Category:  Riskware

Type:  Rogue AntispywareHoax

Platform:  W32

Aliases:  not-virus:Hoax.Win32.Renos


Renos is a software that shows fake security warnings that are quite annoying. The aim of this software is to trick a computer user to download third-party cleaning utilities, usually anti-spyware scanners.


Manual Disinfection

F-Secure Anti-Virus may not be able to remove files, identified as Renos hoax automatically. So a user's action may be required to select proper disinfection action.

If a file, detected as not-virus:Hoax.Win32.Renos is an executable with DLL or EXE extension, located in Windows, Windows System or in a root folder of C: drive, this file can be safely deleted or renamed. Here are the instructions on how to remove infected files that F-Secure Anti-Virus does not clean automatically:

Generic malware disinfection instructions can be found here:

Knowledge Base

Find the latest advice in our Community Knowledge Base.

About the product

See the manual for your F-Secure product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details

Typically when a Renos' executable file is run, it drops a DLL file into Windows System folder and registers it as a system component. The DLL is the main Renos component. It shows a blinking icon in System Tray and periodically (actually quite often to be annoying) shows a fake security warning:

When a user clicks on this alert, his web browser is redirected to a website that offers a cleaning utility (usually anti-adware) for download.

Renos executable file is usually dropped from certain websites that a computer user browses.

Description Created: 2006-01-16 14:02:24.0

Description Last Modified: 2006-06-02 17:05:54.0

Description Details: Alexey Podrezov, January 16, 2006
Technical Details: Alexey Podrezov, January 16, 2006Description Last Modified: Sean Sullivan, September 22, 2006; Sean Sullivan, November 8, 2006