Windows Malicious Removal Tool + Virus detected +


There is a strange problem with the MRT. Every month with the updates, all the computers of my domain are reporting a virus, called: TrojanSpy:Win32/Bancos.gen!A. I have scanned these computers with lots of anti-virussoftware like trendmicro, symantec, microsoft ... and they found nothing.
In the logs, there is a scan error, so i think it's not a virus. (see logs in   When I scan the computer as a local administrator, there isn't a warning. When I do it as a domain administrator, the MRT program give a warning. (All my members are in the group of domain admins).

How can I solve this that every month the wizard of MRT doesn't show up with a viruswarning ? Is there a solution ?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You may be getting a signature of malware/Spyware instead of a virus. Try running Malware bytes on the system(s)

Could you please read this link:

And scroll down to the bottom of the webpage and look for the filenames that virus can have. Then look for those filenames on the infected system to see if you can see those files. If you can, then upload the file(s) on for a virus check by about 30+ virus scanners to make sure that its not a false positive.

Hope it helps.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Mohamed OsamaSenior IT ConsultantCommented:
This is a generic detection, in a quick MRT scan, we can not tell if this is a valid detection or a false positive.
try running the program manually on one of the affected machine using the below command
mrt.exe /F:Y
this should force a full scan with auto clean flag on, Please note that you need to be logged in as administrator for the tool to be able to complete the cleanup, as the cleanup could involve modifying startup items or system files.
please share the log .
you may also want to post a Hijack this log from one of the machines if the problem persists.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.