Tech Tips: How to remove Trojan-BNK.Win32.Keylogger.gen

Sections: Business News, Computers, Desktops, Features, How To, Laptops, Security, Software / Applications

submit to reddit

Win 7 security trojan

Most of us has probably had to deal with a computer virus at some point in time. They are very annoying when they appear and they could prohibit you from performing the most basic functions on you PC. I recently ran across an infection called Trojan-BNK.Win32.Keylogger.gen on a relative’s computer. It was preventing them from using any web browser in addition to creating numerous alerts. If your computer has been infected with this Trojan, we’re going to help you get rid of this infection for good.

This Trojan is designed to trick computer owners into thinking their machine is infected with viruses. It pretends to be an official warning from Microsoft in order to win the confidence of those who come across it. The warnings it presents are fake and is a ruse to get you to purchase anti-virus software called XP InternetSecurity 2010 or Win 7 Security 2011 that doesn’t do anything. Any PC can acquire this Trojan even if they are using Windows 7. Whatever you do, do not purchase or download anything it suggests.

I performed the following steps to remove the Trojan. Keep in mind that this may not be a one-size-fits-all solution. Still, it won’t hurt giving this method a try. It’s safer than trying to manually remove the Trojan.

I only used two programs to eliminate the Trojan. Those programs are called RKill and Malwarebytes (Free). You may not be able to use a web browser if your computer is infected with the Trojan. If this happens, you’ll have to download these programs on a flash drive or another form of portable storage on a clean computer and transport it to the infected computer.

Trojan-BNK.Win32.Keylogger.gen can protect itself by shutting down anti-malware programs that can detect and remove it. Malwarebytes would not open while the Trojan was active. That’s where RKill comes in. RKill temporarily stops malware from running long enough for you to properly remove it. RKill does not remove malware itself, nor does it protect against it. Think of it as laying down suppressing fire while you infiltrate the Trojan’s defenses. RKill is a free program and can be found here.

Once RKill is started, you shouldn’t restart your computer because the Trojan will just boot up once again. You need to keep RKill active until the Trojan is removed.

While RKill is running, you should be able to install and open Malwarebytes. It can be found here. From there, it’s a matter of running a quick scan to detect the Trojan. Malwarebytes will remove the Trojan, ask you to restart the computer and everything will be back to normal.

Much like identity theft, anyone can fall victim to viruses and malware. The only thing you can do rather than have up to date anti-virus and malware programs running is to be wary of websites you visit. Don’t click on links from people you don’t know, don’t install programs from unfamiliar sources and try to get a good idea of what a real virus alert looks like. It’s also a good idea to keep a few offensive programs on a flash drive just in case you become infected and don’t have access to a second computer.

Print Friendly