DProtect
by DProtect Lab
What is DProtect?
DProtect is software application developed by DProtect Lab. It is most commonly found on computers running Windows 7 with nearly 58.93% of installations running this operating system. DProtect's installer is typically 1.00 MB in size and installs around 5 files.
DProtect is most popular in the United States with 15.25% of installations residing in this country.
When using a computer that is connected to the internet, DProtect is known to create 2 firewall exceptions to allow inbound and outbound connectivity.
About DProtect?
DProtect is an adware web browser extension designed to display popup and banner ads while potentially modifying the user's web browser search and home page settings. Additionally, the program may monitor user behavior and inject rival advertisements or new ones. During installation, the publisher may offer changes to the Internet Browser settings which can be reconfigured by the user at any time from the options dialog available on the Internet Browser. These changes may include modifications to the homepage, default search engine, and the page displayed when opening a new tab.
Multiple virus scanners have detected malware in DProtect.
| Scanner Software | Version | Result |
|---|---|---|
| Agnitum Outpost | 5.5.1.3 | Trojan.Agent!L6TZXmBj5Uc |
| AhnLab-V3 | 2013.10.02.00 | Trojan/Win32.Staser |
| Avira AntiVir | 7.11.105.88 | TR/Crypt.cfi.56 |
| Antiy-AVL | 2.0.3.7 | Trojan/Win32.Generic |
| Bkav FE | 1.3.0.4246 | HW32.CDB.Df4d |
| Commtouch SDK | 5.4.1.7 | W32/Trojan.UHBK-2914 |
| Comodo Security | 17031 | UnclassifiedMalware |
| Dr.Web | Trojan.Siggen5.54287 | |
| Fortinet FortiGate | 5.1.147.0 | W32/STASER.A!tr |
| IKARUS anti.virus | T3.1.5.4.0 | Trojan.Win32.Staser |
| K7 AntiVirus | 9.172.9747 | Trojan |
| K7GW | 12.7.0.14 | Trojan |
| Kaspersky | 9.0.0.837 | Trojan.Win32.Staser.rrj |
| Kingsoft AntiVirus | 2013.4.9.267 | Win32.Troj.Undef.(kcloud) |
| Malwarebytes | 1.75.0.1 | PUP.Optional.DProtect.A |
| McAfee | 5.600.0.1067 | RDN/Generic.dx!crf |
| McAfee-GW-Edition | 2013 | RDN/Generic.dx!crf |
| Panda Antivirus | 10.0.3.5 | Trj/CI.A |
| Sophos | 4.93.0 | Mal/VMProtBad-A |
| Trend Micro | 9.740.0.1012 | TROJ_FRS.BMA000IR13 |
| TrendMicro-HouseCall | 9.700.0.1001 | TROJ_FRS.BMA000IR13 |
| VIPRE Antivirus | 21998 | Trojan.Win32.Generic!BT |
| Scanner Software | Version | Result |
|---|---|---|
| Antiy-AVL | 2.0.3.7 | Trojan/Win32.Staser |
| avast! | 2014.9-140111 | Win32:Staser-A [Trj] |
| AVG | 2015.0.3598 | MalSign.Generic |
| Baidu-International | 4.0.3.14111 | Adware.Win32.ElexInstall |
| CAT-QuickHeal | 1.14.12.00 | Trojan.Staser.fv |
| Comodo Security | 17585 | UnclassifiedMalware |
| Dr.Web | 9.0.0.011 | Adware.Mutabaha.28 |
| ESET-NOD32 | 8.9273 | a variant of Win32/ELEX.T |
| Fortinet FortiGate | 1/11/2014 | W32/Staser.FV!tr |
| IKARUS anti.virus | t3scan.2.2.29 | Trojan.Win32.Staser |
| K7 AntiVirus | 13.175.10794 | Trojan |
| K7GW | 13.175.10794 | Trojan ( 00454f271 ) |
| Malwarebytes | v2014.01.11.04 | Trojan.Staser |
| McAfee | 5600.7254 | Adware-Bprotect |
| Panda Antivirus | 14.01.11.04 | Generic Malware |
| Sophos | 4.96 | Mal/Generic-S |
| Symantec | 1/11/2014 rev. 7 | Download.Adware |
| Trend Micro | 10.465.11 | ADW_BPROTECT |
| VIPRE Antivirus | 25280 | Elex Installer (fs) |
| ViRobot | 2011.4.7.4223 | Trojan.Win32.S.Agent.345152 |
| Agnitum Outpost | 5.5.1.3 | Trojan.Agent!L6TZXmBj5Uc |
| AhnLab-V3 | 2013.10.02.00 | Trojan/Win32.Staser |
| Avira AntiVir | 7.11.105.88 | TR/Crypt.cfi.56 |
| Bkav FE | 1.3.0.4246 | HW32.CDB.Df4d |
| Commtouch SDK | 5.4.1.7 | W32/Trojan.UHBK-2914 |
| Kaspersky | 9.0.0.837 | Trojan.Win32.Staser.rrj |
| Kingsoft AntiVirus | 2013.4.9.267 | Win32.Troj.Undef.(kcloud) |
| McAfee-GW-Edition | 2013 | RDN/Generic.dx!crf |
| TrendMicro-HouseCall | 9.700.0.1001 | TROJ_FRS.BMA000IR13 |
Software Behaviors
- Services:
-
- DProtectSvc.exe runs as a service named 'DPService' (DPService) "DProtect Service".
- eGdpSvc.exe runs as a service named 'eSafe Service' (eSafeSvc) "System eSafe update service".
- Firewall:
-
- eGdpSvc.exe is added as a firewall exception for 'C:\Documents and Settings\All Users\Datos de programa\eSafe\eGdpSvc.exe'.
- DProtectSvc.exe is added as a firewall exception for 'C:\Documents and Settings\user\Application Data\DProtect\DProtectSvc.exe'.
Software Details
- URL:
- –
- Support:
- –
- Installation path:
- C:\Documents and Settings\user\Application data\dprotect
- Uninstaller:
- C:\Documents and Settings\user\Application Data\DProtect\DPUninstall.exe -silence
- Size:
- 1.00 MB
- Language:
- English
DProtect Executable Details
- Primary executable:
- DProtectSvc.exe
- Name:
- DProtect
- Path:
- C:\Documents and Settings\user\Application data\dprotect\DProtectSvc.exe
- MD5:
- 957c9c20b7df85c3f8d08e53f4720ba1
- SHA-1:
- –
- SHA-256:
- –
| File Type | Filename | MD5 |
|---|---|---|
|
EXE
|
eGdpSvc.exe
Malware
|
d0f52960ae4f2b30008f7ce7f115095d |
|
DLL
|
5dd25706efaf888499dafc6a0c9d6aa3 | |
|
DLL
|
0f161b35c28e4c45e721731f087e1595 | |
|
EXE
|
DProtectSvc.exe
Malware
|
957c9c20b7df85c3f8d08e53f4720ba1 |
|
EXE
|
21881efc326a0243d2b84ee778fecca7 |