Severity scale:  
  (11/100)

Bankworm virus. How to remove? (Uninstall guide)

removal by Jake Doevan - - | Type: Malware

The Bankworm virus is a detection displayed in fake security alerts used to foist Advanced Mac Cleaner

Bankworm virus

The Bankworm virus is a name of a non-existent cyber infection, which is used as an intimidation strategy to make Mac OS X users download Advanced Mac Cleaner tool. Typically, people start encountering fake “Download Required” pop-up messages after the installation of freeware,[1] but they can also accidentally encounter it when visiting untrustworthy domains. The alert notifies the user of the targeted system about a high-risk Bankworm infection, which supposedly has already infected /os/apps/worm.icv. At the bottom of the pop-up, people see a Remove virus now button, which redirects to Advanced Mac Cleaner download website.

Name Bankworm
Classification Malware
Sub-category Scam caused by adware
Related programs The pop-up is used to promote Advanced Mac Cleaner. Several instances of MacKeeper downloads were also reported
Symptoms Web browser keeps displaying a rogue pop-ups claiming that the system is infected and urging to download “useful” software. Excessive amount of pop-ups and more frequent redirects are also side effects of malware infection.
Elimination We recommend dealing with malware using an automatic software utility. For that, try downloading Reimage and running a full system scan with it. 

The Bankworm virus is an invented cyber infection, which is used as a marketing tool for Advanced Mac Cleaner. Most of the AV vendors classify it as PUP and have already included it into a virus database. It has been found that this questionable optimization utility spreads bundled with freeware and displays bogus scan results to make people purchase its license. Some people reported this problem as Bankworm MacKeeper virus, so it might be that MacKeeper is also involved in this shady marketing campaign.

Besides, its developers (PCVARK) uses aggressive advertising techniques that are not acceptable. The Bankworm Apple scam is one of them. The company tries to intimidate its users claiming that their PCs are infected with the Bankworm virus, which is supposedly dangerous due to the leakage of sensitive information.

According to people's reports, these bogus alerts are usually generated by the following domains:

  • apple.com-securitywarning.com
  • http://tech01geek.com
  • http://www.ios-security-alert.com
  • http://www.mac-system-alerts.com

The URL address may differ each time. However, all of them mimics Apple design and impersonates the company to prove credibility. The Bankworm pop-up alert does not feature Apple-related logos, but it can sometimes be accompanied by such and similar pop-up alerts that freeze web browser's screen:

***Apple Security Warning***
Browser Blocked for Security Reasons.
Apple has detected that a porn virus has infected your system and trying to steal pictures, data, and social networking passwords. This is a serious hacking issue. Rectify it immediately as soon as possible.
ERROR CODE: QFR50000RT11C
Tell this error to Customer service representative.
Your Remote incoming connections are currently in the open state.

In addition to rogue security alerts foisting Advanced Mac Cleaner tool, the adware that triggers it may also initiate additional activities, such as:

  • It may display an excessive amount of commercial advertisements;
  • Cause web browser's slowdowns and freezes;
  • Track web browsing activities with the help of cookies;[2] 
  • Increase web browser's vulnerabilities and try to download other PUPs;
  • Initiate continuous web browser's redirects to suspicious or even malicious website.

In a nutshell, do not fall for believing in that Bankworm virus is trying to steal your credentials because there's no such infection at all. You keep seeing those alerts due to aggressive marketing strategies used by PCVARK team. Therefore, you should scan your Mac with Reimage or another professional anti-virus to remove Bankworm virus pop-ups from your Mac.

Bankworm removal can be initiated manually as well. For this purpose, you should open Mac's library and eliminate all suspicious entries. However, since the exact program that causes the Bankworm scam has not been identified yet, you may face difficulties in malware elimination. That's why we recommend using a security tool.

Malware dissemination peculiarities

Malware, namely adware and browser hijacker, are typically distributed in a software package. In other words, they are attacked by free programs as “optional components” and marked by default. Such distribution strategy is legitimate and officially dubbed as “bundling.”

But despite being legitimate, it's classified as unfair as it does not disclose additional components in a proper way. The installation setup automatically permits installation of all browser add-ons, toolbars, extensions, etc. if PC's owner selects Quick or Recommended installation option. That's why unwanted programs are such a frequent “guests” in people's PCs.

