WinXP kill process

Discussion in 'NZ Computing' started by Warwick, Feb 5, 2007.

  1. Warwick

    Warwick Guest

    I have a process I cannot kill and can't remove from start up.
    Used msconfig to edit start up.
    Used console to force kill ie taskkill /f /PID 188 /t (switches are f
    force, and t tree - also kill subprocesses.)

    Access is denied.

    Am using the administrator account.

    It is a program called prevx1 which I installed as an outbound firewall. I
    saw a post here today that suggested sygate had improved so I have
    installed that - prevx is resource intensive. The bloody thing is trying to
    access the net every 2 minutes and using 40 odd kB of memory. It will not
    uninstall while the process is running. So I am a bit stuck.

    Where else can a program hide and be in start up? Nothing in start up
    folder. But I have (and I can't for the life of me understand the
    engineering behind it) several process in msconfig startup that have no
    names at all.
    --

    cheers
    Warwick, Feb 5, 2007
    #1
    1. Advertising

  2. Warwick

    El Chippy Guest

    On Tue, 06 Feb 2007 01:37:44 +1300, Warwick wrote:

    > I have a process I cannot kill and can't remove from start up.
    > Used msconfig to edit start up.
    > Used console to force kill ie taskkill /f /PID 188 /t (switches are f
    > force, and t tree - also kill subprocesses.)
    >
    > Access is denied.
    >
    > Am using the administrator account.
    >
    > It is a program called prevx1 which I installed as an outbound firewall. I
    > saw a post here today that suggested sygate had improved so I have
    > installed that - prevx is resource intensive. The bloody thing is trying to
    > access the net every 2 minutes and using 40 odd kB of memory. It will not
    > uninstall while the process is running. So I am a bit stuck.
    >
    > Where else can a program hide and be in start up? Nothing in start up
    > folder. But I have (and I can't for the life of me understand the
    > engineering behind it) several process in msconfig startup that have no
    > names at all.


    Fire up regedit and have a look in

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
    Windows\CurrentVersion\Run

    Other option if you are not comfortable playing in the registry is to try
    re-installing PreVxOne then un-installing it. This can fix broken installs
    sometimes.
    El Chippy, Feb 5, 2007
    #2
    1. Advertising

  3. Warwick

    Warwick Guest

    On 6 Feb 2007 01:49:29 +1300, El Chippy wrote:

    > On Tue, 06 Feb 2007 01:37:44 +1300, Warwick wrote:
    >
    >> I have a process I cannot kill and can't remove from start up.
    >> Used msconfig to edit start up.
    >> Used console to force kill ie taskkill /f /PID 188 /t (switches are f
    >> force, and t tree - also kill subprocesses.)
    >>
    >> Access is denied.
    >>
    >> Am using the administrator account.
    >>
    >> It is a program called prevx1 which I installed as an outbound firewall. I
    >> saw a post here today that suggested sygate had improved so I have
    >> installed that - prevx is resource intensive. The bloody thing is trying to
    >> access the net every 2 minutes and using 40 odd kB of memory. It will not
    >> uninstall while the process is running. So I am a bit stuck.
    >>
    >> Where else can a program hide and be in start up? Nothing in start up
    >> folder. But I have (and I can't for the life of me understand the
    >> engineering behind it) several process in msconfig startup that have no
    >> names at all.

    >
    > Fire up regedit and have a look in
    >
    > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
    > Windows\CurrentVersion\Run
    >
    > Other option if you are not comfortable playing in the registry is to try
    > re-installing PreVxOne then un-installing it. This can fix broken installs
    > sometimes.


    Thanks for that. Bit of an education reading the list you pointed me at.
    But prevx isn't on it.

    --

    cheers
    Warwick, Feb 5, 2007
    #3
  4. Warwick

    Rob S Guest

    Warwick wrote:
    > On 6 Feb 2007 01:49:29 +1300, El Chippy wrote:
    >
    >> On Tue, 06 Feb 2007 01:37:44 +1300, Warwick wrote:
    >>
    >>> I have a process I cannot kill and can't remove from start up.
    >>> Used msconfig to edit start up.
    >>> Used console to force kill ie taskkill /f /PID 188 /t (switches are f
    >>> force, and t tree - also kill subprocesses.)
    >>>
    >>> Access is denied.
    >>>
    >>> Am using the administrator account.
    >>>
    >>> It is a program called prevx1 which I installed as an outbound firewall. I
    >>> saw a post here today that suggested sygate had improved so I have
    >>> installed that - prevx is resource intensive. The bloody thing is trying to
    >>> access the net every 2 minutes and using 40 odd kB of memory. It will not
    >>> uninstall while the process is running. So I am a bit stuck.
    >>>
    >>> Where else can a program hide and be in start up? Nothing in start up
    >>> folder. But I have (and I can't for the life of me understand the
    >>> engineering behind it) several process in msconfig startup that have no
    >>> names at all.

