and files they open. :oops:

-Roach
Lian Li Lancool First Knight Series PC-K59W
Intel Core i7-960 Bloomfield 3.2GHz
EVGA X58 FTW3 132-GT-E768-TR
EVGA GeForce GTX 1070 FTW GAMING ACX 3.0
G.SKILL Ripjaws Series 12GB (3 x 4GB)
Crucial M4 128gb SATAIII SSD x2
Crucial M4 256gb SATAIII SSD
OCZ Saber 1000 960GB Enterprise SSD
Corsair Professional Series HX850 PSU
Dell UltraSharp U2713HM 27" w/drop ceiling mount
Logitech G930 7.1 Headset
DBPOWER RGB LED Keyboard
Logitech G402 Hyperion Fury
Roach412
Black Belt 2nd Degree
Black Belt 2nd Degree
 
Posts: 2717
Joined: Mon Aug 09, 2004 7:33 pm
Location: Milwaukee - Wisconsin

Postby fussnfeathers » Wed Apr 27, 2011 1:35 pm

There's a few of those making the rounds these days. The last one I ran into started with the machine, would allow you to open the browser, but not see anything, disabled firewall and AV, the works. All of them so far have required a complete drive wipe and reinstall.
Faster than the speed of snot

Two wrongs don't make it right, but I sleep pretty good at night
fussnfeathers
Mobo-fu Master
Mobo-fu Master
 
Posts: 3147
Joined: Thu Dec 04, 2008 8:25 pm
Location: Right behind you

Another problem ... dang it. :(

Postby OneSpirit » Wed Apr 27, 2011 8:38 pm

fussnfeathers wrote:There's a few of those making the rounds these days. The last one I ran into started with the machine, would allow you to open the browser, but not see anything, disabled firewall and AV, the works. All of them so far have required a complete drive wipe and reinstall.


Don't you hate it when that has to happen! The @holes that put out this crap should get some of their own medicine!

Ok I got something else that is related going down ...
I'm getting this error with window vista ... Windows Defender "Application failed to initialize: 0x80070006. The Handle is invalid" ... and I found this fix at this website.... at the bottom he has this fix, at least I think I did ... but I'm not sure how to implement it.

Fortunately, the error is pretty easy to figure out: Windows Defender cannot acquire a handle on the WinDefend service ... because this service does not exist!

Why on earth was the WinDefend service removed from my computer ? I guess I'll never know. But for the time being, it is enough to export the following registry key from another Vista computer, and to import it back again:

HKLM\SYSTEM\CurrentControlSet\Services\WinDefend

Case solved !


So can anyone tell me how to put this key into the registry? I don't see any HKLM in the registry at least in the registry edit.
Main Rig_Intel i7 4770k@3.50
ECS H87H3-WM Ver1
16Gb DDR3 1600
Evga GTX 1050Ti GPU
WD100000 SATA 7200RPM
Seagate 1TB SATA 7200RPM
Corsair CX750M
Win7 Ultimate x64
Rig2_AMD FX8120
GIGABYTE GA-M68MT-S2 Mobo
4Gb DDR3 1600
ZOTAC GeForce GTX 550TI
Seagate 1TB SATA 7200RPM
WD100000 SATA 7200RPM
Rosewill M650
Win7 64
OneSpirit
Black Belt
Black Belt
 
Posts: 912
Joined: Mon Feb 25, 2002 1:01 am
Location: The Great State of Ohio

Postby bdub » Thu Apr 28, 2011 6:18 am

do you have m$ security essentials installed, and is it running correctly?

hklm is for hkey local machine, do you see that in registry?
my main rig...
asrock 970 extreme3
AMD athlonII X3 440
zalman cpns5x performa hs/fan
crucial ballistix 2x4gb sport ddr3-1333
powercolor ax7750 1GBK3-H vga
antec neo he 650r
Samsung 840 EVo SSD 120 GB
toshiba 2TB HDD 64M cache sata3
seagate 1TB HDD 64M cache sata3
hitachi 2TB HDD 64M cache sata3
lg wh14ns40 bd burner
optiarc ad-7240s sata dvdrw (nec chipset)
bdub
Black Belt 3rd Degree
Black Belt 3rd Degree
 
Posts: 3657
Joined: Wed Feb 19, 2003 2:12 am
Location: Washington D.C.

