Remove Trojan-BNK.Win32.Keylogger.gen
Removal instructions

Severity scale:  
Trojan-BNK.Win32.Keylogger.gen is also known as Trojan-BNK.Win32.Keylogger.gen | Type: Adware

Trojan-BNK.Win32.Keylogger.gen is a dangerous infection, which takes an important role in the distribution of rogue anti-spyware and ransomware infections. Besides, sometimes it may be reported on fake alerts that belong to XP Internet Security 2010Internet Security 2013Win 7 Protection 2013 and similar threats. By reporting about different kinds of viruses, they typically try to scare their victims and then create a need of their removal services. These services may cost from $10 to $100 and in reality be worthless

HOW CAN I GET INFECTED WITH Trojan-BNK.Win32.Keylogger.gen?

Trojan-BNK.Win32.Keylogger.gen attacks computers via security vulnerabilities found, so you should always have anti-virus and anti-spyware installed on your computer if you want to avoid this threat. Once computer gets infected, virus downloads malicious files that belong to more serious viruses that are used to swindle the money from users. You can get infected with rogue anti-spyware or ransomware with a help of Trojan-BNK.Win32.Keylogger.gen.

Another way, how you can run into Trojan-BNK.Win32.Keylogger.gen, involves fake notifications that also belong to rogues. They typically  state that private data (passwords, credit card details, etc.) might be stolen because of this trojan. However, this warning is a total lie and Trojan-BNK.Win32.Keylogger.gen is reported only to scare you into thinking that you are dangerously infected. 

HOW TO REMOVE Trojan-BNK.Win32.Keylogger.gen?

If you are infected with Trojan-BNK.Win32.Keylogger.gen or receive the pop-up ad that reports about it, concentrate on checking your PC with updated anti-spyware. If you can't launch it, follow these steps:

1. Reboot your computer to Safe Mode with Networking. Just reboot your PC and, as soon as it starts booting up, start pressing F8 repeatedly. 
2. Loggin as the same user as you were in normal Windows mode 
3. Now click on IE or other browser and select 'Run As' or 'Run As administrator', enter your Administrator account password (if needed).
4. Enter this link to your address bar: and download a program on your desktop. Launch it to get rid of malicious processes.

Related files: av.exe

Trojan-BNK.Win32.Keylogger.gen properties:
• Connects itself to the internet
• Stays resident in background

Automatic Trojan-BNK.Win32.Keylogger.gen removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Trojan-BNK.Win32.Keylogger.gen you agree with our Privacy Policy and Agreement of Use.
Do it now!
remover for Trojan-BNK.Win32.Keylogger.gen Happiness
Compatible with Microsoft
SpyHunter is recommended remover to uninstall Trojan-BNK.Win32.Keylogger.gen. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove Trojan-BNK.Win32.Keylogger.gen using SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.

Alternate Software

We are testing STOPzilla's efficiency at removing Trojan-BNK.Win32.Keylogger.gen (2014-10-21 03:55:25)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing Trojan-BNK.Win32.Keylogger.gen (2014-10-21 03:55:25)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing Trojan-BNK.Win32.Keylogger.gen (2014-10-21 03:55:25)
Defender Pro Ultimate
We are testing Defender Pro Ultimate's efficiency at removing Trojan-BNK.Win32.Keylogger.gen (2014-10-21 03:55:25)
Virus Removal Phone Support
Help Line to remove Trojan-BNK.Win32.Keylogger.gen

Trojan-BNK.Win32.Keylogger.gen screenshot

Trojan-BNK.Win32.Keylogger.gen snapshot

Trojan-BNK.Win32.Keylogger.gen manual removal

Delete registry values:
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command ?�?(Default)?�? = ?�?av.exe?�? /START ?�?%1? %*
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command ?�?(Default)?�? = ?�?av.exe?�? /START ?�?%1? %*
HKEY_CLASSES_ROOT\.exe\shell\open\command ?�?(Default)?�? = ?�?av.exe?�? /START ?�?%1? %*
HKEY_CLASSES_ROOT\secfile\shell\open\command ?�?(Default)?�? = ?�?av.exe?�? /START ?�?%1? %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command ?�?(Default)?�? = ?�?av.exe?�? /START ?�?firefox.exe?�?
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command ?�?(Default)?�? = ?�?av.exe?�? /START ?�?firefox.exe?�? -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command ?�?(Default)?�? = ?�?av.exe?�? /START ?�?iexplore.exe?�?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ?�?AntiVirusOverride?�? = ?�?1?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ?�?FirewallOverride?�? = ?�?1?

Delete files:
Delete directories:
%Documents and Settings%\[UserName]\Application Data\

Geolocation of Trojan-BNK.Win32.Keylogger.gen

This map reveals the prevalence of Trojan-BNK.Win32.Keylogger.gen. Countries and regions that have been affected the most are: United States.