    >> Fire up regedit and have a look in
    >>
    >> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
    >> Windows\CurrentVersion\Run
    >>
    >> Other option if you are not comfortable playing in the registry is to try
    >> re-installing PreVxOne then un-installing it. This can fix broken installs
    >> sometimes.

    >
    > Thanks for that. Bit of an education reading the list you pointed me at.
    > But prevx isn't on it.
    >

    I presume you've tried to boot into safe mode without networking, Logged
    in as Administrator (ctrl+alt+del twice at welcome screen) then tried
    uninstalling?

    --

    Rob
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    http://aspir8or.blogspot.com
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


    - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Rob S, Feb 5, 2007
    #4
  5. Warwick

    impossible Guest

    "Warwick" <> wrote in message
    news:...
    >I have a process I cannot kill and can't remove from start up.
    > Used msconfig to edit start up.
    > Used console to force kill ie taskkill /f /PID 188 /t (switches are
    > f
    > force, and t tree - also kill subprocesses.)
    >
    > Access is denied.
    >
    > Am using the administrator account.
    >
    > It is a program called prevx1 which I installed as an outbound
    > firewall. I
    > saw a post here today that suggested sygate had improved so I have
    > installed that - prevx is resource intensive. The bloody thing is
    > trying to
    > access the net every 2 minutes and using 40 odd kB of memory. It
    > will not
    > uninstall while the process is running. So I am a bit stuck.
    >
    > Where else can a program hide and be in start up? Nothing in start
    > up
    > folder. But I have (and I can't for the life of me understand the
    > engineering behind it) several process in msconfig startup that have
    > no
    > names at all.
    > --


    You might want to look here at a discussion on just this issue.

    http://www.networkworld.com/community/?q=node/5528

    A post there from Prevx Support has the following to say:

    "We don't recommend the deletion of individual files from the Prevx
    folders through safe mode or DOS. Prevx1 uses a number of techniques
    to prevent malware from diabling the product prior to infecting a
    system and deleting individual files could result in the uninstall
    failing.
    "The recommened approach to uninstalling Prevx1 is to use the START
    menu uninstall command or the Add Remove entry in the control panel.
    If either of these fail for some reason then there is a tool available
    from the Prevx website. See the Prevx1 Forum for further
    information..."
    impossible, Feb 5, 2007
    #5
  6. Warwick

    Mathew Good Guest

    On Tue, 6 Feb 2007 01:37:44 +1300, Warwick <> wrote:

    >I have a process I cannot kill and can't remove from start up.
    >Used msconfig to edit start up.
    >Used console to force kill ie taskkill /f /PID 188 /t (switches are f
    >force, and t tree - also kill subprocesses.)
    >
    >Access is denied.
    >
    >Am using the administrator account.
    >
    >It is a program called prevx1 which I installed as an outbound firewall. I
    >saw a post here today that suggested sygate had improved so I have
    >installed that - prevx is resource intensive. The bloody thing is trying to
    >access the net every 2 minutes and using 40 odd kB of memory. It will not
    >uninstall while the process is running. So I am a bit stuck.
    >
    >Where else can a program hide and be in start up? Nothing in start up
    >folder. But I have (and I can't for the life of me understand the
    >engineering behind it) several process in msconfig startup that have no
    >names at all.




    Its in the Registry in the Run or Run once setting.


