Trojan.Trensil

Share Post

Trojan.Trensil is a member of the notorious Trojan horse group that can cause a great threat to your system.  Trojan.Trensil has been designed by hackers to create a backdoor entry to a remote PC and therefore steal user’s data.  This Trojan horse does everything so smoothly, that it’s hard to detect it manually, until it starts showing pop-up warnings continuously.

Impact of this hacking program can result in serious consequences, as it creeps into registry files and keys, and modifies them with infringed and malicious contents resulting in the inaccessibility of important registries.

Symptoms of Trojan.Trensil attack

As said earlier, this hijacker works so smoothly that its infection is not detected, even after several days.  But, if you monitor the system’s functions, it’s easier to conclude that your system is potentially infected.

  • It creates unwanted processes in the Task Manager, which results in increasing CPU’s utilization.
  • It slows down system and internet connection.
  • It is capable of disturbing internet sessions, and redirecting users to infected or illegal sites.
  • It can steal financial data present in your system, leaving your accounts vulnerable.
  • It makes way into the antivirus program and disables it along with firewall alerts.
  • Creates various types of files, folders, icons and shortcuts in different locations of the system.

How does Trojan.Trensil enter your PC?

Your system can get infected with this hijacking program through various sources, such as:

  • Malicious websites and links
  • Freeware, adware or shared downloads from unauthorized sources.
  • Infected emails.
  • Infected USB devices.

Major changes made to your system through Trojan.Trensil

The percentage of distribution and damage is medium, however, it expose your system to bigger threats through online hijacking attacks.  This Trojan horse generally targets almost all versions of the Windows operating system and uses a custom designed pdf as a carrier. As soon as it is executed, if create the following file:

  • %Temp%\000ELISEA310.TMP
  • %UserProfile%\Templates\1A0E621SV.CAB
  • %UserProfile%\Templates\wincex.dll
  • %UserProfile%\Templates\wincex.dllbk

Immediately after that, it makes changes to the following registry subkey.

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmdmPMM

Trojan creates a service as mentioned below:

  • WmdmPMM

Trojan is likely to connect to two remote locations:

  • 112.185.190.193
  • 163.30.24.5

This Trojan leaves your system completely vulnerable which allows it to:

  • Receive commands from the attacker’s remote location
  • Send information to remote locations

Removal Process of Trojan.Trensil

You can remove Trojan.Trensil through the following:

Turn off Windows “System Restore” feature of your system.  You can do this by right clicking on “My Computer” and selecting “Properties”.  From “System Restore” tab select “Turn off system restore” and click “Ok”.

Restart the system in safe mode by pressing F8 during the initial system boot up.

Delete all temporary files existing on your system by browsing the following location:

  • :\Documents and Settings\Yourusername\Local Settings\Temporary Internet Files

Run “Task Manager” by pressing “ALT+CTRL+DEL” keys and end useless programs to release the CPU’s utilization.

Find and delete any other files or folders created by Trojan.Trensil.

Clean your registry entries created by Trojan.Trensil by running “regedit.exe” command in run windows; this will open up Windows registry editor.

By following the above steps, you will be able to completely remove “Trojan.Trensil” horse from your system.  If you still experience issues, contact online Virus Removal Services like Jupiter Support, who will guide you through the removal of the virus at a low cost of only $29.

If you enjoyed this article, Get email updates from JS (It’s Free)
Trojan.Trensil
0 votes, 0.00 avg. rating (0% score)
Call Now 1 800 833 0089
This entry was posted in Tips & Tricks and tagged . Bookmark the permalink.

Leave a Reply