Jump to content


Photo

What's A "gen:variant.renos.2" Virus?


  • Please log in to reply
3 replies to this topic

#1 LGaspan

LGaspan

    Newbie

  • Members
  • 1 posts

Posted 30 July 2010 - 08:27 PM

Hi, my laptop recently got infected with a virus named Gen:Variant.Renos.2 and my bitdefender keeps on reporting it has blocked several viruses and cleaned the PC, yet when I close the report/alert window, the same pop up window telling the same thing keeps on popping back up.

I am not a computer whiz, but I would like to know more on the effects of this certain virus and how can I totally eliminate it, how does a PC get it and from where and how to avoid it.

Since my antivirus reported this case, my email account has been doing a lot of weird things such as sending unidentified links to everyone on my contacts list. I was wondering if this is somehow related to the same virus.

this is a sample of what is listed on the alert window that keeps on popping up:

Virus name: Gen:Variant.Renos.2
MsMpeng
Location:C:/Windows/Temp/tmp00005b0e/tmp0000775a

there are several of these with varying last digits, and it keeps on counting.

Please let me know what actions should be undertaken.

Thank you.

#2 Catalin Salgau

Catalin Salgau

    Virus Researcher

  • Bitdefender Labs
  • PipPipPip
  • 700 posts
  • Gender:Male
  • Location:Iasi, Romania

Posted 30 July 2010 - 11:06 PM

As you may notice from the Gen: in the detection name, this detection is not signature based.
According to the information provided, it appears that you have both BitDefender and Microsoft Security Essentials. As a rule of thumb, two antivirus products on a single system is not a good idea for several reasons. In this situation I am inclined to thing this may be a false positive on our part due to the way the Microsoft product works, but I may be wrong.
To help debug this issue, please switch BitDefender's primary action to Move to Quarantine and run trough all the infection notifications. When no more appear, quickly disable the shield, save the files that were just quarantined to a folder on your drive and put them in a password protected archive(use the password "infected") and reenable the shield.
Follow the instructions under KB490 to obtain a set of logs and submit them along with this archive, a description of the problem and a link to this this topic according to the instructions in the mentioned article.
Hope this helps.

#3 ONT

ONT

    Guru Poster

  • Banned
  • PipPipPipPipPipPip
  • 2,223 posts
  • Gender:Male

Posted 31 July 2010 - 06:45 AM

Hi Catalin

As you said in your post that the "Gen: in the detection name" is not signature based, since Bitdefender has Triple Defense System which includes


1. Traditional (Signature based Detection)

2. Proactive (Heuristics in Virtual Environment B-HAVE)

3. Continuous (Active virus Control)


So I want to know how does Bitdefender detected it as malicious and give a name to it if it not signature based?


Since I was unable to edit my previous post so I add post.






#4 Catalin Salgau

Catalin Salgau

    Virus Researcher

  • Bitdefender Labs
  • PipPipPip
  • 700 posts
  • Gender:Male
  • Location:Iasi, Romania

Posted 31 July 2010 - 07:32 AM

This is best categorized under proactive, but is not strictly related to B-HAVE. Though I do not see the relevancy to the problem at hand.




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users