prevx3 showing in vista windows security centre

Hi..
I used free prevx 3.0 on vista laptop to check for rootkits.I then uninstalled prevx from add remove programs after trying to shutdown from the tray (however i could not kill the process prevx.exe with task manager before uninstalling) however uninstall seemed to work ok.But now i notice that in windows security center it still shows as installed and protecting against spyware.To remove it ive downloaded the prevx force uninstall .exe which also seems to work but security center still reports it as in stalled.Ive also stopped the windows managment instrumentation and deleted the repository in the system32/wbem folder ,however windows recreates a new one and prevx 3 still shows in security center.
Any ideas how to remove this once and for all?
tia
ellison

 

You must be in Admin to do most of this.

Run Task Manager and look for any Prevx listings. Make a note of the file names, if any, and then right click to kill processes.

I have AOOQNDCI.EXE but yours may be different as i think they might randomise names to prevent Malware disabling it. Keep Task Manager open for now.

Go back to TM and the next panel Services. If you find any by Prevx right click and stop them. You might see AOOQNDCI.EXE or similar.

Download AutoRuns from here - http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx and run it.

Go to Services and you might see CSIScanner. If so right click on it and disable it and any other by Prevx. Then Drivers and untick these if there -

pxscan.sys

pxsec.sys

Then use the windows Search for any of those file names plus Prevx and delete, or rename if you can. Reboot and see. It's just possible you may need to do the above in Safe Mode, probably not.

If you Really want to look for and delete RK's then i would highly recommend RKU/Gmer/IceSword etc