    Try using Safe mode to get rid of it..
    Mathew Good, Feb 5, 2007
    #6
  7. Warwick

    E. Scrooge Guest

    "Warwick" <> wrote in message
    news:...
    >I have a process I cannot kill and can't remove from start up.
    > Used msconfig to edit start up.
    > Used console to force kill ie taskkill /f /PID 188 /t (switches are f
    > force, and t tree - also kill subprocesses.)
    >
    > Access is denied.
    >
    > Am using the administrator account.
    >
    > It is a program called prevx1 which I installed as an outbound firewall. I
    > saw a post here today that suggested sygate had improved so I have
    > installed that - prevx is resource intensive. The bloody thing is trying
    > to
    > access the net every 2 minutes and using 40 odd kB of memory. It will not
    > uninstall while the process is running. So I am a bit stuck.
    >
    > Where else can a program hide and be in start up? Nothing in start up
    > folder. But I have (and I can't for the life of me understand the
    > engineering behind it) several process in msconfig startup that have no
    > names at all.
    > --
    >
    > cheers


    Google it to find out all you can about it and try Rob's suggestion of using
    Safe Mode to get rid of it.

    E. Scrooge
    E. Scrooge, Feb 5, 2007
    #7
  8. Warwick

    Enkidu Guest

    Warwick wrote:
    > I have a process I cannot kill and can't remove from start up.
    > Used msconfig to edit start up.
    > Used console to force kill ie taskkill /f /PID 188 /t (switches are f
    > force, and t tree - also kill subprocesses.)
    >
    > Access is denied.
    >
    > Am using the administrator account.
    >
    > It is a program called prevx1 which I installed as an outbound firewall. I
    > saw a post here today that suggested sygate had improved so I have
    > installed that - prevx is resource intensive. The bloody thing is trying to
    > access the net every 2 minutes and using 40 odd kB of memory. It will not
    > uninstall while the process is running. So I am a bit stuck.
    >
    > Where else can a program hide and be in start up? Nothing in start up
    > folder. But I have (and I can't for the life of me understand the
    > engineering behind it) several process in msconfig startup that have no
    > names at all.


    From a Google Search:

    ---------------------------------------------------------------------

    We don't recommend the deletion of individual files from the Prevx
    folders through safe mode or DOS. Prevx1 uses a number of techniques to
    prevent malware from diabling the product prior to infecting a system
    and deleting individual files could result in the uninstall failing.

    The recommened approach to uninstalling Prevx1 is to use the START menu
    uninstall command or the Add Remove entry in the control panel. If
    either of these fail for some reason then there is a tool available from
    the Prevx website. See the Prevx1 Forum for further information:

    castlecops.com/t152709-Reinstalling_Prevx1.html

    If you still have problems then please contact Prevx Support via the
    website.

    Regards,

    Prevx Support

    ---------------------------------------------------------------------

    Cheers,

    Cliff

    --

    Have you ever noticed that if something is advertised as 'amusing' or
    'hilarious', it usually isn't?
    Enkidu, Feb 5, 2007
    #8
  9. Warwick

    Warwick Guest

    On Tue, 06 Feb 2007 12:13:56 +1300, Enkidu wrote:

    > Warwick wrote:
    >> I have a process I cannot kill and can't remove from start up.
    >> Used msconfig to edit start up.
    >> Used console to force kill ie taskkill /f /PID 188 /t (switches are f
    >> force, and t tree - also kill subprocesses.)
    >>
    >> Access is denied.
    >>
    >> Am using the administrator account.
    >>
    >> It is a program called prevx1 which I installed as an outbound firewall. I
    >> saw a post here today that suggested sygate had improved so I have
    >> installed that - prevx is resource intensive. The bloody thing is trying to
    >> access the net every 2 minutes and using 40 odd kB of memory. It will not
    >> uninstall while the process is running. So I am a bit stuck.
    >>
    >> Where else can a program hide and be in start up? Nothing in start up
    >> folder. But I have (and I can't for the life of me understand the
    >> engineering behind it) several process in msconfig startup that have no
    >> names at all.

    >
    > From a Google Search:
    >
    > ---------------------------------------------------------------------
    >
    > We don't recommend the deletion of individual files from the Prevx
    > folders through safe mode or DOS. Prevx1 uses a number of techniques to
    > prevent malware from diabling the product prior to infecting a system
    > and deleting individual files could result in the uninstall failing.
    >
    > The recommened approach to uninstalling Prevx1 is to use the START menu
    > uninstall command or the Add Remove entry in the control panel. If
    > either of these fail for some reason then there is a tool available from
    > the Prevx website. See the Prevx1 Forum for further information:
    >
    > castlecops.com/t152709-Reinstalling_Prevx1.html
    >
    > If you still have problems then please contact Prevx Support via the
    > website.
    >
    > Regards,
    >
    > Prevx Support
    >
    > ---------------------------------------------------------------------
    >
    > Cheers,
    >
    > Cliff

    Thanks Cliff. Been there and the article is removed. The prevx site will
    not provide support unless you pay for and register their software. There
    is no point in trying the exercise in safe mode.

