How to remove Data Protection (Uninstall instructions)

Data Protection is a malicious program, which should be removed from your computer upon detection. The program from the same family of rogues as Digital Protection, Your Protection, User Protection, Dr. Guard, etc. Like other rogues Data Protection promoted and distributed with the help of trojans. Once the trojan is started, it begins to show various fake security alerts and warnings that your computer in danger and urgently needed to install an antivirus. The suggested “antivirus” is Data Protection. Even if you are ignoring all of these alerts, what is right, this trojan secretly will download and install the malicios program onto your computer, without your permission and knowledge.

During installation, Data Protection scans your computer for an already installed antispyware and antivirus programs (AVG, Avira, Malwarebytes’ Anti-Malware, McAfree, F-secure, Nod32, etc), and if they are found, will attempt to uninstall them under the pretext that they may conflict with it by showing the following alert:

Data Protection
Uncertified {antivirus name} antivirus software detected on your computer. You need to remove
{antivirus name} software for correct operation of the Data Protection.
Attention: If you don`t remove {antivirus name} software, the performance of your computer will
dramatically degrade.
Press “OK” to remove the {antivirus name}

After that, Data Protection will configure itself to run automatically every time when Windows loads. Once installed, the program starts to scan the computer and detects a large number of infections (trojans, viruses, worms, etc) that will not be removed unless you first purchase so-called full version of the software. However, these results, as well as self scanning, is nothing but a scam. In reality Data Protection cannot detect and remove any infections, as well as not be able to protect you from possible infections in the future. Thus, you can safely ignore all that the rogue antispyware will give you.

While Data Protection is running, it will display nag screens, fake security alerts and warnings from Windows task bar. A few examples:

Danger!
It is strongly recommended to protect your computer against
security threats. Click on the message to ensure the
protection of your computer.

Warning! Adware detected!
Adware module detected on your PC!

Warning! Keylogger detected!
Keylogger activity detected on your PC!

Of course, all of these alerts and warnings are a fake. It is an attempt to make you think your computer is infected with all sorts of malicious software. Like false scan results you can safely ignore them.

Last but note least, the trojan which installs Data Protection, can also download and install a variant of TDSS trojan. This trojan is very dangerous because it can block most antivirus and antispyware applications from running. But it’s not all, TDSS trojan can also redirect you from sites that you want to visit on a completely other.

As you can see, obviously, Data Protection is a scam, which has been created with one purpose to scare your into purchasing so-called “full” version of the program. Most importantly, do not purchase it! This fake antispyware program should be removed immediately after detection. To remove Data Protection and other computer parasites that could get on the computer with it, use the instructions below.

More screen shoots of Data Protection

Symptoms in a HijackThis Log

O4 – HKCU\..\Run: [Data Protection] “C:\Program Files\Data Protection\datprot.exe” -noscan

Use the following instructions to remove Data Protection (Uninstall instructions)

Step 1. Remove TDSS trojan-rootkit
First you need remove TDSS trojan, after that, you will be able to remove Your Protection without any problem.

Download TDSSKiller from here and unzip to your desktop.

Open TDSSKiller folder. Right click to tdsskiller and select rename. Type a new name (123myapp, for example). Press Enter. Double click the TDSSKiller icon to start scanning Windows registry for TDSS trojan. If it is found, the you will see a screen similar to the one below.

TDSSKiller

Follow the prompts. When TDSSKiller will prompt you to press “Y”, type Y and press Enter. Your computer will be rebooted. Once computer loaded, please run TDSSKiller once again to ensure that TDSS trojan is removed (repeat the step if need).

Step 2. Remove Data Protection and any associated malware.

Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.

Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded you will see window similar to the one below.

Malwarebytes Anti-Malware Window

Select Perform Quick Scan, then click Scan, it will start scanning your computer for Data Protection infection. This procedure can take some time, so please be patient.

When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.

Malwarebytes Anti-malware, list of infected items

Make sure that everything is checked, and click Remove Selected for start Data Protection removal process. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

Note 2: if you need help with the instructions, then post your questions in our Spyware Removal forum.

Note 3: your current antispyware and antivirus software let the infection through ? Then you may want to consider purchasing the FULL version of MalwareBytes Anti-malware to protect your computer in the future.

Data Protection creates the following files and folders

C:\Program Files\Data Protection
%UserProfile%\Start Menu\Programs\Data Protection
C:\Program Files\Data Protection\dathook.dll
C:\Program Files\Data Protection\datprot.exe
C:\Program Files\Data Protection\about.ico
C:\Program Files\Data Protection\activate.ico
C:\Program Files\Data Protection\buy.ico
C:\Program Files\Data Protection\help.ico
C:\Program Files\Data Protection\scan.ico
C:\Program Files\Data Protection\settings.ico
C:\Program Files\Data Protection\splash.mp3
C:\Program Files\Data Protection\uninstall.exe
C:\Program Files\Data Protection\update.ico
C:\Program Files\Data Protection\dat.db
C:\Program Files\Data Protection\datext.dll
C:\Program Files\Data Protection\virus.mp3
%UserProfile%\Start Menu\Programs\Data Protection\About.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Activate.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Buy.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Scan.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Settings.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Update.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Data Protection Support.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Data Protection.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Data Protection.lnk
%UserProfile%\Desktop\Data Protection Support.lnk
%UserProfile%\Desktop\Data Protection.lnk

Data Protection creates the following registry keys and values

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\data protection
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr