just a regular day

Trojan-BNK.win32.keylogger.gen

by admin

I got a stupid Malware on my computer. I have been pretty busy and didn’t want to deal with the issue so I thought I would take my laptop down to Staples to have them fix it. They wanted $130 just to look at it and do a virus removal…eff that I said. I’ll do this shit myself.

this particular Trojans adds a malware on your computer that pops up urgent security messages telling you your computer is infected and you need to download Vista antivirus 2010 to fix the problem and then asks you to enter you Credit Card information to pay. I’m no dummy so I knew this was a BS.
I didn’t pay Staples to fix my computer, rather I sat at my desk for 3 hours and did research which I will share with y’all now.
The best website with instructions for manual registry removal is:

http://www.2-spyware.com/remove-trojanbnk-win32-keylogger-gen.html

these are the bastards you need to remove from the registry

Delete registry values:
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “av.exe” /START “firefox.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “av.exe” /START “firefox.exe” -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “av.exe” /START “iexplore.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1?

and just incase you happen to fuck up and delete the wrong thing and you can’t open your registry (hheeh uhhhh yeah i did this) here’s a helpful tool Assuming your operating system is Vista, try this fix: exefix

Save the .zip file to your desktop. Unzip the fix and extract the .reg file to the Desktop. Right-click the .reg file and choose Merge. Note that you need to be an administrator to apply this fix.

so yeah that’s it…hope you don’t get it but if you do hope this helps.

oh and I have many stories to tell so stay posted!!!