Datper

What is Datper?

In this report, we talk about a malicious application known as Datper. It is considered to be a backdoor, a tool used to gain access to computers, systems, applications, etc. Researchers believe the malware might have been used to access systems belonging to various organizations and not computers of regular users. For instance, the threat could have been used to obtain sensitive information or to damage systems it infects. If you want to know more about this vicious threat, we invite you to read our full article, in which we explain how the malware could be distributed, how it works, and how it could be erased. What we should tell from the start is that the manual removal instructions available below may not work for everyone, since the malware might have lots of different versions and some of them might place files on different locations. Probably, the best option to deal with such a malicious application to get a reputable antimalware tool.

Where does Datper come from?

Our researchers at Anti-spyware-101.com say Datper might enter a computer with the help of another malicious application. In other words, the machine could have been infected with something else even before the backdoor showed up. Therefore, for those who encounter this threat, we highly recommend checking their systems for more malicious applications. If you want to avoid malware in the future, it is advisable to keep a legitimate antimalware tool, avoid opening suspicious files (e.g., email attachments from unknown senders), and remove computer’s weaknesses, such as outdated software or weak passwords. Another thing we highly recommend is scanning downloaded or received files with your chosen security tool if you are not sure they can be trusted.

How does Datper work?

To make an infected computer launch Datper with each restart, the malware might create its copy in Startup locations listed in our deletion instructions. As for confusing victims, the malicious application might give their launchers titles that would not raise suspicion like msupdate.exe, winupdate.exe, and so on. Such files could even be given names of existing system files.

What’s more, the threat can connect to the Internet without the user’s knowledge or permission, and as it does, it might communicate with a particular server. This is how cybercriminals behind the malware could execute commands and make the threat carry out their tasks. Datper has the following functionality: obtain system information (host name, OS, hardware information, etc.), configure communication interval, execute a program or Shell commands, manipulate files, and enter sleep. Such functions might allow the malware’s developers to spy on targeted victims, collect information from infected systems, and so on. Therefore, it is safe to say that it is essential to erase Datper as soon as it gets discovered on a computer.

How to erase Datper?

If you feel like deleting Datper manually, you could try using the instructions available below. However, keep in mind that they may not necessarily work for everyone. It seems the malware might have different versions, and since they could work a bit differently, our provided instructions might not obliterate the threat. This is why we think it might be a good idea to use legitimate antimalware tools instead.

Eliminate Datper

1. Click Ctrl+Alt+Delete.
2. Pick Task Manager and select Processes.
3. Identify a process belonging to the threat and right-click it.
4. Press Open file location and wait untill the tool launches a File Explorer window.
5. Put this window aside, but do not close it, and go back to the Task Manager.
6. Select the malware’s process you located earlier and click End Task.
7. Exit Task Manager.
8. Take a look at the earlier opened File Explorer window.
9. Find a malicious executable file; it should be titled the same as the threat’s process.
10. Right-click it and choose Delete.
11. Navigate to these paths:
    %WINDIR%\System32
    %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
    %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup
    %ALLUSERSPROFILE%\Application Data\Microsoft\Windows\Start Menu\Programs\Startup
12. Right-click malicious executable files and select Delete.
13. Exit File Explorer.
14. Empty your Recycle Bin.
15. Restart the computer. Download Removal Tool100% FREE spyware scan and
    tested removal of Datper*

Stop these Datper Processes: