Troj/Bancos-DO is an internet banking Trojan for the Windows platform.
Once executed, Troj/Bancos-DO copies itself to the Windows folder with the filename setdebugnt.exe, and in order to be able to run automatically when Windows starts up sets the registry entry:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Microsoft ActiveX Debugger NT
<path of Trojan>
Troj/Bancos-DO will also create a text file in the Windows folder named ieupdate.dat. This file is not malicious and may be deleted.
Running in the background Troj/Bancos-DO monitors a user's internet access to banking websites, in an attempt to log user activity and email the stolen details to a predefined address.