Win32/Bamital.X

Posted: August 24, 2010

Win32/Bamital.X is a malicious Trojan that uses rootkit techniques. Once inside a machine, Win32/Bamital.X will redirect a victim's online search engine results to websites that harbor adware. The list of websites that Win32/Bamital.X redirects victims' browsers to is continuously update by a remote hacker. Win32/Bamital.X is a computer threat that can be detected and removed with a reliable anti-spyware application.

File System Modifications

The following files were created in the system:

# File Name

1 %system%\info.tmp

2 %system%\kbdsock.dll

3 %system%\mshlps.dll

#	File Name
1	%system%\info.tmp
2	%system%\kbdsock.dll
3	%system%\mshlps.dll

Registry Modifications

The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\HKEY..\..\..\..{RegistryKeys}"AppSecDll" = "%system%\mshlps.dll""LoadAppInit_DLLs" = 1Session Manager\AppCertDlls]Windows][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\

One Comment

Grisel Iavarone says:

February 15, 2012 at 5:32 pm

I need a pro scan removal. I'm still able to get on the internet but the little signs that pop up are annoying

Win32/Bamital.X

File System Modifications

Registry Modifications

One Comment

Leave a Reply