Severity scale:  
  (11/100)

Remove Bankworm virus (Virus Removal Instructions) - Chrome, Firefox, IE, Edge

removal by Jake Doevan - - | Type: Malware

The Bankworm virus is a detection displayed in fake security alerts used to foist Advanced Mac Cleaner

Bankworm virus

The Bankworm virus is a name of a non-existent cyber infection, which is used as an intimidation strategy to make Mac OS X users download Advanced Mac Cleaner tool. Typically, people start encountering fake “Download Required” pop-up messages after the installation of freeware,[1] but they can also accidentally encounter it when visiting untrustworthy domains. The alert notifies the user of the targeted system about a high-risk Bankworm infection, which supposedly has already infected /os/apps/worm.icv. At the bottom of the pop-up, people see a Remove virus now button, which redirects to Advanced Mac Cleaner download website.

Name Bankworm
Classification Malware
Sub-category Scam caused by adware
Related programs The pop-up is used to promote Advanced Mac Cleaner. Several instances of MacKeeper downloads were also reported
Symptoms Web browser keeps displaying a rogue pop-ups claiming that the system is infected and urging to download “useful” software. Excessive amount of pop-ups and more frequent redirects are also side effects of malware infection.
Elimination We recommend dealing with malware using an automatic software utility. For that, try downloading ReimageIntego and running a full system scan with it. 

The Bankworm virus is an invented cyber infection, which is used as a marketing tool for Advanced Mac Cleaner. Most of the AV vendors classify it as PUP and have already included it into a virus database. It has been found that this questionable optimization utility spreads bundled with freeware and displays bogus scan results to make people purchase its license. Some people reported this problem as Bankworm MacKeeper virus, so it might be that MacKeeper is also involved in this shady marketing campaign.

Besides, its developers (PCVARK) uses aggressive advertising techniques that are not acceptable. The Bankworm Apple scam is one of them. The company tries to intimidate its users claiming that their PCs are infected with the Bankworm virus, which is supposedly dangerous due to the leakage of sensitive information.

According to people's reports, these bogus alerts are usually generated by the following domains:

  • apple.com-securitywarning.com
  • http://tech01geek.com
  • http://www.ios-security-alert.com
  • http://www.mac-system-alerts.com

The URL address may differ each time. However, all of them mimics Apple design and impersonates the company to prove credibility. The Bankworm pop-up alert does not feature Apple-related logos, but it can sometimes be accompanied by such and similar pop-up alerts that freeze web browser's screen:

***Apple Security Warning***
Browser Blocked for Security Reasons.
Apple has detected that a porn virus has infected your system and trying to steal pictures, data, and social networking passwords. This is a serious hacking issue. Rectify it immediately as soon as possible.
ERROR CODE: QFR50000RT11C
Tell this error to Customer service representative.
Your Remote incoming connections are currently in the open state.

In addition to rogue security alerts foisting Advanced Mac Cleaner tool, the adware that triggers it may also initiate additional activities, such as:

  • It may display an excessive amount of commercial advertisements;
  • Cause web browser's slowdowns and freezes;
  • Track web browsing activities with the help of cookies;[2] 
  • Increase web browser's vulnerabilities and try to download other PUPs;
  • Initiate continuous web browser's redirects to suspicious or even malicious website.

In a nutshell, do not fall for believing in that Bankworm virus is trying to steal your credentials because there's no such infection at all. You keep seeing those alerts due to aggressive marketing strategies used by PCVARK team. Therefore, you should scan your Mac with ReimageIntego or another professional anti-virus to remove Bankworm virus pop-ups from your Mac.

Bankworm removal can be initiated manually as well. For this purpose, you should open Mac's library and eliminate all suspicious entries. However, since the exact program that causes the Bankworm scam has not been identified yet, you may face difficulties in malware elimination. That's why we recommend using a security tool.

Bankworm virus detected scamBankworm virus is a rogue cyber infection, which is used to intimidate PC users and trick them into installing untrustworthy optimization tools.

Malware dissemination peculiarities

Malware, namely adware and browser hijacker, are typically distributed in a software package. In other words, they are attacked by free programs as “optional components” and marked by default. Such distribution strategy is legitimate and officially dubbed as “bundling.”

But despite being legitimate, it's classified as unfair as it does not disclose additional components in a proper way. The installation setup automatically permits installation of all browser add-ons, toolbars, extensions, etc. if PC's owner selects Quick or Recommended installation option. That's why unwanted programs are such a frequent “guests” in people's PCs.

To prevent your PC from being contaminated by PUPs, cybersecurity experts from Dieviren.de[3] recommend people to opt for the Advance or Custom freeware installation option. This way, you will be able to monitor the installation process and deselect the components that are spreading alongside.

A guide on how to remove Bankworm scam on Mac

Bankworm virus pop-up is fake, so don't fall into panic. Nevertheless, it's emergence indicates the fact that your Mac is infected with malware, known as adware. Thus, you should take corresponding actions and get rid of it to stop rogue alerts on your web browser.

