Renos.65 removal tips

The Renos.65 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Renos.65 virus can do?

Unconventionial language used in binary resources: Russian
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Renos.65?


File Info:
name: EDD70C9E2D5933FCF8DA.mlw
path: /opt/CAPEv2/storage/binaries/12a53552c4962fe1ce79bb635ceb8872bc6925e12c2b0c0d551eb13893775de6
crc32: 013FF5B5
md5: edd70c9e2d5933fcf8da5d43a9560743
sha1: 6f86bdccd552cce33391ad55022741db94aa7311
sha256: 12a53552c4962fe1ce79bb635ceb8872bc6925e12c2b0c0d551eb13893775de6
sha512: a953d5913d95d00853feace14a2dff600c01dd9864ef3e601215aa0ec6f210aba2df87781fa3993ec8d5e8f0a9d34fad5d8e894ff01e864869143e16ce79ccb9
ssdeep: 6144:es+2q5ipJ9yDrOwwqFJjydv2+c7/cvIjf83:V9cvFpUXyjf8
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D0141236C2825DDDC48F0335F8F61795E6A2404E5E895FB12A4F9A793E3263B0C9B46C
sha3_384: 8574373433d97a2cd0aee7a82aeeb54f5c1a813757b1f40028b9048c2f6398a3974c829a9d0500597d4dcfc6c9eb282f
ep_bytes: 830504104300010f822f0300003a6c24
timestamp: 1992-06-19 22:22:17

Version Info:
0: [No Data]

Renos.65 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.CodecPack.lrku
MicroWorld-eScan	Gen:Variant.Renos.65
CAT-QuickHeal	Trojan.Renos.PG
ALYac	Gen:Variant.Renos.65
Cylance	unsafe
Zillya	Trojan.FakeAlert.Win32.152
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
Alibaba	Malware:Win32/km_224d.None
K7GW	Trojan-Downloader ( 00212cdf1 )
K7AntiVirus	Trojan-Downloader ( 00212cdf1 )
Cyren	W32/FakeAlert.LJ.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/TrojanDownloader.FakeAlert.BIO
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Renos.65
NANO-Antivirus	Trojan.Win32.CodecPack.dgbfaz
Avast	Win32:CodecPack-R [Trj]
Tencent	Win32.Trojan.Generic.Ijgl
Emsisoft	Gen:Variant.Renos.65 (B)
F-Secure	Trojan-Downloader:W32/Renos.GTZ
DrWeb	Trojan.DownLoader21.35577
VIPRE	Gen:Variant.Renos.65
TrendMicro	TROJ_JORIK.SME2
McAfee-GW-Edition	BehavesLike.Win32.Generic.cm
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.edd70c9e2d5933fc
Sophos	ML/PE-A
Ikarus	Trojan-Downloader.Win32.CodecPack
Jiangmin	TrojanDownloader.CodecPack.cgs
Avira	TR/Dldr.Renos.LX.649
Antiy-AVL	Trojan[Downloader]/Win32.CodecPack.sjt
Microsoft	TrojanDownloader:Win32/Renos.LX
Xcitium	TrojWare.Win32.Renos.CJJ@4p151q
Arcabit	Trojan.Renos.65
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Gen:Variant.Renos.65
Google	Detected
AhnLab-V3	Trojan/Win32.Renos.R2040
McAfee	Artemis!EDD70C9E2D59
MAX	malware (ai score=100)
VBA32	BScope.TrojanDownloader.CodecPack
Malwarebytes	Malware.Heuristic.1006
Panda	Trj/Renos.gen
TrendMicro-HouseCall	TROJ_JORIK.SME2
Rising	Malware.Undefined!8.C (TFE:2:DOA8elaxaDC)
Yandex	Trojan.Agent!orEGZF89ceY
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.CodecPack.Gen
Fortinet	W32/Codecpack.GB!tr
BitDefenderTheta	AI:Packer.5C0AA56721
AVG	Win32:CodecPack-R [Trj]
Cybereason	malicious.cd552c
DeepInstinct	MALICIOUS

How to remove Renos.65?

Renos.65 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X