Sponsor Message:
Non Aviation Forum
My Starred Topics | Profile | New Topic | Forum Index | Help | Search 
Help Removing Trojan-BNK.Win32.Keylogger.gen  
User currently offlineMarcus From Mexico, joined Apr 2001, 1808 posts, RR: 2
Posted (3 years 7 months 2 weeks 2 days 9 hours ago) and read 3045 times:

OK so I turn on the computer this morning I get what appears to be a legit Win7 warning that my computer is infected withTrojan-BNK.Win32.Keylogger.gen, try to log in to the internet to see what this is about but it will not let me, saying that Win7 has detected my computer is infected with this and will not let me log on to the internet because my personal information (credit card bla bla bla) is at risk of being stolen.

Tried to run Windows Defender and Windows Security Esentials but these did not work, ran Malwarebytes anti-malware and it froze before finding anything.

Took another computer to check this and it appears (according to what I found online) it is not a real virus but spyware that tries to fool you in to thinking your PC is infected and you need to upgrade to another security program, bingo! it asks you to purchase with a credit card this product.

Does anyone know how can I remove this? I googled for an answer but so far I can only find insturctions on how to do this manually but since I'm not an IT guy I do not wish to start removing programs without know what I'm doing.

Can't log in to internet as this will not let me, and can't run MS security essentials either to scan my computer for viruses and spyware.

[Edited 2011-04-15 09:06:27]


Kids!....we are going to the happiest place on earth...TIJUANA! signed: Krusty the Clown
13 replies: All unread, jump to last
 
User currently offlineoly720man From United Kingdom, joined May 2004, 6840 posts, RR: 11
Reply 1, posted (3 years 7 months 2 weeks 2 days 9 hours ago) and read 3034 times:

One suggestion here with detailed instructions

http://forums.cnet.com/7723-6122_102-384274.html

You need to download various programs to a "clean" computer before using them on the compromised one.



wheat and dairy can screw up your brain
User currently offlineMarcus From Mexico, joined Apr 2001, 1808 posts, RR: 2
Reply 2, posted (3 years 7 months 2 weeks 2 days 9 hours ago) and read 3028 times:

Tried that....I have internet access now but both antivirus and antispyware are still not working.....thinking of uninstalling both and reinstalling them to see if that fixes it.


Kids!....we are going to the happiest place on earth...TIJUANA! signed: Krusty the Clown
User currently offlineALTF4 From United States of America, joined Jul 2010, 1214 posts, RR: 4
Reply 3, posted (3 years 7 months 2 weeks 2 days 5 hours ago) and read 2985 times:

Quoting Marcus (Reply 2):
Tried that....I have internet access now but both antivirus and antispyware are still not working.....thinking of uninstalling both and reinstalling them to see if that fixes it.

Won't work.

And you have a keylogger, so don't even *think* about logging on to your email on the infected computer, or typing anything even remotely close to your password(s).

Give the link below a shot. Report back on what happened. Better yet, use a clean computer to join Bleeping Computer and post there. They have hundreds of people that will help, walk you through everything from start to finish, as opposed to the two or three that might help here on A.net.

http://www.bleepingcomputer.com/forums/topic298134.html

I'm happy to help you out either way, though - up to you on which route to take.



The above post is my opinion. Don't like it? Don't read it.
User currently offlineFly2HMO From , joined Dec 1969, posts, RR:
Reply 4, posted (3 years 7 months 2 weeks 2 days 4 hours ago) and read 2966 times:

Quoting Marcus (Thread starter):

Does anyone know how can I remove this?

Been there, done that, a million times (if its the one I'm thinking at least)

Anyways...

Download Rkill. Run. Wait for it to do its thing (it may seem to freeze for a bit, dont panic)
Reboot into safe mode.
Run full scan with malwarebytes (make sure database is updated)
Problem solved.

