Hello
I have AVG 7.5, Lavasoft Ad-Aware SE personal and just recently installed Windows Defender. they all do a great job of identifying Win32/Renos and apparently delete it or "heal" it However every time i switch off computer and turn it on again the file or virus is found again and sure enough the fake windows pop-up appears telling me my computer is infected.
It is not the end of the world as windows defender just finds it again next time i boot up, i delete it and the warning goes away but it's beginning to get really really irritating.
anyway of actually deleting this thing once and for all?
jshepherd007
0
Newbie Poster
Recommended Answers
Jump to PostWin32.Renos is an executable with DLL or EXE extension, located in Windows, Windows System or in a root folder of C: drive, this file can be safely deleted or renamed.
You should really follow the steps shown in this sticky Read me before posting a request for assistance
and …
All 3 Replies
rpann7
0
Newbie Poster
hello, there may be other ways, and my way may not work if you don't have Windows Vista. Maybe someone else can enlighten me, or maybe you know, but this is what my IT brother emailed me when my computer was infected and impossible to operate. My vista edition remembers the state of th computer at intervals of time, and all I have to do is restore the computer to a time before the virus was there, and it works wonders. My brother's instructions are following. He did type it fast, and it was late at night, but I think you will find it accurate, at least for vista.
TROUBLESHOOTING:
Action:Go to safe mode with command prompt
Start the computer anf start tapping F8
Go to safe mode with command prompt
Result: Done
Action:Type cd\
cd windows\system32
rstrui.exe
Restore to (Choose date before infection).
Result: Done
Resolved
jholland1964
650
Posting Expert
Team Colleague
Featured Poster
Win32.Renos is an executable with DLL or EXE extension, located in Windows, Windows System or in a root folder of C: drive, this file can be safely deleted or renamed.
You should really follow the steps shown in this sticky Read me before posting a request for assistance
and PLEASE note THIS instruction;
You will need to flush your restore points AFTER the fixing process has been completed to ensure that no malware is preserved.
The reason it is recommended doing AFTER you are certain that the computer is clean is that very few people can be absolutely certain of the date and time of infection. Plus using System Restore as a way of cleaning infection is just not recommended.
Follow all the steps given in the sticky. When you have completed the steps given then post back here with the requested logs.
salim hussain
1
Light Poster
Hello jholland1964
Viruses have tendencies to re-start on the user that
was affected; how about creating another user; like adding a 1 to your name. Don't log on this before you reclean the computer and then login the new user - you'll most probably see that the Malware/Trojan will not automatically install back.
The probable cause is that your temp files contains the dirt.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.