Published Jan 19, 2011 | Updated Sep 15, 2017


Severe |Detected with Windows Defender Antivirus

Aliases: Win-Trojan/Banbra.1547264 (AhnLab) W32/MalwareF.UNMB (Command) W32/Banker.FNAP (Norman) Trojan.PWS.Banbra!QryogNqssKE (VirusBuster) Trojan horse Generic20.MDD (AVG) TR/Banker.Banbra.abvt (Avira) Trojan.AVKill.3119 (Dr.Web) Trojan-Banker.Win32.Banbra (Ikarus) Trojan-Banker.Win32.Banbra.abvt (Kaspersky) PWS-Banker.gen.b (McAfee)


TrojanSpy:Win32/Banker.RQ is a data-stealing trojan that captures user’s credentials, such as account numbers and passwords. It then relays the captured information to a remote attacker. This trojan may also masquerade as a Portuguese language version of Windows Live Messenger.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products will detect and remove this threat:
For more information on antivirus software, see
Follow us