Postby OneSpirit » Thu Apr 28, 2011 6:48 am

I uninstalled M$ security because I installed avg free and zone alarm ... does it need it? Yes I do see that in the registry ...
Main Rig_Intel i7 4770k@3.50
ECS H87H3-WM Ver1
16Gb DDR3 1600
Evga GTX 1050Ti GPU
WD100000 SATA 7200RPM
Seagate 1TB SATA 7200RPM
Corsair CX750M
Win7 Ultimate x64
Rig2_AMD FX8120
GIGABYTE GA-M68MT-S2 Mobo
4Gb DDR3 1600
ZOTAC GeForce GTX 550TI
Seagate 1TB SATA 7200RPM
WD100000 SATA 7200RPM
Rosewill M650
Win7 64
OneSpirit
Black Belt
Black Belt
 
Posts: 912
Joined: Mon Feb 25, 2002 1:01 am
Location: The Great State of Ohio

Is this it?

Postby OneSpirit » Thu Apr 28, 2011 7:17 am

I think this is what is needed but I don't know how to put into the registry ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend]
"DisplayName"="@%ProgramFiles%\\Windows Defender\\MsMpRes.dll,-103"
"ErrorControl"=dword:00000001
"Group"="COM Infrastructure"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,73,00,65,00,63,00,73,00,76,00,63,00,73,00,00,00
"Start"=dword:00000002
"Type"=dword:00000020
"Description"="@%ProgramFiles%\\Windows Defender\\MsMpRes.dll,-3068"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00
"ObjectName"="LocalSystem"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,42,00,61,00,63,00,6b,00,75,00,70,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,52,00,65,00,73,00,\
74,00,6f,00,72,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,44,00,65,00,62,00,75,00,67,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,\
6c,00,65,00,67,00,65,00,00,00,53,00,65,00,53,00,65,00,63,00,75,00,72,00,69,00,74,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,00,01,00,00,00,60,ea,00,00,01,00,00,00,60,ea,00,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceDll"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,44,00,65,00,66,00,65,00,6e,00,64,00,65,00,72,00,5c,00,6d,00,70,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\Security]
"Security"=hex:01,00,14,80,04,01,00,00,10,01,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,d4,00,07,00,00,00,00,00,28,00,ff,01,0f,00,01,06,00,00,00,00,00,05,50,00,00,00,b5,89,fb,38,19,84,c2,cb,5c,6c,23,6d,57,00,77,6e,c0,02,64,87,00,0b,28,00,00,00,00,10,01,06,00,00,00,00,00,05,50,00,00,00,b5,89,fb,38,19,84,c2,cb,5c,6c,23,6d,57,00,77,6e,c0,02,64,87,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,28,00,15,00,00,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\Enum]
"0"="Root\\LEGACY_WINDEFEND\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001




anyone know how?
Main Rig_Intel i7 4770k@3.50
ECS H87H3-WM Ver1
16Gb DDR3 1600
Evga GTX 1050Ti GPU
WD100000 SATA 7200RPM
Seagate 1TB SATA 7200RPM
Corsair CX750M
Win7 Ultimate x64
Rig2_AMD FX8120
GIGABYTE GA-M68MT-S2 Mobo
4Gb DDR3 1600
ZOTAC GeForce GTX 550TI
Seagate 1TB SATA 7200RPM
WD100000 SATA 7200RPM
Rosewill M650
Win7 64
OneSpirit
Black Belt
Black Belt
 
Posts: 912
Joined: Mon Feb 25, 2002 1:01 am
Location: The Great State of Ohio

Postby bdub » Thu Apr 28, 2011 7:39 am

put that code in a text file and rename the text file to have ".reg" at the end. then double click the reg file and it'll insert it. you should backup entire registry before you do this.

i was just wondering if bit defender was turned off because MSE turned it off, and i was also wondering if MSE was intact. MSE wouls be better to have on that system than not. i don't like AVG much, but i think it'd be ok to run the two together.
my main rig...
asrock 970 extreme3
AMD athlonII X3 440
zalman cpns5x performa hs/fan
crucial ballistix 2x4gb sport ddr3-1333
powercolor ax7750 1GBK3-H vga
antec neo he 650r
Samsung 840 EVo SSD 120 GB
toshiba 2TB HDD 64M cache sata3
seagate 1TB HDD 64M cache sata3
hitachi 2TB HDD 64M cache sata3
lg wh14ns40 bd burner
optiarc ad-7240s sata dvdrw (nec chipset)
bdub
Black Belt 3rd Degree
Black Belt 3rd Degree
 
Posts: 3657
Joined: Wed Feb 19, 2003 2:12 am
Location: Washington D.C.

Next

Return to Virus/Spyware/Security

Who is online

Users browsing this forum: No registered users and 1 guest

cron