Trojan . Trojan.DSManager (Summary)
home | requirements | help | contact | scan now  

OVER 8 MILLION PEOPLE WORLDWIDE USE NUKER TO PROTECT THEIR PC!
YOU CAN TRY ITS AUDIT TODAY ABSOLUTELY FREE!

FREE SCAN

Free Anti Spyware Audit

Click Here to scan your PC for
Trojan.DSManager
free of charge
Trojan . Trojan.DSManager (Summary)

Software Name: Trojan.DSManager
Company Name:
Product Name: Trojan.DSManager
Classification: Trojan
Website: http://195.225.177.32

Brief:
Allows remote access to computer. Logs confidential information from Windows. Communicates with its servers in the background and silently downloads files. Restarts computer on specific user actions. **Deep scan in safe mode to ensure removal**

 

IMPORTANT!
Some of the Trojan.Trojan.DSManager components are listed below. The list is compiled as a reference. The list might not be complete and it doesn't represent instructions for manual removal. We DO NOT recommend manual removal. Incorrect removal of certain software might make your computer unstable or even unusable.
Removal of adware component might affect the related ad-supported software.

If you suspect that you have an unwanted instance of Trojan.DSManager installed on your computer we recommend a free audit of your system with INAC Anti Spyware.

Trojan.DSManager might create following folders (and inject its files inside the folders):

n/a

Trojan.DSManager might create following files (some of the files might be loaded in memory while the software is running):

  • %PROFILE%\Local Settings\Temp\tr10.exe

  • %PROFILE%\Local Settings\Temp\trE.exe

  • %PROFILE%\Local Settings\Temp\trF.exe

  • %SYSTEM%\cz.dll

  • %SYSTEM%\drct16.dll

  • %SYSTEM%\dsmanager.dll

  • %SYSTEM%\fltr.a3d

  • %SYSTEM%\hz.sys

  • %SYSTEM%\i.a3d

  • %SYSTEM%\klogini.dll

  • %SYSTEM%\mszx23.exe

  • %SYSTEM%\ntddetect.dat

  • %SYSTEM%\ntddetect.exe

  • %SYSTEM%\p2.ini

  • %SYSTEM%\ps.a3d

  • %SYSTEM%\redir.a3d

  • %SYSTEM%\vdmt16.sys

  • %SYSTEM%\winlow.sys

  • %SYSTEM%\wz.sys

  • %SYSTEM%\config\SSL

  • %SYSTEM%\vtd_16.exe

  • %SYSTEM%\draw32.dll

  • %SYSTEM%\tnfl.a3d

  • C:.dml

  • %system%\perflibs__

  • %SYSTEM%\tr1.exe

  • %SYSTEM%\tr10.exe

  • %SYSTEM%\trE.exe

  • %SYSTEM%\trF.exe

Trojan.DSManager is often accompanied by the following tracking cookies:

n/a

Trojan.DSManager might create following registry keys (and inject subkeys and values):

  • HKEY_CLASSES_ROOT\BHO.Explorer

  • HKEY_CLASSES_ROOT\BHO.Explorer.1

  • HKEY_CLASSES_ROOT\CLSID\{962F12AE-2773-4BEB-99EA-B5C3AB9A6606}

  • HKEY_CLASSES_ROOT\Interface\{4BFF19A6-300B-4A7A-9C7F-0CE8A14E2889}

  • HKEY_CLASSES_ROOT\TypeLib\{90164B42-3C67-4D81-BED6-8845D9DAA79C}

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{962F12AE-2773-4BEB-99EA-B5C3AB9A6606}

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MDS Search Booster

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdmt16

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winlow

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\drct16

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\memlow

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdnt32

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\memlow

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vdnt32

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\memlow

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdnt32

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\draw32

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vdmt16

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\vdmt16

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdmt16\Security

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdmt16\Enum

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VFILT

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winlow\Security

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winlow\Enum

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16\Security

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16\Enum

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VFILT

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow\Security

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow\Enum

  • HKEY_USERS\*\Software\Microsoft\MSSTSL

Trojan.DSManager might create following registry values:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft|SysTM

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ntddetect

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|secboot

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices|ntddetect

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MDS Search Booster|UninstallString

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MDS Search Booster|DisplayName

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\drct16|DllName

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\drct16|Startup

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\drct16|Impersonate

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\drct16|Asynchronous

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\drct16|MaxWait

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control|Impersonate

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Memory Management|EnforceWriteProtection

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdmt16|Type

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdmt16|Start

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdmt16|ErrorControl

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdmt16|ImagePath

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdmt16|DisplayName

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdmt16\Security|Security

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winlow|Type

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winlow|Start

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winlow|ErrorControl

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winlow|ImagePath

  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winlow|DisplayName

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control|Impersonate

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management|EnforceWriteProtection

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16|Type

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16|Start

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16|ErrorControl

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16|ImagePath

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16|DisplayName

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16\Security|Security

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16\Enum|0

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16\Enum|Count

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16\Enum|NextInstance

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow|Type

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow|Start

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow|ErrorControl

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow|ImagePath

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow|DisplayName

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow\Security|Security

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow\Enum|0

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow\Enum|Count

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow\Enum|NextInstance

  • HKEY_USERS\*\Software\Microsoft\MSSTSL|aid

  • HKEY_USERS\*\Software\Microsoft\Windows\CurrentVersion\Run|ntddetect

Trojan.DSManager might create registry values with following data:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication|Name|mszx23.exe

Trojan.DSManager might insert following entries in the HOSTS file:

n/a

 

Click here to scan your computer for Trojan.DSManager free of charge

 Download | Order Now | Partners | Index | Hunter's Log | EULA | Privacy Policy   © 2002-2007 TrekBlue, Inc.