There are two ways to remove Bankworm virus found the message on Macbook and other Mac devices. You can either run a scan with a professional security tool or follow the removal tutorial provided down below this article.

You may remove virus damage with a help of ReimageIntego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.

Offer
do it now!
Download
Reimage Happiness
Guarantee
Download
Intego Happiness
Guarantee
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

To remove Bankworm virus, follow these steps:

Eliminate Bankworm from Windows systems

To remove Bankworm virus from Windows 10/8  machines, please follow these steps:

  1. Enter Control Panel into Windows search box and hit Enter or click on the search result.
  2. Under Programs, select Uninstall a program.Uninstall from Windows 1
  3. From the list, find entries related to Bankworm virus (or any other recently installed suspicious program).
  4. Right-click on the application and select Uninstall.
  5. If User Account Control shows up, click Yes.
  6. Wait till uninstallation process is complete and click OK.Uninstall from Windows 2

If you are Windows 7/XP user, proceed with the following instructions:

  1. Click on Windows Start > Control Panel located on the right pane (if you are Windows XP user, click on Add/Remove Programs).
  2. In Control Panel, select Programs > Uninstall a program.Uninstall from Windows 7/XP
  3. Pick the unwanted application by clicking on it once.
  4. At the top, click Uninstall/Change.
  5. In the confirmation prompt, pick Yes.
  6. Click OK once the removal process is finished.

Delete Bankworm from Mac OS X system

If your Mac device started displaying doubtful alerts while browsing urging to download infamous optimization tools, it's a clear sign that your device is infected with malware. In some of the cases, you may be redirected to such and similar promotional websites accidentally, but these cases are rare. Thus, if you want to check the system for malware manually, you should follow the steps given below.

If your macOS is displaying some infection symptoms, proceed with the following guide:

Remove Bankworm virus from Applications folder:

  1. From the menu bar, select Go > Applications.
  2. In the Applications folder, look for Bankworm virus-related entries.
  3. Click on the app and drag it to Trash (or right-click and pick Move to Trash)Uninstall from Mac 1

To fully remove Bankworm virus, you need to access Application Support, LaunchAgents, and LaunchDaemons folders and delete relevant files:

  1. Select Go > Go to Folder.
  2. Enter /Library/Application Support and click Go or press Enter.
  3. In the Application Support folder, look for any dubious entries related to Bankworm virus and then delete them.
  4. Now enter /Library/LaunchAgents and /Library/LaunchDaemons folders the same way and terminate all the Bankworm virus-related entries.Uninstall from Mac 2

Erase Bankworm from Internet Explorer (IE)

Remove dangerous add-ons:

  1. Open Internet Explorer, click on the Gear icon (IE menu) on the top-right corner of the browser
  2. Pick Manage Add-ons.
  3. You will see a Manage Add-ons window. Here, look for Bankworm virus and other suspicious plugins. Click on these entries and select Disable.Remove add-ons from Internet Explorer

Change your homepage if it was altered:

  1. Open IE and click on the Gear icon.
  2. Select Internet Options.
  3. In the General tab, delete the Home page address and replace it by your preferred one (for example, Google.com).
  4. Click Apply and then select OK.Reset IE homepage

Delete temporary files:

  1. Press on the Gear icon and select Internet Options.
  2. Under Browsing history, click Delete…
  3. Select relevant fields and press Delete.Clear temporary files from Internet Explorer

Reset Internet Explorer:

  1. Click on Gear icon > Internet options and select Advanced tab.
  2. Select Reset.
  3. In the new window, check Delete personal settings and select Reset again to complete Bankworm virus removal.Reset Internet Explorer

Uninstall Bankworm virus from Microsoft Edge

Delete unwanted extensions from MS Edge:

  1. Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
  2. From the list, pick the Bankworm virus-related extension and click on the Gear icon.
  3. Click on Uninstall at the bottom.Remove extensions from Edge

Clear cookies and other browser data:

  1. Click on the Menu (three horizontal dots at the top-right of the browser window) and select Privacy & security.
  2. Under Clear browsing data, pick Choose what to clear.
  3. Select everything (apart from passwords, although you might want to include Media licenses as well, if applicable) and click on Clear.Clear Edge browsing data

Reset MS Edge if that above steps did not work:

  1. Press on Ctrl + Shift + Esc to open Task Manager.
  2. Click on More details arrow at the bottom of the window.
  3. Select Details tab.
  4. Now scroll down and locate every entry with Microsoft Edge name in it. Right-click on each of them and select End Task to stop MS Edge from running.Reset MS Edge

If this solution failed to help you, you need to use an advanced Edge reset method. Note that you need to backup your data before proceeding.

