Home Malware Programs Fake Warning Messages Banker.Fox.A

Banker.Fox.A

Posted: February 23, 2010

Banker.Fox.A is a fake infection alert used by rogue products like Spyware Protect 2009. Since Banker.Fox.A is a false positive infection identification you can feel free to ignore Banker.Fox.A completely. However, you should consider Banker.Fox.A's detection to be an indication of a rogue program on your computer. Rogue programs will usually hijack your web browser, create inaccurate system error messages and reduce your security. Rogue malware will usually look similar to true security software products, so be on your guard for deceptive advertising.

The Infection That Never Was

Also sometimes known as BankerFox.A or Banker Fox.A, the Banker.Fox.A doesn't actually exist. No reputable security software will identify an infection as Banker.Fox.A. If you're running a scanning program that does detect Banker.Fox.A on your system, then this is a clear signal that the program you're using is a malicious rogue product.
 
Rogue products aren't necessarily downloaded onto your computer with your approval or permission; many malicious websites will attempt to place Trojans on your computer that, in turn, download a rogue infection. This rogue application will then imitate the outer look of an anti-virus scanner's trial version, but under the hood, Banker.Fox.A is actually causing damage rather than fixing it.

Digging Down to Banker.Fox.A's True Root

Fake Banker.Fox.A detections are primarily used by Antivirus Soft and Spyware Protect 2009. While these rogue products will cause your computer to behave in an alarming manner, both Spyware Protect 2009 and Antivirus Soft should be ignored as much as possible and removed from your system immediately. Just as their detections of Fake Banker.Fox.A are faked, all of Antivirus Soft and Spyware Protect 2009's other useful functions are also merely illusions crafted to gain your trust. Other symptoms that may come along with these originators of the Fake Banker.Fox.A lie include:

  • A scanner product taking over your startup process so that you're forced to go through its scan before you can see your desktop.
  • A sudden drop in available system resources, especially memory. This can be partially tracked through the use of the Processes tab in Windows Task Manager, if Task Manager isn't blocked by the infection.
  • The sudden appearance of very frequent error messages with high-priority content indicative of severe system problems. These are made up by the rogue products to cause you to behave with desperation.
  • Browser hijacking events. These may take the form of unsafe website messages or advertisements that overwhelm all normal web content, or you may be redirected towards a dangerous website without even a pretense of an excuse. Your home page may also be altered to a malicious one. Rogue infections will almost always use this tactic to expose you to their fraudulent home pages for the extraction of credit card information.
  • Crashes and other problems with legitimate security software and system maintenance tools. Rogue malware will cause these problems with additional errors used to make it appear as the fault of an unrelated infection, when they are in fact trying to prevent you from detecting and uninstalling them.

You'll continue to get false Banker.Fox.A alerts as long as the rogue infection sticks around, so don't give Banker.Fox.A the chance to harm your system further. The use of trustworthy system security products will greatly decrease your chances of dealing with false positives like this one.

Additional Information on Banker.Fox.A

  • The following messages's were detected:
    # Message
    1 Infiltration Alert
    Your computer is being attacked by an Internet Virus. It could be a password-stealing attack, a Trojan – dropper or similar.
    Threat: BankerFox.A
    Do you want to block this attack?

12 Comments

  • Mel Pardue says:

    If my computer is infected with Virus BankerFOX.A can I download the
    SpyHunters Malware scanner with my computer in the safe mode and be able to scan for this virus and possible get a fix for it.
    ??????
    Mel pardue

  • Doug Wilson says:

    FYI, the version of BankerFox.A that got into my wife's computer (past AVI free version, incidentally) will not let me do a control+alt+delete, or a "regedit". The crooks must have read your removal instructions and updated the malware. I want these mo fo's to go to prison.

  • bedlam says:

    My pc got this today what are these perverts on?
    forget doing any of the above they have already renamred it if you get to your taskmanager its only for a second, i started uninstalling programmes and it shut me down.....i have avast on my pc and it cannot see this virus give my pc a clean bill of health.

    I\'d like to meet the tosser that invented this with an AK 47 in my hands

  • mark d says:

    I have the same virus how do you get rid of it??

  • Iain P says:

    My PC (Win7 64 bit) was infected, I found that the following file was causing the problem: vrwmufhdlta.exe.
    I removed it with regedit.
    It was listed under HKLM\ software\microsoft\windows\currentVersion\run

    Hope that helps.

    ps I was getting BankerFox.A AND Nuquel.E warnings

  • CollinsMeister says:

    I have this virus. It wont let me go on anything apart from my documents and Mozilla Firefox. I can not run anything. For examply, I downloaded various anti virus/malware software online, but as soon as I try and open it, I get a "security alert" telling me the file is infected. Same with anything on my laptop. Including I-tunes for f*** sake. Im constantly searching solutions, if I find anything that works I will post it ASAP. [REMOVED WORD]ing hope these low life nerds die.

  • Laura says:

    Got this tonight and was at first locked out of everything in Windows Vista including Firefox.

    What I did (not removed yet but can work now) was go in safe mode and found start up processes. I clicked on my one file I didn't recognize - created today - and froze it so it will be blocked on start up. Tried to do it previously under task manager but that kept disappearing after a second. The file was dpgldfyv.

    Once it was blocked, I could re-enter regular mode and get online (once I shut off my proxy - don't know if that is bad or not.) So now, back here, trying to download new programs to eliminate it. So far no luck but least I am online again.

  • Jacob says:

    I just got this thing somehow and I am trying to get it off. I have found that as soon as I restart the computer and it comes back to account desktop I IMMEDIATELY hit CTL+ALT+DEL and I go to Start and the Run and then enter either cmd or regedit. I have found that if I do it quickly it works to open. Only problem is by the time it is open I can't seem to find any trace of it....help!!!

  • John allen says:

    Wont let me open anything including task manager and regedit, therefore i cant find the virus, and cant take any actions to remove it, someone please help?

  • Derek says:

    Got these 2 viruses yesterday 2-14-11. It got past Norton Antivirus. I cannot do anything unless I am in safe mode. I have been able to open Regedit but I do not see any of the corrupt files I am asked to look for. Please help. I dont know where to go from here. The virus has spread so much now I cant even run Norton even though when I was able to run it it said everything was running fine. this is the worst virus I have come across, I would like to shake the authors hand before I beat the crap out of him.

  • Neil says:

    I started my netbook. After I was booted up, I immediately hit CTRL+ALT+DEL. In task manager, I sorted my processes by CPU usage. One item, a file UMMCWLYSIKO (the name probably was a randomly generated name) was using memory on and off. I stopped process and the popups stoped. Next, I rebooted and that file reappeared in task manager. Right clicking revealed the file name and location. I deleted the file and rebooted the system. No more popups, but the Internet didn\\\\\\\'t work. Next, in control panel, I went to recovery and restored the system to the day before the virus attack. It worked!

  • Christina says:

    Ok wow that was crazy i just got the so called "virus" to said all the same stuff he explains at the top so i hit f8 and did a system restore, and it fixed it, i think for most stuff that wont let u access anything get off the computer right away and hit f8 when u turn the computer back on and get to system restore if you cant do that some how get into safe mode or any of that but i did the system restore and then i did what he said above and checked to make sure theres no trace of it and there isnt so im all set hopefully and hopefully it dont happen again!

Loading...