How to get rid of the BankerFox.A virus?

49
Found 8th Jan 2011
Seem to have this Virus/spyware thing on my laptop, keeps on opening up windows trying to sell me anti virus software and won't allow me to open any programs other than firefox by the looks of thing.

Have searched the net and I need to run a program to clear it, but I can't run any programs as it just says they're infected. Computer won't run in safe mode, just halts then restarts after a few minutes.

If I ever lay my hands on the son of a bitch who made this virus I'm gonna rip off his head and **** down his throat.

  1. Misc
Groups
  1. Misc
49 Comments

what porn site did you get that from?

Original Poster

Can't even run Task Manager FFS!!! How ***** is Windows if it lets another program stop you from running Task Manager!

Original Poster

jackvdbuk

what porn site did you get that from?



Well, funny you should say that! It keeps on opening up a couple, but I've just been looking on different forums about xbmc and media center master. I did open up a streaming site for normal films but hadn't even clicked anything, surely just going to a domain name can't put something on your pc???

Original Poster

djfluff

Run this, it's free and works well :http://housecall.trendmicro.com/uk/



I'm sure it's awesome! But how do I run it, everything I try to run (including that) gives a windows security alert saying it's infected and can't run!!!

Can you run regedit or MSCONFIG ?


Edited by: "djfluff" 8th Jan 2011

Benjimoron

Can't even run Task Manager FFS!!! How ***** is Windows if it lets … Can't even run Task Manager FFS!!! How ***** is Windows if it lets another program stop you from running Task Manager!



or maybe its a good virus as its doing its job.

Original Poster

numptyj

or maybe its a good virus as its doing its job.



But how difficult can it be to write into an OS that nothing overides Task Manager. They can do all sorts of amazing things with computers yet not give a known system program a higher interrupt level than any other random program!!

Original Poster

djfluff

Can you run regedit or MSCONFIG ?



It would appear not! I've had some limited success in running programs by adding .scr so the computer thinks they're screensavers!!

Search for the file : vrwmufhdlta.exe and delete it.

Hmm... hard to remove if you can't run regedit..
To delete Banker.Fox.A registry keys, open the Windows Registry Editor by clicking on the Windows "Start" button and selecting "Run." Type "regedit" into the box and click "OK." Once the Registry Editor is open, search for the registry key "HKEY_LOCAL_MACHINE\Software\Banker.Fox.A." Right-click this registry key and select "Delete."

Then try to run : housecall.trendmicro.com/uk/ (might need to reboot first)

Edited by: "djfluff" 8th Jan 2011

restore computer to previous point. if that fails reinstall from partition.

Can you create a batch file that launches regedit?
create a text file called run.bat containing :

"start c:\windows\system32\regedt32.exe"
Edited by: "djfluff" 8th Jan 2011

Original Poster

Teqnophile

restore computer to previous point. if that fails reinstall from … restore computer to previous point. if that fails reinstall from partition.



Can get into system, but not system protection, just closes instantly!!!

Don't particularly want to have to back everything up and re-install everything, probably take most of a day!

Original Poster

djfluff

Can you create a batch file that launches regedit? create a text file … Can you create a batch file that launches regedit? create a text file called run.bat containing :"start regedit.exe"



Can't do notepad!

Can you run dos ??
start/run "command"

Edited by: "djfluff" 8th Jan 2011

See my virus thread here- I had one yesterday and got it sorted.
However if your not running in safe mode- Good luck getting rid- You may have to format!

hotukdeals.com/mis…e=1

BTW i dowmnlaoded combofix and it sorted it in 5 mins!

Original Poster

djfluff

Can you run dos ?? start/run "command"



Nope, just closes instantly.

Do you have another PC?

Original Poster

djfluff

Do you have another PC?



Yes lots! But I don't want to take the hdd out and muck about with all that! It's prob a diff connection too being a laptop?

Have you tried CTRL+left-Shift+ESC ?
(shortcut to process list)

You need to download malware bytes and superantispyware from filehippo.com

However you need to download them in safe mode with network on.

Run those 2 programs in safe mode and it should delete it

Original Poster

emmalampkin

BTW i dowmnlaoded combofix and it sorted it in 5 mins!



Was put off by the warnings on it, just tried it again and it won't even run like most other things!!!

Original Poster

djfluff

Have you tried CTRL+left-Shift+ESC ?(shortcut to process list)



That's task manager, and it closes itself!

If you have another PC that you could connect, you can do a few things. Like share the C drive and scan it using a virus checker on anoter PC. It is also possable to connect to the registary from another PC and remove the virul entries...
http://www.oocities.com/kilian0072002/registry/remote_reg.png

Bankerfox is a trojan, so should not infect other computers attached by network, unless you access the file.

