We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Virus:Win32/Bamital.K
Aliases: TR/Patched.Gen (Avira) W32/Bamital (McAfee) W32/Patched.AM (Panda) Troj/Patched-Y (Sophos) Virus.Win32.Bamital.e (Sunbelt Software) Trojan.Bamital.B!inf (Symantec) TROJ_KORDEEF.AA (Trend Micro)
Summary
Virus:Win32/Bamital.K is the detection for the files "explorer.exe" and "winlogon.exe" when they are infected by another member of the Win32/Bamital family.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.
Additional remediation steps for Virus:Win32/Bamital.K
Virus:Win32/Bamital.K may make lasting changes to infected files that will NOT be restored by detecting and removing this threat. To return an infected computer to its pre-infected state, files infected by Virus:Win32/Bamital.K must be restored from backup.