Published May 26, 2011 | Updated Aug 22, 2017

Win32/Bamital

Severe |Detected with Windows Defender Antivirus

Aliases: No associated aliases

Summary

Win32/Bamital is a family of malware that intercepts web browser traffic and prevents access to certain security-related websites by modifying the Hosts file. Bamital variants may also modify certain legitimate Windows files in order to execute their payload.

In the wild, the Bamital family has been used to perpetrate click-fraud.

To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:

For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.

This malware creates entries in the Hosts file to prevent access to certain websites. To recreate a clean Hosts file, please refer to the following article:

Follow us