To prevent your PC from being contaminated by PUPs, cybersecurity experts from Dieviren.de[3] recommend people to opt for the Advance or Custom freeware installation option. This way, you will be able to monitor the installation process and deselect the components that are spreading alongside.

A guide on how to remove Bankworm scam on Mac

Bankworm virus pop-up is fake, so don't fall into panic. Nevertheless, it's emergence indicates the fact that your Mac is infected with malware, known as adware. Thus, you should take corresponding actions and get rid of it to stop rogue alerts on your web browser.

There are two ways to remove Bankworm virus found the message on Macbook and other Mac devices. You can either run a scan with a professional security tool or follow the removal tutorial provided down below this article.

You can remove Bankworm automatically with a help of one of these programs: Reimage, Malwarebytes. We recommend these applications because they can easily delete potentially unwanted programs and viruses with all their files and registry entries that are related to them.

Offer
We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
More information about this program can be found in Reimage review.

If you decided to select another anti-spyware, uninstall Reimage from your computer.
Press mentions on Reimage
Alternate Software
Malwarebytes
Alternate Software
Malwarebytes

To remove Bankworm virus, follow these steps:

WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Eliminate Bankworm from Windows systems

  1. Click Start Control Panel Programs and Features (if you are Windows XP user, click on Add/Remove Programs). Click 'Start -> Control Panel -> Programs and Features' (if you are 'Windows XP' user, click on 'Add/Remove Programs').
  2. If you are Windows 10 / Windows 8 user, then right-click in the lower left corner of the screen. Once Quick Access Menu shows up, select Control Panel and Uninstall a Program. If you are 'Windows 10 / Windows 8' user, then right-click in the lower left corner of the screen. Once 'Quick Access Menu' shows up, select 'Control Panel' and 'Uninstall a Program'.
  3. Uninstall Bankworm and related programs
    Here, look for Bankworm or any other recently installed suspicious programs.
  4. Uninstall them and click OK to save these changes. Right click on each of suspicious entries and select 'Uninstall'
WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Delete Bankworm from Mac OS X system

If your Mac device started displaying doubtful alerts while browsing urging to download infamous optimization tools, it's a clear sign that your device is infected with malware. In some of the cases, you may be redirected to such and similar promotional websites accidentally, but these cases are rare. Thus, if you want to check the system for malware manually, you should follow the steps given below.

  1. If you are using OS X, click Go button at the top left of the screen and select Applications. Cick 'Go' and select 'Applications'
  2. Wait until you see Applications folder and look for Bankworm or any other suspicious programs on it. Now right click on every of such entries and select Move to Trash. Click on every malicious entry and select 'Move to Trash'
WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Erase Bankworm from Internet Explorer (IE)

  1. Remove dangerous add-ons
    Open Internet Explorer, click on the Gear icon (IE menu) on the top right corner of the browser and choose Manage Add-ons. Click on menu icon and select 'Manage add-ons'
  2. You will see a Manage Add-ons window. Here, look for Bankworm and other suspicious plugins. Disable these entries by clicking Disable: Right click on each of malicious entries and select 'Disable'
  3. Change your homepage if it was altered by virus:
    Click on the gear icon (menu) on the top right corner of the browser and select Internet Options. Stay in General tab.
  4. Here, remove malicious URL and enter preferable domain name. Click Apply to save changes. Delete malicious URL, enter your desired domain name and click 'Apply' to save changes
  5. Reset Internet Explorer
    Click on the gear icon (menu) again and select Internet options. Go to Advanced tab.
  6. Here, select Reset.
  7. When in the new window, check Delete personal settings and select Reset again to complete Bankworm removal. Go to 'Advanced' tab and click on 'Reset' button. Now select 'Delete personal settings' and click on 'Reset' button again
WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Uninstall Bankworm virus from Microsoft Edge

Reset Microsoft Edge settings (Method 1):

  1. Launch Microsoft Edge app and click More (three dots at the top right corner of the screen).
  2. Click Settings to open more options.
  3. Once Settings window shows up, click Choose what to clear button under Clear browsing data option. Go to Settings and select 'Choose what to clear'
  4. Here, select all what you want to remove and click Clear. Select 'Clear' button
  5. Now you should right-click on the Start button (Windows logo). Here, select Task Manager. Open the start menu and select 'Task Manager'
  6. When in Processes tab, search for Microsoft Edge.
  7. Right-click on it and choose Go to details option. If can’t see Go to details option, click More details and repeat previous steps. Right-click 'Microsoft Edge' and select 'Go to details' Select 'More details' if 'Go to details' option fails to show up
  8. When Details tab shows up, find every entry with Microsoft Edge name in it. Right click on each of them and select End Task to end these entries. Find Microsoft Edge entries and select 'End Task'

Resetting Microsoft Edge browser (Method 2):

If Method 1 failed to help you, you need to use an advanced Edge reset method.

