Saturday 10 April 2010

How to remove Digital Protection malware (Uninstall guide)

Digital Protection is a fake antivirus program from the same family as Dr. Guard and User Protection. DigitalProtection is a typical rogue security program that displays fake warnings about malware infection on your computer and reports false system security threats to make you think that your PC is infected with spyware, adware and various other malicious software. As usual, such bogus programs are promoted through the use of Trojans that most of the time come from fake online anti-malware scanners or misleading video web sites. Cyber criminals may also use social engineering to distribute their bogus product.



Can Digital Protection steal your personal information? Well, usually such programs don't steal passwords or other personal information. However, please note that it may come bundled with other malware and it can be actually password stealing Trojans or similar programs, so we highly recommend you to scan your computer with legit and reliable anti-virus or anti-malware programs. Don't rely on on one anti-malware program. You should scan your computer with at least two programs to make sure that there are no other malware installed on your PC.

As a typical rogue anti-virus program Digital Protection displays fake warning and fake infections to scare you into purchasing the program. Some of the fake security alerts will state:

"Warning! Virus threat detected!
Virus activity detected!
Trojan-Clicker.Win32 adware has been detected. This adware module advertises websites with explicit content. Be advised of such content being possibly illegal. Please click the button below to locate and remove this threat now."

"A security threat detected on your computer. TrojanASPX.JS.Win32. It strongly recommended to remove this threat right now. Click on the message to remove it."

Most importantly, don't purchase Digital Protection because it's a scam. Instead, you should uninstall it from your computer as soon as possible. Please use the removal instructions below to remove Digital Protection malware. The rogue program may come bundled with TDSS rootkit. If so, then you should use the second removal method (Method 2) or read the TDSS rootkit removal instructions. If you have any questions or useful information about this infection, don't hesitate and leave a comment. Good luck and be safe!


Digital Protection removal instructions (in Safe Mode with Networking, Method 1):

1. Reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key. Read more detailed instructions here: http://www.computerhope.com/issues/chsafe.htm



NOTE: Login as the same user you were previously logged in with in the normal Windows mode.

2. Download SUPERAntispyware, MalwareBytes Anti-malware or Spybot - Search & Destroy and run a full system scan. NOTE: before saving the selected program onto your computer, please rename the installer to winlogon.exe or iexplore.exe. Launch the program and follow the prompts. Don't forget to update the installed program before scanning. Then reboot your computer in "Normal Mode" and run  a system scan again. That's it!
4. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.


Digital Protection removal instructions: (Method 2)

1. Download the file TDSSKiller.zip and extract it into a folder
2. Execute the file TDSSKiller.exe (NOTE: you may have to rename TDSSKiller.exe to explorer.com yourself or download already renamed explorer.com file in order to run it)
3. Follow the prompts and wait for the scan and disinfection process to be over. Close all programs and press “Y” key to restart your computer.
More detail TDSSKiller tutorial: http://support.kaspersky.com/viruses/solutions?qid=208280684
4. Download one of the following anti-malware software and run a full system scan:
5. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.


Digital Protection associated files and registry values:

Files:
  • C:\Documents and Settings\All Users\Application Data\[random].dll
  • %UserProfile%\Start Menu\Programs\Digital Protection
  • C:\Program Files\Digital Protection
  • C:\Program Files\Digital Protection\dig.db
  • C:\Program Files\Digital Protection\digext.dll
  • C:\Program Files\Digital Protection\dighook.dll
  • C:\Program Files\Digital Protection\digprot.exe
  • C:\Program Files\Digital Protection\Uninstall.exe
  • %Temp%\4otjesjty.mof
  • %Temp%\asd1.tmp
  • %Temp%\davclnt.exe
  • %Temp%\dhdhtrdhdrtr5y
  • %Temp%\dig.dat
Registry:
  • HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}
  • HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\SimpleShlExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Digital Protection
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Digital Protection
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = "1"
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Digital Protection"
Please share this information with other people:

No comments:

Post a Comment