Discussion in 'ProcessGuard' started by mech044, Jun 17, 2004.

Thread Status:
Not open for further replies.
  1. mech044

    mech044 Registered Member

    Jun 17, 2004
    WHERE DO I START? The past month i've been hunting a trojan down on my computer and cant seem to get anything to find it - although I know for a fact, whatever it is - is disabling my software (virus scanners, trojan scanners, pest patrol, ect)


    I install pestpatrol and everything goes fine - but after the first time i run it, and shut it down...something deleted the keypatrol.exe that scans for keyloggers. No matter how many times I Uninstall and Reinstall Pest patrol - something still deletes the keypatrol.exe after the FIRST TIME I RUN PEST PATROL. I know the keypatrol.exe is there BEFORE it gets deleted because i can see it AND run it - but after the first time i run pestpatrol.exe and then unload it - boom. the keypatrol.exe is gone. I'm experiencing problems with my other detection software as well.

    SO - i thought Process Guard would do the trick of letting me know what is trying to tamper or delete keypatrol.exe and my pest patrol. unfortunetly, it didnt. It still deletes it and process guard doesnt show anything except that my SVCHOST is trying to gain read write and get info on it - and so is a "dcuserprot.exe". Can somebody please give me some tips on HOW I CAN FIND OUT WHAT IS DELETING MY KEYPATROL.EXE SO I CAN FIND THIS TROJAN OR SPY PROGRAM ON MY COMPUTER. I refuse to format until I find it - i have to beat this =]
  2. Pilli

    Pilli Registered Member

    Feb 13, 2002
    Hampshire UK
    Hi mech044, It is no good installing Process Guard after malware is on your PC, this is stated quite clearly in the PG documentation. It is like trying to close the door after the horse (Trojan in this case?) has bolted. :)

    You need to go here: and follow the instructions.

    Personally, I would uninstall Process Guard until you have a clean machine.

    Another thing you could try, if you are running XP, is to go back to a time before you were infected using system restore.

    HTH Pilli
  3. LowWaterMark

    LowWaterMark Administrator

    Aug 10, 2002
    New England
    Yes, the proper procedure is to clean your system first, and the thread Pilli linked to will guide you through that process.


    Since you posted two other identical copies of this thread in other forum sections, including the Process Guard reference within them, I removed those as duplicates already on the assumption you will either respond to Process Guard issues in this thread, or create a HijackThis log thread in the adware, spyware & hijack cleaning forum section.
  4. anonymous

    anonymous Guest

    KeyPatrol has been folded into new Pest Patrol and is removed by Pest Patrol, itself!!

    Go to PP site, register (free) for support.
    This FAQ is the very first one.

    bob vance
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.