pws.bancos.a trojan

G

Guest

A number of PCs at our site are having the MS antispyware software reporting
this. So far as I can tell, it's an obscure trojan that emulates an on-line
Brazilian bank logon page, but ASW rates it a "severe" threat level. And, it
appears that when you remove it, it disables Symantec Antivirus.
Anyone have any information on this? I can supply a screen shot of the ASW
detection screen if that would be helpful.
 
G

Guest

Bill

I have updated, numbers match "Definitions Increment Version: 160/160". I
tried reboot, re-install still getting FP. My Symantec is Program CE
9.0.3.1000, Scan eng 51.3.0.11 and def of 2/9/2006 rev 7. Is there any other
infromation you need?
 
B

Bill Sanderson

Tom - I'm sorry to report that this was a false positive in the 5805
definitions. It is corrected in definitions 5807, available as of about 3
pm today.

Uninstall and reinstall or do a repair install of Symantec Antivirus to fix
that.

Some users report that they can't do that via add/remove programs--trying
the setup program from the Symantec CD may help.
 
B

Bill Sanderson

If it is a false positive, it doesn't steal anything except the time of all
of us dealing with it.

So far, all the reports here today have been the false positive--check out
other messages for more information.

--
 
B

Bill Sanderson

That's ugly!

I've one more question:
Can you tell me whether all 4 lines below match what you see when you hit
the diagnostics button? One possibility is that the 160/160 is not a
perfect diagnostic--this set of numbers is from a user who found the FP to
go away.
------
Definitions Increment Version: 160/160
Definitions ThreatAuditThreatData: 1355029
Definitions ThreatAuditScanData: 3098970
Definitions DeterminationData: 806390
--
 
B

Bill Sanderson

Tom - if you send me email, at
(e-mail address removed)

I may be able to offer more help.

--
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

SAV Corporate Edition detected as PWS.Bancos.A Password Stealer 25
Desperate Explorer Error after using MWAS! 1
5805 & 5807 Definitions disable Symantec NAV 19
Wrong trojan detection (BoeBot.Explorer) 5
My own created exe.exe reported as a trojan 3
False Trojan detection for ATI Catalyst Panel? 6
Trojan Horse Peacomm ... morphing into a bugger 4
Microsoft AntiSpyware trojan 1

Top