prevx3 showing in vista windows security centre

Discussion in 'other software & services' started by ellison64, Jun 8, 2009.

Thread Status:
Not open for further replies.
  1. ellison64

    ellison64 Registered Member

    Oct 5, 2003
    I used free prevx 3.0 on vista laptop to check for rootkits.I then uninstalled prevx from add remove programs after trying to shutdown from the tray (however i could not kill the process prevx.exe with task manager before uninstalling) however uninstall seemed to work ok.But now i notice that in windows security center it still shows as installed and protecting against spyware.To remove it ive downloaded the prevx force uninstall .exe which also seems to work but security center still reports it as in stalled.Ive also stopped the windows managment instrumentation and deleted the repository in the system32/wbem folder ,however windows recreates a new one and prevx 3 still shows in security center.
    Any ideas how to remove this once and for all?
  2. StevieO

    StevieO Registered Member

    Feb 2, 2006
    You must be in Admin to do most of this.

    Run Task Manager and look for any Prevx listings. Make a note of the file names, if any, and then right click to kill processes.

    I have AOOQNDCI.EXE but yours may be different as i think they might randomise names to prevent Malware disabling it. Keep Task Manager open for now.

    Go back to TM and the next panel Services. If you find any by Prevx right click and stop them. You might see AOOQNDCI.EXE or similar.

    Download AutoRuns from here - and run it.

    Go to Services and you might see CSIScanner. If so right click on it and disable it and any other by Prevx. Then Drivers and untick these if there -



    Then use the windows Search for any of those file names plus Prevx and delete, or rename if you can. Reboot and see. It's just possible you may need to do the above in Safe Mode, probably not.

    If you Really want to look for and delete RK's then i would highly recommend RKU/Gmer/IceSword etc
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.