Troj/Bancos-BS is a password stealing Trojan for the Windows platform that targets customers of Brazilian banks.
Once executed Troj/Bancos-BS displays a fake error message, copies itself to the Windows system folder with the filename Systen.exe and in order to be able to run automatically when Windows starts up sets the registry entry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
reg_run
%SYSTEM%\Systen.exe
Troj/Bancos-BS monitors a user's internet access, and when certain internet banking sites are visited, the Trojan will display a fake login screen in order to trick the user into inputting their details.