QR code for Trojan-BNK.Win32.Keylogger.gen removal instructions

Trojan-BNK.Win32.Keylogger.gen qrcode QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.
The reason we add QR code to the website is that parasites like Trojan-BNK.Win32.Keylogger.gen are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall Trojan-BNK.Win32.Keylogger.gen right in your pocket.
Simply use the QR scanner and read removal instructions from mobile device.

Information added: 2014-10-21 01:18
Information updated: 2014-10-21 01:18

Ask us discussions

Modern viruses are really hard to remove. They have random file names, random registry entries, they can immitale legal products and files. Removal instructions sometimes can't Help to remove infection manually. Please take a look at our discussion where users like you share they experience in fighting the parasite:

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Users comments about Trojan-BNK.Win32.Keylogger.gen:

if you were to delete %Documents and Settings%[UserName]Application Data then a lot of programs would no longer function. It is an essential folder, much like Program Files
I just ran across that same issue, james... I thought, you want me to delete all my info??

Let me know if you figure out how to do this
What should I do if the trojan prevents me from accessing the internet?
Spyware Doctor does NOT get rid of this!!
I have this "thing" on my netbook and I don't know how to remove it since it won't let me use PLEASE
What it what I find in the registry is different. I don't seem to find anything with av.exe” /START “%1? %*
However AI do have qcg.exe" -a "%1"%*
Can I delete that?
Hi, now Trojan-BNK.Win32.Keylogger.gen use name yiy.exe. Same location.
Thank you for information
Malwarebytes will get rid of this problem
Mine was ydb.exe, had to do the reg edits before I could run the Malbytes
Hey billy what did you edit in the ydb.exe file?
The above reg keys worked with the exception of frt.exe in place of av.exe
Found file: C:Documents and SettingsRALAZARLocal SettingsApplication DataFRT.EXE which I deleted after killing the process of the same name.

I didnt delete the folder listed above.

The MalwareBytes download didnt work when run as a Administrator.
The processfile that makes the pop-ups appear is called giy.exe. I downloaded killbox to keep it under control while I researched for more info, great little tool download on I also did a search for giy.exe and found it in the prefetch folder under windows, so that is where the giy keeps comming in. Not yet been able to track it further back and I seem unable to run Malware, not getting it to set up.
I dont know if its related but I have tried to download the link above and the download is successful but when I open the downloaded file to run the program it says application not found. This is happening with all my downloads and I cant run my antivirus, something is blocking it. Any ideas?
Thanks so much for this.
Instead of av.exe, it manifested as unm.exe on machine (XP)
I did not delete the Application Data directory.
I rebooted in Safe Mode, zapped the registry keys listed above, but
not all were present, and additional ones have been added.
In regedit I looked for all keys and values containing unm.exe and deleted them.
That worked for me. Thanks again.
I just had my run in with the keylogger parasite. After a lot of heartburn and fruitless efforts trying to run all my resources, I slept on it and this a.m. I went into control panel backup and restore and backed my computer to 3 days ago. Problem solved. I have downloaded a couple of other programs to help in the future.
Yeah, I have this problem on my main home desktop computer. However I do not quite understand what exactly I have to do to delete this dooshbag of a virus, what is it called that I have to delete. And its not a 2010 thing like yours says, it says 2011!
i would like to know who wrote this virus so i can go find them and kick the shit out of them. the people that do this think it is funny i will show them how funny it is
I have this, but its says win 7 not xp internet as Im on windows 7. When this comes up Ive clicked the x to then get to the internet page to download this but it wont let me get on to any web pages so I cannot download to get rid of this , argh help!!!
I did a system restore and it seems to have gone away.
All i did was click on one of the top links for something I had searched for on Google and BAM - it immediately shut down both browsers I had up and all hell started breaking loose - constant fake warning messages. Dont be fooled by any of them - just get rid of this thing. Its no fun thats for sure - it toys with you in various ways - hijacks your browsers - wont let you on the internet - messes with your spyware removal program etc. I spent a few hours researching and trying different things. Heres what finally worked for me - I booted up in safe Windows mode (F8 immediately at start up). I then ran Super Anti-spyware in safe mode and got rid of what it found. Malware Bytes or others are probably fine too but you have to already have 1 installed on your system - other wise good luck. Once it was removed, i was still getting some residual pop up warnings and stuff so I then I tried what I had read somewhere else and got into Backup and Restore (cant remember how I got there - sorry) and backed my computer up to 2 days before it happened. This completely got rid of the problem. I rebooted and ran Malware Bytes in regular mode and it didnt find anything so it was gone. This BNK Keylogger thing certainly proved to me that its important to have antispyware already installed before something like this happens. Both that I mentioned are free and work well. I couldnt imagine trying to install something by flash drive or whatever when the system was acting up this bad. Good Luck
More comments...

Post Comment

Attention: Use this form only if you have additional information about Trojan-BNK.Win32.Keylogger.gen parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)
Like us on Facebook
Ask us
What's your antispyware?
I failed to remove Trojan-BNK.Win32.Keylogger.gen using SpyHunter.


add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!