TrojanSpy:Win32/Banker.OT!inf

Detected by Microsoft Defender Antivirus

Aliases: Trojan.Autorun.AHP (BitDefender) INF/Bancos.JUQ (CA) INF/Autorun.gen (ESET) Trojan.Autorun (Ikarus) Generic!atr (McAfee) Text/AutoRun.I (Norman) Mal/AutoInf-A (Sophos) Mal_Otorun2 (Trend Micro) INF.Autorun.Gen (VirusBuster)

Summary

TrojanSpy:Win32/Banker.OT!inf is an autorun configuration file that runs a copy of the trojan TrojanSpy:Win32/Banker.OT. Win32/Banker.OT redirects user Web browsing away from certain online banking sites.

Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, see http://www.microsoft.com/protect/computer/viruses/vista.mspx.

Win32/Banker variants attempt to steal sensitive and confidential information from affecters users in order to perpetrate fraud. If you believe that your personal financial information may have been compromised, please refer to the following advisory for additional advice:

What to do if you are a victim of fraud

TrojanSpy:Win32/Banker.OT!inf

Summary

What to do now

Technical information

Threat behavior

Installation

Additional Information

Prevention

Symptoms

System Changes