Tuesday, November 8, 2011

How to fix Trojan.Renos.PGZ

Trojan.Renos is the latest malware you should look out for. Being a form of a Trojan infection, Trojan.Renos will enter into a computer system covertly, to perform the function it was designed to do: to download and install additional and various malware, badware, adware, etc, so as to ensure that the Trojan, as well as the hacker in control of this whole operation, are equip with the full control of the infiltrated machine

Trojan.Renos, also referred to as Trojan.Renos.G and Trojan.Renos.M, allows for a hacker from a remote location to change the infiltrated systems’ settings, delete important files, steal passwords and watch the user’s computer activity.

Infiltration methods used frequently by Trojan.Renos are as follows: 
• Email: via email attachments, Trojan.Renos will enter into a system, disguised as a small file, for example: a jpeg or might be downloaded via a website or FTP.
• Websites: Many Trojan infections will exploit browser security vulnerabilities 
• Open-Ports: Programs which allow for file-sharing functions, e.g. AIM, MSN messenger, are at risk of being used to install these nefarious infections, as it may ensure the hacker has remote control over the computer in question.

Trojan.Renos is designed to open up large security exploits through which hundreds of malicious adware and spyware will be able to infiltrate a system. In addition, Trojan.Renos opens a backdoor that allows the remote attacker to get full control over the infected computer. 

This in turn leads to the hacker having full access to the user’s financial or banking information stored on the computer. Obviously this puts the user’s personal information in severe jeopardy and represents a serious security risk. 

Trojan.Renos is particularly damaging to a computer system, once it has fully embedded itself within the PC’s system, therefore it is given a high priority security risk status by many computer analysts.

So, how would you know whether your system has been infiltrated by this dubious infection, or not? 

Well, there are a few symptoms one can look out for:
1. Slow computer performance: 
It only takes one PC parasite to slow down a PC’s performance drastically. Check for infections if your system takes longer than usual to reboot, or if your internet connection is slower than usual.

2. New desktop shortcuts or different homepage:
This type of infection is highly capable of adding desktop short-cuts to the infected system, as well as redirecting the users’ browser to display a different homepage.

The best way to deal with the threat of Trojan.Renos is to simply remove it from the affected PC system.

Although manual removal may be the best way to delete this parasite, and all its affiliates, the manual removal process is rather complicated and cumbersome, and should not be attempted by a computer novice, as one needs to be able to navigate their way around the registry files of the infected system, therefore, I would recommend that in order to avoid any unneeded risks of damage to your computer system, it is highly recommended to make use of a reliable and legitimate anti-spyware application, so as to remove Trojan.Renos and all its components from the infected computer system.


1. Download the following cleanup and virus removal tools to your harddisk:


2. Reboot the computer in Safe Mode ( Windows XP / Windows Vista )

3. Use SmitRem:

- Double click the downloaded smitRem.exe to extract the contents to a folder of it’s own
- Open the SmitRem folder and double-click RunThis.bat to start the SmitRem removal procedure
- Besides removing particular files that it looks for, the tool also runs the Disk Cleanup tool to remove temporary files on the harddisk that may contain problem files

4. Use SmitFraudFix:

- Double-click SmitfraudFix.exe
- Select 2 and press Enter to clean your system by deleting infected files
- When prompted: Do you want to clean the registry ? Answer Y (yes) and press Enter to remove the hijacked Desktop background and clean the registry keys associated to the infection
SmitFraudFix will then check if wininet.dll is infected.
- You may be prompted to replace the infected file: Replace infected file? Answer Y (yes) and press Enter to restore a clean copy of the file
- You may have to restart your computer in order to finish the spyware removal process.
- You can find a report on spyware removal at the root of the system drive. Usually it will be located at C:\rapport.txt

5. Use RogueRemover:

- Double-click on rr-free-setup.exe to install in C:\Program Files\RogueRemover
- Navigate to that folder and double click the file named RogueRemover.exe or use the icon that was created on your desktop
- Once the program runs, select Check for Updates
- If prompted again, click Download to receive the latest updates
- When completed, close the update window
- Finally, select Scan and the program will walk you through the remaining steps

6. Use CCleaner:

- While still in Safe Mode, install and run CCleaner
- Use Analyze and Run Cleaner to search for possible problems
- Run Registry > Scan for Issues procedure
- Then click on the Fix selected Issues button to solve the problems detected in the registry entries and create a registry backup
7. Restart the computer in Normal Mode


Post a Comment

Related Posts Plugin for WordPress, Blogger...

Subscribe via email

Enter your email address:

Delivered by FeedBurner

Total Pageviews

Twitter Delicious Facebook Digg Stumbleupon Favorites More