Attention: We will be transitioning to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access.
500 entries found.
Displaying page 1
of 25.
Win32/Renos
The Win32/Renos family automatically downloads unwanted software such as SpySheriff, SpyAxe, SpyFalcon, SpyDawn, SpywareStrike, and other similarly named programs. These programs typically present erroneous warnings claiming the system is infected with spyware and offer to remove the alleged spyware for a fee. In some cases, the programs may also cause system instability.
Alert level:
high
Trojan:Win32/Renos.A
Trojan:Win32/Renos.A is a rogue security program that displays misleading alerts attempting to scare users into purchasing additional rogue security software.
Alert level:
severe
TrojanDownloader:Win32/Renos.IF
TrojanDownloader:Win32/Renos.IF is a trojan that displays pop-ups, dialogs and balloons in an attempt to persuade the user to download and install a fake antimalware scanner. At the time of publication, this fake scanner was detected as Trojan:Win32/FakeRemoc.
Special Note:
Reports of Rogue Antivirus programs have been more prevalent as of late. These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software. Some of these programs may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products.
Reports of Rogue Antivirus programs have been more prevalent as of late. These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software. Some of these programs may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products.
Use Microsoft Windows Defender, the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742), or another up-to-date scanning and removal tool to detect and remove these threats and other unwanted software from your computer. For more information on Microsoft security products, see http://www.microsoft.com/protect/products/computer/default.mspx.
Alert level:
severe
TrojanDownloader:Win32/Renos.IM
TrojanDownloader:Win32/Renos.IM is a trojan that connects to a remote server to download other malware. It may also act as a trojan clicker.
Alert level:
severe
TrojanDownloader:Win32/Renos.IO
TrojanDownloader:Win32/Renos.IO is a generic detection for a family of trojans that connect to certain websites in order to download other malware. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.
Note: Reports of Rogue Antivirus programs have been more prevalent as of late. These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software. Some of these programs may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products.
Alert level:
severe
TrojanDownloader:Win32/Renos.JG
TrojanDownloader:Win32/Renos.JG is a detection for a trojan that connects to certain websites in order to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.
Alert level:
severe
TrojanDownloader:Win32/Renos.gen!AS
Win32/Renos.gen!AS is a family of Trojan downloaders that display fake warning messages indicating that spyware or malware has been detected on the machine before downloading rogue security products, most notably Program:Win32/Antivirusxp. Win32/Renos.gen!AS has been distributed via spam messages.
Alert level:
severe
TrojanDownloader:Win32/Renos.JX
TrojanDownloader:Win32/Renos.JX is a generic detection for a family of trojans that connect to certain websites in order to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.
Alert level:
severe
TrojanDownloader:Win32/Renos.KA
TrojanDownloader:Win32/Renos.KA is a generic detection for a family of trojans that connect to certain websites in order to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.
Alert level:
severe
TrojanDownloader:Win32/Renos.KD
TrojanDownloader:Win32/Renos.KD is a generic detection for a family of trojans that connect to certain websites in order to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.
Alert level:
severe
TrojanDownloader:Win32/Renos.KH
TrojanDownloader:Win32/Renos.KH is a generic detection for a family of trojans that connect to certain websites in order to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.
Alert level:
severe
TrojanDownloader:Win32/Renos.KO
TrojanDownloader:Win32/Renos.KO is a generic detection for a family of trojans that connect to certain websites in order to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.
Alert level:
severe
TrojanDownloader:Win32/Renos.KV
TrojanDownloader:Win32/Renos.KV is a generic detection for a family of trojans that connect to certain websites in order to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.
Alert level:
severe
TrojanDownloader:Win32/Renos.KZ
TrojanDownloader:Win32/Renos.KZ is a trojan that connects to a certain domain to download files and commands.
Alert level:
severe
TrojanDownloader:Win32/Renos.CJ
TrojanDownloader:Win32/Renos.CJ is a variant of Win32/Renos, a family of trojan downloaders that automatically download unwanted software such as SpySheriff, SpyAxe, SpyFalcon, SpyDawn, SpywareStrike, and other similarly named programs. These programs typically present erroneous warnings claiming the system is infected with spyware and offer to remove the alleged spyware for a fee. In some cases, the programs may also cause system instability.
Alert level:
severe
TrojanDownloader:Win32/Renos.HL
Trojan:Win32/Renos.HL is an installer that connects to specified websites to download and install a fake antivirus scanner. This scanner is detected as Trojan:Win32/WinSpywareProtect.
Note 6th April 2009: We have received reports that TrojanDownloader:Win32/Renos.HL has been distributed attached to an email that masquerades as a message from Microsoft. The message reads as follows:
From: Microsoft Computer Safety Department
Subject (or similar): Microsoft Alert (Case#: wlTR6Zm)
Subject (or similar): Microsoft Alert (Case#: wlTR6Zm)
Dear Windows User,
Starting April 1st, 2009 the "Comficker" virus began infecting Microsoft customers very quickly.
Microsoft was alerted by your Internet provider that your computer is showing signs of being infected.
To prevent further infection we recommend removing the infection using an antivirus program
We are giving all effected Microsoft customers a free antispyware scan in order to remove any infections from their system.
Please visit the Microsoft Windows System Security Scanner website by clicking here to start scanning your computer.
The process takes under a minute and will prevent your information from being stolen.
We appreciate your cooperation in this matter.
Regards
Microsoft Windows Representative #10(Willa)
Windows Net Security Division
Email Ref ID: g9BK0f
Windows Net Security Division
Email Ref ID: g9BK0f
This email was not sent by Microsoft and is an attempt to use the current interest and concern over Win32/Conficker in order to persuade users to download and install arbitrary files of the attacker's choice - in this case, Trojan:Win32/Renos.HL and in turn Trojan:Win32/WinSpywareProtect.
Additional information on how to help verify the legitimacy of a Microsoft e-mail can be found here:
Alert level:
severe
TrojanDownloader:Win32/Renos.gen!BB
TrojanDownloader:Win32/Renos.gen!BB is a generic detection for a family of trojans that connect to certain websites in order to download other malware. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.
Alert level:
severe
TrojanDownloader:Win32/Renos.HY
TrojanDownloader:Win32/Renos.HY is a trojan that connects to certain websites in order to download other malware. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.
Alert level:
severe
TrojanDownloader:Win32/Renos.IA
TrojanDownloader:Win32/Renos.IA is a trojan that connects to certain websites in order to download other malware. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.
Alert level:
severe
TrojanDownloader:Win32/Renos.IZ
TrojanDownloader:Win32/Renos.IZ is a trojan that connects to certain websites in order to download other malware. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.
Alert level:
severe