Also, monitor the task manager (ctrl-shift-esc) and see if you find any weird programs with a generic 3 letter name and kill it. something like abc.exe or xyz.exe etc etc. That should disable it temporarily and long enough for you to download some programs to fix it in the meantime.

[Edited 2011-04-15 14:41:40]

User currently offlineMarcus From Mexico, joined Apr 2001, 1808 posts, RR: 2
Reply 5, posted (3 years 7 months 2 weeks 2 days 1 hour ago) and read 2939 times:

Donwloaded and ran Rkill, it froze like nothing happened and I left it as is for a few minutes, then I restored the system to 5 days ago, then I instaled AVG and reinstaled malwarebytes anti-malware....so far it has found nothing. AVG did not find anything either.

When malwarebytes finishes I will do the same with SUPERAntiSpyware and see.

Thank you for your help.



Kids!....we are going to the happiest place on earth...TIJUANA! signed: Krusty the Clown
User currently offlineFly2HMO From , joined Dec 1969, posts, RR:
Reply 6, posted (3 years 7 months 2 weeks 2 days 1 hour ago) and read 2932 times:

Hmm, this is a tough one then.

How good are you with computers? You could run Linux off a USB drive and scan your windows files from the linux envrionment.

Quoting Marcus (Reply 5):
then I restored the system to 5 days ago

From my experience that tends to make things worse.

Quoting Marcus (Reply 5):
AVG did not find anything either.

Try avast.I had AVG and it let many viruses through. I knowingly frequent, uhm, how to put it, very questionable websites (in terms of security) frequently, And avast has never failed me. And I've tried every major antivirus out there.

Also, are you absolutely sure it's a legit warning and not one of those self installed fake antivirus programs?


User currently offlineMaverick623 From United States of America, joined Nov 2006, 5716 posts, RR: 6
Reply 7, posted (3 years 7 months 2 weeks 1 day 22 hours ago) and read 2893 times:

Had this happen to me about a year ago (with Vista)

Quoting Marcus (Thread starter):
OK so I turn on the computer this morning I get what appears to be a legit Win7 warning that my computer is infected withTrojan-BNK.Win32.Keylogger.gen

It's not a legit warning from Windows, though you do have a trojan or two running amok. And by two I mean probably a dozen or so.

Quoting Marcus (Thread starter):
ran Malwarebytes anti-malware and it froze before finding anything.

Run it in safe mode, then run it in normal mode, then safe mode again. It will take several passes to clear up.

Quoting Marcus (Reply 5):
then I restored the system to 5 days ago

System restores do not remove any files or programs, so they are useless for getting rid of viruses and trojans.

Quoting Marcus (Reply 5):
reinstaled malwarebytes anti-malware....so far it has found nothing.

Make sure you have the latest definitions. Try running it as an administrator also.



"PHX is Phoenix, PDX is the other city" -777Way
User currently offlineMarcus From Mexico, joined Apr 2001, 1808 posts, RR: 2
Reply 8, posted (3 years 7 months 1 week 6 days 11 hours ago) and read 2776 times:

You are correct, I googled it and it appears is not a real problem but a trojan designed to scare you in to thinking you have a very serious problem with your system.

When it prevents you from accessing the internet (IE and Firefox) it recommends you buy an upgraded antivirus program, it then takes you to one of those "put all your personal and credit card information in this page so you can clean your computer with what we are selling"; I did not fall for it but I must say that it looks really really legit.

Ran MS security essentials, AVG, Avast, Malwarebytes anti-malware, SUPERAnti spyware, ESET and TFC; SUPERA and Avast did find things that other programs missed.

Computer seems to be OK now, but I think it is a bit slower that before.....



Kids!....we are going to the happiest place on earth...TIJUANA! signed: Krusty the Clown
User currently offlinenighthawk From UK - Scotland, joined Sep 2001, 5178 posts, RR: 33
Reply 9, posted (3 years 7 months 1 week 6 days 10 hours ago) and read 2754 times:

Quoting Fly2HMO (Reply 6):

From my experience that tends to make things worse.

