Trojan

TrojanDownloader:Win32/Renos.PC information

Malware Removal

The TrojanDownloader:Win32/Renos.PC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:Win32/Renos.PC virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Russian
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine TrojanDownloader:Win32/Renos.PC?



File Info:

name: 6490A1F17361DB746C44.mlw
path: /opt/CAPEv2/storage/binaries/8bab06cdd2a18ddd0969e09d6a8e45cfa59b14d7937f3b8ca861fb26b3bb63ec
crc32: 921DDB88
md5: 6490a1f17361db746c445f34a4204285
sha1: cbb3b756c6f9c04cb1c49b8ab84f7f0ca09be17d
sha256: 8bab06cdd2a18ddd0969e09d6a8e45cfa59b14d7937f3b8ca861fb26b3bb63ec
sha512: e5f8e37041116ec31bd38f9855b7b35b7a4c8e2389515182cf71a4ddcaed813ef1f1fc293df9363b5db1e50be14be8841e0cc60c0cc8f8737c080480bbb64c79
ssdeep: 3072:SVKtX5/5ezT5FqVUNhaV3ouMfBcLeQ0oAQhpueXOouQ:SVy5uTKVOi3ouOBcLeQ44dh
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T11A04023947F51571E23B263C223552CBA03A98F87FC712DF83D285A69C80661AD30FB6
sha3_384: 3ff6444bc84d75c40311db7d570d93948bf6af836d7b6c5445f835f1efa7f8964b4a57e241879d013fbee211096c9590
ep_bytes: 558bec50e8bf2400008b3de849051001
timestamp: 2009-02-01 15:49:10


Version Info:

Comments: 
CompanyName: ComponentOne LLC
FileDescription: DrWeb For Windows  2011
FileVersion: 5.0.572.1152
InternalName: Dr.Web for Windows 
LegalCopyright: Copyright (C) r DoctorWeb, Ltd., 1992-2011
LegalTrademarks: 
OriginalFilename: oPE PROTECTEDUhj.dll
ProductName: Dr.Web for Windows 
ProductVersion: 5.0.572.1152
Translation: 0x0419 0x04e3

TrojanDownloader:Win32/Renos.PC also known as:

BkavW32.RenosQKBU.Fam.Trojan
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Renos.79
FireEyeGeneric.mg.6490a1f17361db74
CAT-QuickHealTrojan.Renos.LX
SkyhighBehavesLike.Win32.ObfuscatedPoly.cc
ALYacGen:Variant.Renos.79
Cylanceunsafe
ZillyaTrojan.FakeAV.Win32.52644
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan-Downloader ( 00111c6c1 )
K7GWTrojan-Downloader ( 00111c6c1 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaGen:NN.ZedlaF.36802.ku8@aS9wfali
VirITTrojan.Win32.FraudPack.CPFR
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanDownloader.FakeAlert.ARF
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Trojan.FakeAV-14042
KasperskyTrojan.Win32.FraudPack.cpfr
BitDefenderGen:Variant.Renos.79
NANO-AntivirusTrojan.Win32.FraudPack.ceoqt
AvastWin32:MalOb-EM [Cryp]
TencentMalware.Win32.Gencirc.10b58b7b
EmsisoftGen:Variant.Renos.79 (B)
F-SecureTrojan.TR/Renos.ZA
DrWebTrojan.DownLoader2.20463
VIPREGen:Variant.Renos.79
TrendMicroTROJ_FAKEAV.SM1C
Trapminemalicious.high.ml.score
SophosMal/FakeAV-IZ
IkarusTrojan-Downloader.SuspectCRC
GDataGen:Variant.Renos.79
JiangminTrojan/FraudPack.ahes
WebrootW32.Trojan.Dropper
VaristW32/FakeAlert.MV.gen!Eldorado
AviraTR/Renos.ZA
Antiy-AVLTrojan/Win32.FraudPack
Kingsoftmalware.kb.a.998
XcitiumTrojWare.Win32.Kryptik.VL@2qgufe
ArcabitTrojan.Renos.79
ViRobotTrojan.Win32.A.FraudPack.175616.A
ZoneAlarmTrojan.Win32.FraudPack.cpfr
MicrosoftTrojanDownloader:Win32/Renos.PC
GoogleDetected
AhnLab-V3Trojan/Win32.FakeAV.R3323
McAfeeDownloader-CEW.ac
MAXmalware (ai score=85)
VBA32Trojan.FraudPack
MalwarebytesTrojan.Agent
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_FAKEAV.SM1C
RisingDownloader.Renos!8.1D0 (TFE:2:zgUqk17XAkD)
YandexTrojan.Codecpack.Gen.14
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.1761579.susgen
FortinetW32/Krypt.QKV!tr
AVGWin32:MalOb-EM [Cryp]
DeepInstinctMALICIOUS
alibabacloudDownloader.Win.Renos.e0cdd127

How to remove TrojanDownloader:Win32/Renos.PC?

TrojanDownloader:Win32/Renos.PC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment