« SpywareLocker, SystemDefender, SpySure, more – SpyHunter Update v.6.38
Buddylist »

Hoax.Renos

No Comments
Domesticus By Domesticus in Trojans | 62 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

Hoax.Renos Description

Hoax.Renos is a trojan employed by many rogue anti-spyware applications in order to persuade the user to purchase those applications. This is usually done by generating fake security alerts and notifying the user of non-existent threats. Hoax.Renos usually uses ActiveX controls and various browser security holes in order to infect potential victim machines. This trojan is known to be very difficult to remove.

Type: Trojans

How Can You Detect Hoax.Renos?

 
 

Download SpyHunter’s Detection Scanner
to Detect Hoax.Renos.

 
 

Hoax.Renos Technical Report

As new Hoax.Renos details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following Hoax.Renos files with its MD5s were created in the system:

File Name File Size MD5
aakaafjy.dll 131072 5d2e7706260e6b3b7c3ae3e6dc6b369e
akhwjhpi.exe 77824 8d2d474f887e617238ab0ef30f7d0743
akjsfmea.dll 73728 1a580f5d4369277c1db23a9d52c4e3cb
autorun.exe 12288 8c194d5a3a785c6a1e1d3d810e2a3d1b
axuilelx.exe 77824 f99db1c2b5126d347066cf5ba1d9bfff
kxfcedlq.dll 86016 3b6330ba64de6dcab23e1cf936f0222f
anr10041.exe 16896 fd36b4139f13e6cc5c8e81b6b4df8ff3
Tempwn10041.exe 16896 fd36b4139f13e6cc5c8e81b6b4df8ff3
us10041[1].exe 16896 fd36b4139f13e6cc5c8e81b6b4df8ff3
autorun.exe 10240 a4e7ff8876b6d5dea5f9c5576d857354
Templx10041.exe 10240 a4e7ff8876b6d5dea5f9c5576d857354
vs10041[1].exe 10240 a4e7ff8876b6d5dea5f9c5576d857354
findfast.exe 10240 a4e7ff8876b6d5dea5f9c5576d857354
shell.exe 10240 a4e7ff8876b6d5dea5f9c5576d857354
printer.exe 10240 a4e7ff8876b6d5dea5f9c5576d857354
spoolvs.exe 10240 a4e7ff8876b6d5dea5f9c5576d857354
spoolvs.exe 9728 70bec45867c8c26154aab921d40fd112
autorun.exe 9728 84e8d514487562dcc6b36a8e551b2d19
Templx10049.exe 9728 84e8d514487562dcc6b36a8e551b2d19
vs10049[1].exe 9728 84e8d514487562dcc6b36a8e551b2d19
findfast.exe 9728 84e8d514487562dcc6b36a8e551b2d19
shell.exe 9728 84e8d514487562dcc6b36a8e551b2d19
printer.exe 9728 84e8d514487562dcc6b36a8e551b2d19
spoolvs.exe 9728 84e8d514487562dcc6b36a8e551b2d19
printer.exe 9728 9c27e97beb9471986cdac0588d64e03a
rtmipr.dll 13312 5590b0d943592f7046664f86cbbbe369
tempo-139421.tmp 118276 46cd680d6d08b4369164fcd6ff1ab20d

Hoax.Renos has typically the following processes in memory:

  • printer.exe
  • spoolvs.exe

Hoax.Renos creates the following registry entries:

  • e89fa8e9-5c0b-45f6-a70e-f7b177bcd193
  • Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\e89fa8e9-5c0b-45f6-a70e-f7b177bcd193

Important Article Disclaimer

ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 09/29/07 and is filed under Trojans. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs


Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.