We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Trojan:Win32/VB.RF
Detected by Microsoft Defender Antivirus
Aliases: Trojan-Banker.Win32.Banker.afib (Kaspersky) PWS-Banker!o (McAfee)
Summary
Trojan:Win32/VB.RF is a generic detection for trojans written in Visual Basic that may display certain information-stealing behavior. Depending on the sample, it may act like a trojan that steals credentials from users of online banking from the Brazilian bank Caixa. It may start every time Windows starts, download other malware, or terminate security processes (such as 'TeaTimer.exe'). It may also have spreading capabilities through removable drives or MSN Messenger.
Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, see http://www.microsoft.com/protect/computer/viruses/vista.mspx.
Follow us
