Digital Protection is a fresh rogue antispyware program from same family of malware as Your Protection, User Protection, Dr. Guard, etc. The difference between the first program an others very slightly. First, changed the name of the program and secondly, have been partially modified the core components of the program in order to protect them from detection by the legit antivirus and antispyware programs. Otherwise, everything remained as before.
Like other rogue antispyware programs, Digital Protection promoted and installed through the use of trojans. When the trojan is activated, it first does not manifest itself so that the user did not find the source of it on the computer. But after awhile, it starts to show a lot of fake security alerts and warnings that the computer is in danger and urgently needed to install and activate antivirus, this “antivirus” – Digital Protection. Even if you ignore all of these alerts, what is right, this trojan secretly start the download core components of this malicios program and then install it without your permission and knowledge.
During installation, Digital Protection scans your computer for an already installed antivirus and antispyware programs, and if they are found, required to uninstall them under the pretext that they may conflict with it by showing the following alert:
There is unauthorized antivirus software detected on your computer. It is recommended you to remove it, otherwise it could conflict with Digital Protection.
Further, Digital Protection will register itself in the Windows registry to run automatically every time you start Windows. When the program is started, it begins to scan the computer and detects a large number of trojans, viruses, worms, etc that will not be removed unless you first purchase the software. However, these results, as well as self scanning, is nothing but a scam. In reality Digital Protection cannot detect and remove any infections, as well as not be able to protect you from possible infections in the future. Thus, you can safely ignore all that the rogue antispyware will show you.
While Your Protection is running, it will display nag screens, fake security alerts and warnings from Windows task bar. A few examples:
Danger!
A security threat detected on your computer.
TrojanASPX.JS.Win32. It strongly recommended to remove
this threat right now. Click on the message to remove it.
Warning! Adware detected!
Adware module detected on your PC!
Warning! Keylogger detected!
Keylogger activity detected on your PC!
Of course, all of these alerts and warnings are a fake and like false scan results should be ignored.
What is more, the trojan which installs Digital Protection, can also download and install a variant of TDSS trojan. This trojan is very dangerous because it can block the work of most antivirus and antispyware applications, so that they will not even start. But it’s not all, TDSS trojan can also redirect you from sites that you want to visit on a completely other.
As you can see, Digital Protection is a scam, which has been created with one purpose to scare your into purchasing so-called “full” version of the program. Most importantly, do not purchase it! This fake antispyware utility should be removed immediately after detection. To remove Digital Protection and other computer parasites that could get on the computer with it, use the instructions below.
More screen shoots of Digital Protection
Symptoms in a HijackThis Log
O4 – HKCU\..\Run: [davclnt.exe] C:\DOCUME~1\comp\LOCALS~1\Temp\davclnt.exe
O4 – HKCU\..\Run: [Digital Protection] “C:\Program Files\Digital Protection\digprot.exe” -noscan
Use the following instructions to remove Digital Protection (Uninstall instructions)
Step 1. Remove TDSS trojan-rootkit
First you need remove TDSS trojan, after that, you will be able to remove Digital Protection without any problem.
Download TDSSKiller from here and unzip to your desktop.
Open TDSSKiller folder. Right click to tdsskiller and select rename. Type a new name (123myapp, for example). Press Enter. Double click the TDSSKiller icon to start scanning Windows registry for TDSS trojan. If it is found, the you will see a screen similar to the one below.
TDSSKiller
Type delete and press Enter. Once TDSSKiller has finished removing rootkit TDSS, you will see a windows as shown below.
TDSSKiller
Type Y and press Enter. Your computer will be rebooted.
Step 2. Remove Digital Protection and any associated malware.
Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.
Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to “Update Malwarebytes’ Anti-Malware” and Launch “Malwarebytes’ Anti-Malware”. Then click Finish.
MalwareBytes Anti-malware will now automatically start and you will see a message stating that you should update the program before performing a scan. If an update is found, it will download and install the latest version.
As MalwareBytes Anti-malware will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main menu. You will see window similar to the one below.
Malwarebytes Anti-Malware Window
Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for Digital Protection infection. This procedure can take some time, so please be patient.
When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. You will see a list of infected items similar as shown below.
Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Digital Protection. MalwareBytes Anti-malware will now remove all of associated Digital Protection files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.
Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.
Note 2: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Note 3: your current antispyware and antivirus software let the infection through ? Then you may want to consider purchasing the FULL version of MalwareBytes Anti-malware to protect your computer in the future.
