TrojanDownloader:JS/Renos
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 90 % (High) |
| Infected Computers: | 1 |
| First Seen: | September 20, 2011 |
| OS(es) Affected: | Windows |
The TrojanDownloader:JS/Renos Trojan is associated with the rogue security application Virus Remover 2009. TrojanDownloader:JS/Renos is implemented in JavaScript. TrojanDownloader:JS/Renos is designed to display a large number of fake error messages and to perpetrate the rogue security program scam on unsuspecting computer users. The TrojanDownloader:JS/Renos Trojan has also been known to download other malware infections and install them onto the infected computer system. If your computer system is displaying error messages claiming that your computer system is infected with malware and that you can download a FREE anti-virus program by clicking on a button, your computer system has become infected with the TrojanDownloader:JS/Renos Trojan or with a similar Trojan. ESG security researchers recommend removing the TrojanDownloader:JS/Renos Trojan with an up-to-date anti-malware solution, preferably in Safe Mode.
Table of Contents
Source of a TrojanDownloader:JS/Renos Trojan Infection
Unlike viruses and worms, Trojans like the TrojanDownloader:JS/Renos Trojan are not self-replicating or self-spreading. Instead, these dangerous malware threats rely on the computer user or on other malware, in order to be installed. The TrojanDownloader:JS/Renos Trojan is usually disguised and installed onto a computer system through misleading tactics. Once installed, this Trojan downloads and installs other malware, creating a chain of events that can quickly turn a computer system unusable. Some common sources of the TrojanDownloader:JS/Renos Trojan include the following:
- The TrojanDownloader:JS/Renos Trojan is often found disguised as a video codec. These fake video codecs are typical components of adult video websites or websites featuring streaming videos of the latest movies or television shows. Usually, when trying to view a video on one of these websites, the victim will receive an error message claiming that it is necessary to download and install a specific video codec or media application. If the computer user falls for the ruse and installs the codec, it will really contain an installer that will cause the victim's computer to become infected with the TrojanDownloader:JS/Renos Trojan. Because of this, ESG malware analysts recommend only downloading video codecs directly from the manufacturer.
- The TrojanDownloader:JS/Renos Trojan is also often found as an attachment for spam email or an email from a computer infected with malware. Often, these kinds of attachments are disguised with innocuous extensions (such as .pdf, .jpeg, or .txt). Because of this, ESG malware researchers advise PC users not to open unknown emails and attachments.
- Other common sources of the TrojanDownloader:JS/Renos Trojan are fake versions of popular downloads on file sharing websites or peer-to-peer networks. These will usually be compressed to prevent the victim from viewing the contents of the download, until it is too late. Once downloaded and uncompressed, the download will often contain a couple of files that are really the TrojanDownloader:JS/Renos Trojan or other malware infections.
Aliases
4 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| Microsoft | TrojanDownloader:JS/Renos |
| eTrust-Vet | HTML/FakeAlert.BHB |
| Sophos | Mal/FakeAvHm-A |
| Avast | JS:FakeWarn-D |
SpyHunter Detects & Remove TrojanDownloader:JS/Renos
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | rdr_1278613813.exe | b98b504b514ced85d63aaedaae2b48cd | 1 |
| 2. | %Temp%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe | ||
| 3. | %Temp%\[RANDOM CHARACTERS]\ | ||
| 4. | red.htm | 3693482d48fc6503ff97584fa454b46f | 0 |
| 5. | red.htm | e289ee785237ddb4063684bbc40bc936 | 0 |
| 6. | red.htm | 926268bf5d940a062988460bd9acdf48 | 0 |
| 7. | red.htm | f1d32136af8ef8387011fb580b0041e4 | 0 |
| 8. | red.htm | abca82c57b8e7f757e19e93af874af40 | 0 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.