Yay for Microsft Security Essentials!! (And a question)

Steven · **Posted:** January 5th, 2010, 10:56 pm

Dodged a bullet right there.

So I was browsing The Pirate Bay torrent and the page froze unexpectedly (I didn't download it, just looked at it's page). My PC is old and slow, and it's done this before, so I thought it was nothing. Then all of the sudden, the little Micosoft Security Essentials toolbar icon turns red, and has a popup saying something about malicious files or something.

Being me, I freaked the hell out.

I immediately dropped my fork I was using to eat and disconnected my ethernet cable, preventing my PC to access the internet (which prevents the malicious content to continue sending information to it's creator, correct?). I close everything down except for MSE, and then I look at exactly what I was dealing with, here. Turns out it was a "Win32.TrojanDownloader.Reno" and so I completely DELETED THE ****. After it was all over, I issued a virus scan, and then inserted my ethernet cable again.

The weird thing is, why did I get a Trojan Downloader from The Pirate Bay if I haven't ever before? The Pirate bay is my one and only torrent downloading site. It's never done this before.

Thank god I have MSE, had I had AVG Free right now I'd have my PC infested with trojans, probably.

Anyone know why this happened? I didn't issue a download or anything; it just popped up as a warning from MSE. Also, what the hell is a Reno?

Edit: It was a Renos.gen!BC, Wtf is a Renos.gen!BC?

Adbot · **Posted:** January 5th, 2010, 10:56 pm

Jason · **Posted:** January 5th, 2010, 11:02 pm

Sounds good, this makes me happier that I decided to download it as my Anti-Virus.

Pfkninenines · Global Moderator 12/4/08

It was likely from an ad, though without being on your computer I can't say that for certain. TPB doesn't purposely embed malicious content into it's webpages, so I'm guessing it wasn't something intentional. If MSE was doing a routine scan, it could have picked up something new, though I would tend to agree that it happened while you were browsing online.

It's also possible that whatever it was wasn't actually malicious, and you got a false positive. At any rate, I'm glad MSE is working out well for you

Bonsai99 · **Posted:** January 6th, 2010, 7:44 pm

I find that more and more sites are starting to have malicious ads on them, good idea to have antivirus nowadays.

CreepyPirate · **Posted:** January 7th, 2010, 12:58 am

http://www.threatexpert.com/files/lphc35dj0erc1.exe.html

the link wrote:

The following threats are known to be associated with the file "lphc35dj0erc1.exe":
TrojanDownloader:Win32/Renos.gen!BC [Microsoft]

Might want to have a quick search for iphc35dj0erc1.exe just to make sure it's not floating about on your computer.

Quote:

lphc35dj0erc1.exe is a malware that may attach itself into running system processes and install further pests onto your compromised machine. lphc35dj0erc1.exe may slash the system security and automatically launch its files on to the system. lphc35dj0erc1.exe my compromise your privacy and slash computer security.

There you go. At a guess it's that causing the problem and it's putting this junk on your computer. I'd get rid of it quickly.

Aquw VettelS 776 · **Posted:** January 7th, 2010, 2:27 am

Steven wrote:

I immediately dropped my fork I was using to eat and disconnected my ethernet cable, preventing my PC to access the internet (which prevents the malicious content to continue sending information to it's creator, correct?).

Correct.

As Paul said, TPB does not serve up malicious software on its website (to my knowledge). However the trojan could have been triggered by going to TPB. All in all, it really doesn't sound lkike it was your fault for doing anything wrong.

More info here: http://www.microsoft.com/security/porta ... r:Win32/Renos.gen!BG

Adbot · **Posted:** January 7th, 2010, 2:27 am

trekkie · **Posted:** January 10th, 2010, 1:35 am

might have been an ad.

hell a few years back i got a virus from coming in. when rsbandb had a lot of pop up ads one popped up and next thing i know my computer says i had a virus.

on another note, a month ago a classmate wanted to grab something from my computer, i took his stick and suddenly i see a trojan. that was interesting

Jamie · **Posted:** January 12th, 2010, 7:17 am

I got this same virus on two computers in my home recently. I had to reformat one computer and the other I managed to remove the file after running a few virus scans. I'm guessing it was attached to adverts on random sites I went to. It gets pretty bad if you don't delete it though, so smooth move on your part. You just have to be careful and make sure you have a good antivirus software installed.

Killjoy · **Posted:** January 12th, 2010, 2:15 pm

I also got a virus from pb once without downloading anything... That's one of the reasons I stick with isohumt.com nowadays. Make sure you have an ad blocker on that site though... The ads can get sort of ummmm.... Revealing.