  1. Note: you need to backup your data before using this method.
  2. Find this folder on your computer: C:\Users\%username%\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
  3. Select every entry which is saved on it and right click with your mouse. Then Delete option. Go to Microsoft Edge folder on your computer, right-click every entry and click 'Delete'
  4. Click the Start button (Windows logo) and type in window power in Search my stuff line.
  5. Right-click the Windows PowerShell entry and choose Run as administrator. Find Windows PowerShell, right-click it and select 'Run as administrator'
  6. Once Administrator: Windows PowerShell window shows up, paste this command line after PS C:\WINDOWS\system32> and press Enter:
    Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register $($_.InstallLocation)\AppXManifest.xml -Verbose}
    Copy and paste a required command and press 'Enter'

Once these steps are finished, Bankworm should be removed from your Microsoft Edge browser.

WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Get rid of Bankworm from Mozilla Firefox (FF)

  1. Remove dangerous extensions
    Open Mozilla Firefox, click on the menu icon (top right corner) and select Add-ons Extensions. Click on menu icon and select 'Add-ons'
  2. Here, select Bankworm and other questionable plugins. Click Remove to delete these entries. Select 'Extensions' and look for malicious entries. Click 'Remove' to get rid of each of them
  3. Reset Mozilla Firefox
    Click on the Firefox menu on the top left and click on the question mark. Here, choose Troubleshooting Information. Click on menu icon and then on '?'. Select 'Troubleshooting Information'
  4. Now you will see Reset Firefox to its default state message with Reset Firefox button. Click this button for several times and complete Bankworm removal. Click on 'Reset Firefox' button for a couple of times
WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Remove Bankworm from Google Chrome

As soon as you delete the malware, make sure to get rid of its remnants from the web browser. Google Chrome requires the following changes:

  1. Delete malicious plugins
    Open Google Chrome, click on the menu icon (top right corner) and select Tools Extensions. Click on menu icon. Select 'Tools' and 'Extensions'
  2. Here, select Bankworm and other malicious plugins and select trash icon to delete these entries. Look for malicious entries and delete each of them by clicking on the Trash bin icon
  3. Click on menu icon again and choose Settings Manage Search engines under the Search section. When in 'Settings', select 'Manage search engines...'
  4. When in Search Engines..., remove malicious search sites. You should leave only Google or your preferred domain name. Click 'X' to remove malicious URLs
  5. Reset Google Chrome
    Click on menu icon on the top right of your Google Chrome and select Settings.
  6. Scroll down to the end of the page and click on Reset browser settings. When in 'Settings', scroll down to 'Reset browser settings' button and click on it
  7. Click Reset to confirm this action and complete Bankworm removal. Click on 'Reset' button to complete your removal
WindowsMac OS XInternet ExplorerMicrosoft EdgeFirefoxGoogle ChromeSafari

Eliminate Bankworm from Safari

Most of the victims encounter the described alert on Safari. If you are one of them, please follow the tutorial below to get rid of intrusive Bankworm virus reports from your Mac.

  1. Remove dangerous extensions
    Open Safari web browser and click on Safari in menu at the top left of the screen. Once you do this, select Preferences. Click on 'Safari' and select 'Preferences'
  2. Here, select Extensions and look for Bankworm or other suspicious entries. Click on the Uninstall button to get rid each of them. Go to 'Extensions' and uninstall malicious add-ons
  3. Reset Safari
    Open Safari browser and click on Safari in menu section at the top left of the screen. Here, select Reset Safari.... Click on 'Safari' and select 'Reset Safari...'
  4. Now you will see a detailed dialog window filled with reset options. All of those options are usually checked, but you can specify which of them you want to reset. Click the Reset button to complete Bankworm removal process. Select all options and click on 'Reset' button

About the author

Jake Doevan
Jake Doevan - Computer technology expert

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Jake Doevan
About the company Esolutions

References