|
Mar
06
|
Threat Description:
Trojan-BNK.Win32.Keylogger.gen is a purported computer parasite that appears on fake Firewall Alerts generated by XP Internet Security 2010 rogue anti-spyware or other random scareware program originating from the same family. The pop-ups mentioning the mysterious trojan in question appear when an infected PC’s owner tries to open Internet Explorer to surf the web. This alert states that IE is infected with Trojan-BNK.Win32.Keylogger.gen which can cause personal data theft by third parties. So if you are receiving similar ads and found our site when looking up for some info about Trojan-BNK.Win32.Keylogger.gen, your actual computer problem is fake anti-spyware which is attempting to trick and brainwash you. Regardless of which option you click on that phony Firewall Alert (i.e. either ‘Yes’ or ‘No, Continue unprotected’), the malware will actually let you open your browser but unfortunately you won’t be able go visit any sites because IE will appear to be hijacked and will only direct you to fraudulent payment sites pushing XP Internet Security 2010 licensed version. Does it look like a closed redirect loop to you? Well, it’s not if you take immediate measures to remove the malicious components residing inside your system (more details can be found below).
Determine if your system is infected with Trojan-BNK.Win32.Keylogger.gen and related threats:
Download Trojan-BNK.Win32.Keylogger.gen Free Scanner with Remover
Trojan-BNK.Win32.Keylogger.gen Related Fake Alert Screenshot:
How to remove this threat manually:
Trojan-BNK.Win32.Keylogger.gen and associated malware manual uninstall procedure:
Get rid of the related corrupt files:
- %Documents and Settings%\[UserName]\Application Data\av.exe
- %Documents and Settings%\[UserName]\Application Data\WRblt8464P
Delete the associated registry entries:
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
- HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
- HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
- HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
- HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “av.exe” /START “firefox.exe”
- HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “av.exe” /START “firefox.exe” -safe-mode
- HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “av.exe” /START “iexplore.exe”
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1″
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1″
Please note that Trojan-BNK.Win32.Keylogger.gen and affiliated rogueware manual removal is a procedure of high complexity and should be performed with extreme caution. Lack of the required skills and even the slightest deviation from the instructions may cause irreparable system damage. To ensure trouble-free deletion, it is recommended to use the automatic removal tool below:
 |
Download Trojan-BNK.Win32.Keylogger.gen Removal Tool |  |
July 1st, 2011 at 7:22 pm
I am fed up of Xp antivirus firewall 2012 alerts, it interrupts me while using computer i followed number of instructions but in vain, i downloaded many antivirus but nothing changed , i don’t know what should i do to get rid of this.
December 28th, 2011 at 8:48 pm
Thank you very much
December 30th, 2011 at 1:30 am
I was pissed for about 30 minutes before my computer froze. I hit ctrl alt del, close program: Vista Security 2012. No problems so far. Not sure the ‘Trojan” is gone however.