Edited by: "djfluff" 8th Jan 2011

Original Poster

bob100

You need to download malware bytes and superantispyware from … You need to download malware bytes and superantispyware from filehippo.comHowever you need to download them in safe mode with network on.Run those 2 programs in safe mode and it should delete it



Thanks, but can't even get into safe mode, just hangs and resets! I'll try it again.

Original Poster

djfluff

If you have another PC that you could connect, you can do a few things. … If you have another PC that you could connect, you can do a few things. Like share the C drive and scan it using a virus checker on anoter PC. It is also possable to connect to the registary from another PC and remove the virul entries...



ok. Do I just use a network cable between the two?

Benjimoron

Was put off by the warnings on it, just tried it again and it won't even … Was put off by the warnings on it, just tried it again and it won't even run like most other things!!!



Yea i had that in normal mode, but i was ok in safe mode with networking and it sorted it out for me.

Benjimoron

ok. Do I just use a network cable between the two?


No you would need a hub/swtich. Most Broadband routers have multiple ports. Just plug both in ...

Though you might be faster just removing the Hard drive, plugging it into anoter PC and virus scanning it...

Good luck!

Edited by: "djfluff" 8th Jan 2011

Original Poster

allycat38

Microsoft Malicious Software Removal Tool Should get rid of it!!!!



Thanks but won't run same as everything else!!

Original Poster

Bad news, safe mode doesn't work!

Good news, safe mode with networking does work!!! Just running superantispyware at the moment and it's finding a load of stuff. Should I run the others too?

How can just going to web pages do this? What if google decided to put this on their home page, we'd all be doomed as soon as we loaded the internet!!

Secondly, how do we track down the ****** who wrote this and take his head off? Surely it's easy to track as they must be making money from the ads for sending you to certain porn sites and anti virus sites?

Benjimoron

Bad news, safe mode doesn't work!Good news, safe mode with networking … Bad news, safe mode doesn't work!Good news, safe mode with networking does work!!! Just running superantispyware at the moment and it's finding a load of stuff. Should I run the others too?How can just going to web pages do this? What if google decided to put this on their home page, we'd all be doomed as soon as we loaded the internet!!Secondly, how do we track down the ****** who wrote this and take his head off? Surely it's easy to track as they must be making money from the ads for sending you to certain porn sites and anti virus sites?



Run Malware Bytes too and your Antivirus.

Just spend today running all these scans to make sure it has gone

Original Poster

Will do!


Thankyou everyone for your help.

Thanks!!!!!!

Original Poster

djfluff

Bankerfox is a trojan, so should not infect other computers attached by … Bankerfox is a trojan, so should not infect other computers attached by network, unless you access the file.



Just seen this, I thought these things could only affect you if you opened the program etc that contained the virus, like opening an attachment, not just going to a web-site!!!

Original Poster

Found where it came from, I was looking at watchmovieon.com and went to the saw 3d page (just wanted to see if it came through on 3d or was a 2d version). Movie didn't even load but got all this virus stuff! Just did it again and it's all back!! But should be able to remove easily this time.

How the hell can you get a virus just by looking at a web page? No download or anything?

It is well worth running Spybot Search and Destroy too. It is free and safe.

Banned

Benjimoron

Found where it came from, I was looking at watchmovieon.com and went to … Found where it came from, I was looking at watchmovieon.com and went to the saw 3d page (just wanted to see if it came through on 3d or was a 2d version). Movie didn't even load but got all this virus stuff! Just did it again and it's all back!! But should be able to remove easily this time.How the hell can you get a virus just by looking at a web page? No download or anything?


Quite easily tbh

what AV software do you use? Please dont say AVG lol

Kaspersky has a URL advisor which is great at sniffing out these sites with viruses

Original Poster

csiman

Quite easily tbhwhat AV software do you use? Please dont say AVG … Quite easily tbhwhat AV software do you use? Please dont say AVG lolKaspersky has a URL advisor which is great at sniffing out these sites with viruses



I don't use anti virus lol!!

I don't open files that I don't trust etc. Still can't believe that in Windows I have to give permission like 2-3 times to open some programs yet it'll just let a virus take over by visiting a url, not even clicking anything!!!

What's a good free anti virus program?

Benjimoron

I don't use anti virus lol!!I don't open files that I don't trust etc. … I don't use anti virus lol!!I don't open files that I don't trust etc. Still can't believe that in Windows I have to give permission like 2-3 times to open some programs yet it'll just let a virus take over by visiting a url, not even clicking anything!!!What's a good free anti virus program?

WTF...................

filehippo.com/dow…us/
Post a comment
Avatar
@
    Text