I have found it completely removes the infection.

Quoting Maverick623 (Reply 7):
System restores do not remove any files or programs, so they are useless for getting rid of viruses and trojans.

System Restore restores your system folders and registry back to the way they were at the selected point, thereby removing any new files/entries that were added. this is where most viruses hide, and therefore a system restore will remove them.

I have done this on two seperate PCs that had similar infections, and it worked both times. Just make sure you go back to a point before you got infected, but most viruses tend to spring up straight away, so going back just a day or two should be enough.



That'll teach you
User currently offlinewardialer From United States of America, joined Sep 2001, 1183 posts, RR: 0
Reply 10, posted (3 years 7 months 1 week 6 days 8 hours ago) and read 2734 times:

Just reformat your drives and reinstall the Operating System from a known good source.
Backup first only your personal stuff or data.

Theres noting one can do to fix a massive infection. You will just run into more added problema while cleaning the infection.

Trust me, I know it will take you almost all day to reinstall, but most PC securtiy experts would aggree on this.

Most modern Trojans or virsuses nowadays dig deep into your system so its very very impossible to clean the PC 100% free.....

Good Luck.


User currently offlineAloha717200 From United States of America, joined Aug 2003, 4521 posts, RR: 15
Reply 11, posted (3 years 7 months 1 week 6 days 8 hours ago) and read 2729 times:

Quoting wardialer (Reply 10):
Just reformat your drives and reinstall the Operating System from a known good source.
Backup first only your personal stuff or data.

That should be your absolutely last resort.

I run Avast and Malwarebytes and I do relatively well that way. But what I've learned over the years is to store my files externally. I barely have anything on the internal hard drive, everything important to me is kept on the external in the event that a reformat becomes necessary.


User currently offlinewardialer From United States of America, joined Sep 2001, 1183 posts, RR: 0
Reply 12, posted (3 years 7 months 1 week 5 days 21 hours ago) and read 2682 times:

Yes I know, but I ran into a alot of people who destroyed their PC just trying to remove a virus.
Its a huge heacache, and so is reinstalling Windows. But it pays off.

Thats why everyone should image their system incase something like this happens.


User currently offlinenighthawk From UK - Scotland, joined Sep 2001, 5178 posts, RR: 33
Reply 13, posted (3 years 7 months 1 week 5 days 18 hours ago) and read 2666 times:

Quoting wardialer (Reply 12):
Yes I know, but I ran into a alot of people who destroyed their PC just trying to remove a virus.
Its a huge heacache, and so is reinstalling Windows. But it pays off.

You cannot destroy your PC while trying to remove a virus, however you could destroy your windows install, at which point you do a reinstall anyway. Far better to attempt to clean the virus first, then do a reformat as a last resort.

Do a system restore, it has worked for me recently.



That'll teach you
Top Of Page
Forum Index

This topic is archived and can not be replied to any more.

Printer friendly format

Similar topics:More similar topics...
Help Needed For Removing Pesky Spyware posted Tue Aug 9 2005 22:21:05 by Yhmfan
Brussels Visit Ideas And Help! posted Tue Apr 12 2011 09:21:17 by flanker
Looking For Online Tutoring Help posted Tue Jan 11 2011 20:03:46 by sunking737
Help Identify This Tune posted Mon Jan 3 2011 13:24:03 by hotplane
Restaurant Help In Kona, HI posted Sat Jan 1 2011 13:48:07 by aa61hvy
IPod Nano 5th Gen Vs 6th Gen? posted Sat Dec 25 2010 10:06:54 by directorguy
Ubuntu 10.10 Help? posted Fri Dec 17 2010 04:13:45 by ajd1992
Help?! Language Barrier posted Sat Dec 11 2010 08:47:35 by usair330
Bored! Need Help! posted Sun Nov 28 2010 04:41:30 by fca767
Some Help On New York, Please! posted Thu Nov 25 2010 03:43:41 by pawsleykat