Trojan.Renos.PGZ
Trojan.Renos.PGZ
Trojan.Renos.PGZ is a combination of a Trojan and fake antivirus downloader. This Trojan connects to specific websites to execute nasty files. It also modifies registry entries which in turn changes the Internet Explorer settings to lower security settings. The Trojan spreads its footprint in a system by creating unusual processes in .exe files. To lower the internet security levels, the Trojan executes the following code –
HKCUSoftwareMicrosoftWindowsCurrentVersionInternet SettingsZoneMapUNCAsIntranet ->0x00000001
It also downloads malicious files from specific websites. One of the downloaded files acts like a keylogger, capturing all the keystrokes. Other files are meant to ensure that the Trojan is executed each time the computer system boots up.