    I have to use hacking tools to get rid of it by the looks of things. What a
    pita.

    Not that I am holding it against the designers of prevx, they have good
    reasons for making this difficult and the software did what I wanted it to
    do, and a lot more, for free.
    --

    cheers
    Warwick, Feb 6, 2007
    #9
  10. Warwick

    Ray Greene Guest

    Remove on Reboot Shell Extension

    Remove on Reboot Shell Extension is a simple but useful shell
    extension, that allows you to delete files automatically after the
    next reboot. This is useful if you need to deleted a file that is
    currently in use (locked) and cannot be deleted from within Windows.
    Just right-click and select "Delete on Reboot" and the file will be
    automatically deleted.

    Freeware

    http://www.snapfiles.com/get/removereboot.html

    --
    Ray Greene
    Ray Greene, Feb 6, 2007
    #10
  11. Warwick

    Warwick Guest

    On Tue, 06 Feb 2007 14:33:46 +1300, Ray Greene wrote:

    > Remove on Reboot Shell Extension
    >
    > Remove on Reboot Shell Extension is a simple but useful shell
    > extension, that allows you to delete files automatically after the
    > next reboot. This is useful if you need to deleted a file that is
    > currently in use (locked) and cannot be deleted from within Windows.
    > Just right-click and select "Delete on Reboot" and the file will be
    > automatically deleted.
    >
    > Freeware
    >
    > http://www.snapfiles.com/get/removereboot.html


    Thanks Ray, I already have an unlocking tool and didn't think to use it!

    I found prevx has two shutdown commands. The obvious one from a menu and
    another invoked by clicking the prevx icon on the rhs of the windows
    caption bar. Only the second one actually shuts it down.

    Now I have uninstalled it my machine appears to be participating in a DoS
    attack. I guess the programs in the Prevx 'jail' have been released.

    Needless to say I am feeling pretty foolish.

    --

    cheers
    Warwick, Feb 6, 2007
    #11
  12. Warwick

    Ray Greene Guest

    On Tue, 6 Feb 2007 15:33:00 +1300, Warwick <> wrote:

    >On Tue, 06 Feb 2007 14:33:46 +1300, Ray Greene wrote:
    >
    >> Remove on Reboot Shell Extension
    >>
    >> Remove on Reboot Shell Extension is a simple but useful shell
    >> extension, that allows you to delete files automatically after the
    >> next reboot. This is useful if you need to deleted a file that is
    >> currently in use (locked) and cannot be deleted from within Windows.
    >> Just right-click and select "Delete on Reboot" and the file will be
    >> automatically deleted.
    >>
    >> Freeware
    >>
    >> http://www.snapfiles.com/get/removereboot.html

    >
    >Thanks Ray, I already have an unlocking tool and didn't think to use it!
    >
    >I found prevx has two shutdown commands. The obvious one from a menu and
    >another invoked by clicking the prevx icon on the rhs of the windows
    >caption bar. Only the second one actually shuts it down.
    >
    >Now I have uninstalled it my machine appears to be participating in a DoS
    >attack. I guess the programs in the Prevx 'jail' have been released.
    >
    >Needless to say I am feeling pretty foolish.


    Some days you just can't win... :)

    --
    Ray Greene
    Ray Greene, Feb 7, 2007
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    1
    Views:
    3,750
    Ivan OstreŇ°
    Mar 9, 2005
  2. AM

    How to kill a process?

    AM, Nov 14, 2005, in forum: Cisco
    Replies:
    2
    Views:
    514
  3. lbbss
    Replies:
    4
    Views:
    3,645
    Alice
    Jun 3, 2005
  4. drsd2kill

    Bava's KILL BABY KILL widescreen

    drsd2kill, Nov 27, 2004, in forum: DVD Video
    Replies:
    0
    Views:
    541
    drsd2kill
    Nov 27, 2004
  5. drsd2kill

    KILL BABY KILL widescreen

    drsd2kill, Nov 27, 2004, in forum: DVD Video
    Replies:
    3
    Views:
    646
    drsd2kill
    Nov 29, 2004
Loading...

Share This Page