  1. Find the following folder on your computer: C:\\Users\\%username%\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
  2. Press Ctrl + A on your keyboard to select all folders.
  3. Right-click on them and pick DeleteAdvanced MS Edge reset 1
  4. Now right-click on the Start button and pick Windows PowerShell (Admin).
  5. When the new window opens, copy and paste the following command, and then press Enter:

    Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\\AppXManifest.xml” -VerboseAdvanced MS Edge reset 2

Instructions for Chromium-based Edge

Delete extensions from MS Edge (Chromium):

  1. Open Edge and click select Settings > Extensions.
  2. Delete unwanted extensions by clicking Remove.Remove extensions from Chromium Edge

Clear cache and site data:

  1. Click on Menu and go to Settings.
  2. Select Privacy and services.
  3. Under Clear browsing data, pick Choose what to clear.
  4. Under Time range, pick All time.
  5. Select Clear now.Clear browser data from Chroum Edge

Reset Chromium-based MS Edge:

  1. Click on Menu and select Settings.
  2. On the left side, pick Reset settings.
  3. Select Restore settings to their default values.
  4. Confirm with Reset.Reset Chromium Edge

Get rid of Bankworm from Mozilla Firefox (FF)

Remove dangerous extensions:

  1. Open Mozilla Firefox browser and click on the Menu (three horizontal lines at the top-right of the window).
  2. Select Add-ons.
  3. In here, select plugins that are related to Bankworm virus and click Remove.Remove extensions from Firefox

Clear cookies and site data:

  1. Click Menu and pick Options.
  2. Go to Privacy & Security section.
  3. Scroll down to locate Cookies and Site Data.
  4. Click on Clear Data…
  5. Select Cookies and Site Data, as well as Cached Web Content and press Clear.Clear cookies and site data from Firefox

In case Bankworm virus did not get removed after following the instructions above, reset Mozilla Firefox:

  1. Open Mozilla Firefox browser and click the Menu.
  2. Go to Help and then choose Troubleshooting Information.Reset Firefox 1
  3. Under Give Firefox a tune up section, click on Refresh Firefox…
  4. Once the pop-up shows up, confirm the action by pressing on Refresh Firefox – this should complete Bankworm virus removal.Reset Firefox 2

Remove Bankworm from Google Chrome

As soon as you delete the malware, make sure to get rid of its remnants from the web browser. Google Chrome requires the following changes:

Delete malicious extensions from Google Chrome:

  1. Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
  2. In the newly opened window, you will see all the installed extensions. Uninstall all the suspicious plugins that might be related to Bankworm virus by clicking Remove.Remove extensions from Chrome

Clear cache and web data from Chrome:

  1. Click on Menu and pick Settings.
  2. Under Privacy and security, select Clear browsing data.
  3. Select Browsing history, Cookies and other site data, as well as Cached images and files.
  4. Click Clear data.Clear cache and web data from Chrome

If the above-methods did not help you, reset Google Chrome to eliminate all the Bankworm virus-components:

  1. Click on Menu and select Settings.
  2. In the Settings, scroll down and click Advanced.
  3. Scroll down and locate Reset and clean up section.
  4. Now click Restore settings to their original defaults.
  5. Confirm with Reset settings to complete Bankworm virus removal.Reset Chrome 2

Eliminate Bankworm from Safari

Most of the victims encounter the described alert on Safari. If you are one of them, please follow the tutorial below to get rid of intrusive Bankworm virus reports from your Mac.

Remove unwanted extensions from Safari:

  1. Click Safari > Preferences…
  2. In the new window, pick Extensions.
  3. Select the unwanted extension related to Bankworm virus and select Uninstall.Remove extensions from Safari

Clear cookies and other website data from Safari:

  1. Click Safari > Clear History…
  2. From the drop-down menu under Clear, pick all history.
  3. Confirm with Clear History.Clear cookies and website data from Safari

Reset Safari if the above-mentioned steps did not help you:

  1. Click Safari > Preferences…
  2. Go to Advanced tab.
  3. Tick the Show Develop menu in menu bar.
  4. From the menu bar, click Develop, and then select Empty Caches.Reset Safari

Protect your privacy – employ a VPN

There are several ways how to make your online time more private – you can access an incognito tab. However, there is no secret that even in this mode, you are tracked for advertising purposes. There is a way to add an extra layer of protection and create a completely anonymous web browsing practice with the help of Private Internet Access VPN. This software reroutes traffic through different servers, thus leaving your IP address and geolocation in disguise. Besides, it is based on a strict no-log policy, meaning that no data will be recorded, leaked, and available for both first and third parties. The combination of a secure web browser and Private Internet Access VPN will let you browse the Internet without a feeling of being spied or targeted by criminals. 

No backups? No problem. Use a data recovery tool

If you wonder how data loss can occur, you should not look any further for answers – human errors, malware attacks, hardware failures, power cuts, natural disasters, or even simple negligence. In some cases, lost files are extremely important, and many straight out panic when such an unfortunate course of events happen. Due to this, you should always ensure that you prepare proper data backups on a regular basis.

If you were caught by surprise and did not have any backups to restore your files from, not everything is lost. Data Recovery Pro is one of the leading file recovery solutions you can find on the market – it is likely to restore even lost emails or data located on an external device.

About the author
Jake Doevan
Jake Doevan - Computer technology expert

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Jake Doevan
About the company Esolutions

References

Your opinion regarding Bankworm virus