Digital Protection creates the following files and folders
C:\Program Files\Digital Protection
%UserProfile%\Start Menu\Programs\Digital Protection
C:\Program Files\Digital Protection\dighook.dll
C:\Program Files\Digital Protection\digprot.exe
%UserProfile%\Local Settings\temp\davclnt.exe
C:\Program Files\Digital Protection\about.ico
C:\Program Files\Digital Protection\activate.ico
C:\Program Files\Digital Protection\buy.ico
C:\Program Files\Digital Protection\help.ico
C:\Program Files\Digital Protection\scan.ico
C:\Program Files\Digital Protection\settings.ico
C:\Program Files\Digital Protection\splash.mp3
C:\Program Files\Digital Protection\uninstall.exe
C:\Program Files\Digital Protection\update.ico
C:\Program Files\Digital Protection\dig.db
C:\Program Files\Digital Protection\digext.dll
C:\Program Files\Digital Protection\virus.mp3
%UserProfile%\Start Menu\Programs\Digital Protection\About.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Activate.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Buy.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Scan.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Settings.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Update.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Digital Protection Support.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Digital Protection.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Digital Protection.lnk
%UserProfile%\Desktop\Digital Protection Support.lnk
%UserProfile%\Desktop\Digital Protection.lnk
Digital Protection creates the following registry keys and values
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\digital protection
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\davclnt.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
This does not work, Im tearing my hair out here, its seems to be getting more progressive, After rebooting with this tdskiller rubbish- the virus is still present regardless. It will not let any of my anti virus software work, its runs in safe mode, its disabled internet explorer and even trend micro cant remove it. This is the worst virusive ever had, its leveled my equipment
Ok, i’ve done alot but the things giving me trouble is the .dll files that I just cant seem to delete, digext.dll when I delete it in CMD PRMT, it says its successful. But the other one is dighook.dll and it says it cant find the entry point, any advice please?
Scratch that, I deleted digext.dll and it says it was successful in deleting it but its still there. Please help on this. W/e designed this deserves aids and herpes.
Jay, looks like your computer is infected with a hidden trojan that reinstalls this malware. Please open a new topic in our Spyware removal forum. I will check your PC.
Jim, what are “three infections” ?
Patrik,I am having the same exact problems as Jay. My tdss is not detecting anything and digital protection keeps reinstalling itself. I have posted a new topic named ‘digital protection cannot be removed by malewarebytes’ please check it out I really need your help!
satnam, probably your PC is infected with a new version of the rogue. Try update Malwarebytes and perform a fresh scan. If it does not help, then open a new topic in our Spyware removal forum. I will help you.
mark_f, then only one – ask for help in our Spyware removal forum.
Pissed, try remove the files from Safe mode or using malwarebytes anti-malware.
PLLZ help! Digital protection just wont go away. The tdss killer is not detecting it and it keeps reinstalling itself.I have put a topic in the spyware removal Patrik so please chexk it out!!
I tried the TDSSKiller but when i extract the files change the name and double click it nothing happens?? Am i doing something wrong?
Now i really need help, i read one of ur replys in the forum page and added the programme you suggested, but when i saved to windows clipboard the pc crashed , now it wont even load!!!! i just get a black screen PLEASE HELP!!!!!!!!!!!!!!!!!!!!!!
Patrik, when the MalwareBytes software finishes, the screen tells me there are three infected files. I can’t see what they are because the dialogue box comes up to tell me the scan is finished and to click OK to continue to remove the infected files. When I click OK, the dialogue box and the software close so I cannot remove the infected files.
I downloaded the TDSS killer and it didn’t detect any digital protection although DP still is overtaking my computer and becoming quite the annoyance. Do you have any ideas about what I should do? Thanks
Jamie, try boot your PC in Safe mode or Last good configuration.
Jim, try scan your computer in Safe mode.
nate, TDSSKiller is designed to detect and remove TDSS trojan.
I tried in safe mode and lgc but ut only loads so far and then stops , it gives me a list of partitons or something???
Hi Patrik,
I’ve tried pretty much everything but nothing seems to be able to get rid of this. The TDSKiller does not run – nothing happens when you double click on it, my task manager has also somehow been disabled. I think I have deleted the files but thats it. The malware software (when it works) scans everthing but then you click on OK and it just disappears. Please help!
Rich, probably your PC is infected with a new version of the rogue. Ask for help in our Spyware removal forum.
ok well what I meant to say is the TDSSKiller didn’t detect or remove any TDSS trojan, any tips? Do you think I have the same problem as Rich?
nate, try skip TDSS step. If Malwarebytes won`t run, then ask for help in our Spyware removal forum.
I have a Digital Protection malware problem. I tried using system restore but the program will not work past the accaptance of the date to restore?
davod, the rogue can block the system restore service. Try the steps above to remove this malware.
You rock, big high five!! up high…….
Hi Patrick, im having the same trouble as connor – except the scans, quick of full, wont “complete”, and is still resent on my system.
Could you please help me?
cheers
tennille
Tennille, please start a new topic in our Spyware removal forum. I will help you.
Hi Patrick,
This is now the second time I got this annoying bug. I downloaded the TDSS Killer and the Malwarebyte software again and used both, but it keeps coming back again. I feel like I am missing something. I think I am maybe missing a step that I did back in April but I cant remember what it is. Can you please help me again?
Jay
Jay, probably you infected with an updated version of the rogue. Please begin a new topic in our Spyware removal forum. I will help you to remove this malware.
My own experience when digital protection hits me i was using nod32 and i scan and it says no threat found lol !!!
then after aloooot browsing and searching for a solution i finally decided to insall comodo and superantispyware and truly they stoped it and remove it as a program
after quite some time i decided to try a new antivirus i tried to insatall avg but it give me a message that digital protection is still in my pc but only as files its not making any harm to me just this message from avg setup and i want to get rid of it and i really cant find a way to get rid of it i tried everything from registry to malware
propaly i’ll just skip the final step