Sunday, November 30, 2008

PSW.Bancos Trojan

Removing PSW.Bancos
Categories: Trojan,Spyware,Backdoor,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.
PSW.Bancos Also known as:

[Panda]Trj/Uploader.A,Trojan Horse,Bck/Bancodor.M,Trj/Bancos.O;
[Computer Associates]Win32.PSW.Bancos.K,Win32/Bancos.2027520!PWS!Trojan,Win32/Bancos.Variant!PWS!Trojan,Win32.PSW.Bancos.DY,Win32/Bancos!PWS!Trojan
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\a.exe
[%SYSTEM%]\bridge.dll
[%SYSTEM%]\jao.dll
[%SYSTEM%]\a.exe
[%SYSTEM%]\bridge.dll
[%SYSTEM%]\jao.dll

How to detect PSW.Bancos:

Files:
[%SYSTEM%]\a.exe
[%SYSTEM%]\bridge.dll
[%SYSTEM%]\jao.dll
[%SYSTEM%]\a.exe
[%SYSTEM%]\bridge.dll
[%SYSTEM%]\jao.dll

Registry Keys:
HKEY_CLASSES_ROOT\bridge.brdg
HKEY_CLASSES_ROOT\bridge.brdg.1
HKEY_CLASSES_ROOT\CLSID\{80bb7465-a638-43b5-9827-8e8fe38dfcc1}
HKEY_CLASSES_ROOT\clsid\{9c691a33-7dda-4c2f-be4c-c176083f35cf}
HKEY_CLASSES_ROOT\interface\{4fdbdbad-fefe-4c4c-9cc1-1181052afb12}
HKEY_CLASSES_ROOT\jao.jao
HKEY_CLASSES_ROOT\typelib\{c094876d-1b0e-46fa-b6a6-7ffc0f970c27}
HKEY_CLASSES_ROOT\typelib\{ddaf2479-6f00-4599-998a-3ed75686c6d0}
HKEY_LOCAL_MACHINE\software\classes\clsid\{9c691a33-7dda-4c2f-be4c-c176083f35cf}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bridge

Removing PSW.Bancos:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Packus Trojan Symptoms
Remove SpyKeylogger Spyware
NS.Keylogger Spyware Symptoms
Carobunion Downloader Cleaner

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)