Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: 161.40.59.127 attacked port 13567 BankerfoxA


30 Jun 2010   #1

win 7 pro upgrade disc set running 64 bit
 
 
161.40.59.127 attacked port 13567 BankerfoxA

I am running 64 bit Windows 7 and use Microsoft Security Essentials which is updated and real time protection is enabled. when a pop up window claimed i was infected by Bankerfoxa port 977 attacked port 13567 161.40.59.127 asking me if it wanted me to have it turn on my virus protection I hit my toolbar to see if security essentials was loaded ( which it was suppose to be but it was not) so i click start/programs, Microsoft security essentials i right click it run as admin and it opens its window and then closes and a pop up claims one of its files are corrupt and ask again if it wants me to have it start my anti virus program, while this attack is in progress i cannot use the prompt and run sfc /scannow or chkdsk /f all of Microsoft tools are disabled I have to reboot in order to stop this from happening and it has happened twice both times while looking for something with Google. wondering if anyone else has had this or similar and should i switch to avira anti virus
thanks


My System SpecsSystem Spec
.

30 Jun 2010   #2
Microsoft MVP

Win 7 Ultimate x64
 
 

Following this,

How to Remove BankerFox.A

should get rid of it. And for what it's worth the IP address that was reported by that popup, I don't think they were trying to hack your computer,

Whois record for 161.40.59.127
My System SpecsSystem Spec
30 Jun 2010   #3

Windows 7 Professional x64 SP1
 
 

Quote   Quote: Originally Posted by stormy13 View Post
Following this,

How to Remove BankerFox.A

should get rid of it. And for what it's worth the IP address that was reported by that popup, I don't think they were trying to hack your computer,

Whois record for 161.40.59.127
LOL@the Whois record. Definite win.
My System SpecsSystem Spec
.


30 Jun 2010   #4

Windows 2000 5.0 Build 2195
 
 

Quote   Quote: Originally Posted by stormy13 View Post
Following this,

How to Remove BankerFox.A

should get rid of it. And for what it's worth the IP address that was reported by that popup, I don't think they were trying to hack your computer,

Whois record for 161.40.59.127
Your link wanted us to download a registry-related program which, based on past experiences, aren't really reliable.

McAfee lists BankerFox.A as a fake malware as per FakeAlert-SpywareProtect

Based on McAfee's data, Microsoft list this similar scenario as caused by Encyclopedia entry: Trojan:Win32/FakeSpypro - Learn more about malware - Microsoft Malware Protection Center
My System SpecsSystem Spec
30 Jun 2010   #5

Windows 7 Ultimate x86 build 7600 (XP, 98SE, 95, 3.11, DOS 7.10 on VM) + Ubuntu 10.04 LTS Lucid Lynx
 
 

One thing I don't understand, if MSE was not running then where did the popup come from ??
My System SpecsSystem Spec
30 Jun 2010   #6

Windows 2000 5.0 Build 2195
 
 

It has to be one of those websites were they trick you in to installing rogue anti-virus malware. See my first link, some screenshots are there.
My System SpecsSystem Spec
30 Jun 2010   #7

Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
 
 

Scan with Malwarebytes and Spybot.
My System SpecsSystem Spec
01 Jul 2010   #8

win 7 pro upgrade disc set running 64 bit
 
 

I thank all of you for your knowledge, i am downloading the file and hopefully kill whatever it is. MSE was running at the time of the first pop-up window i believe the pop-up window was responsible for disabling MSE and the prompt (admin) was lame also you could type sfc /scannow and enter but it would not run, chkdsk /f also as arkhi said the reason for it is to have you buy it out of fear, both times i i rebooted it went back into hiding i suppose i do know both times i was using goggle and again both time i was looking at the choices of my search motor mounts for a neon. the program kept asking if i wanted it to turn on my anti-virus program each time i would (x) close it but when i try and start MSE this banker thing rendered it useless and another pop-up would claim the exe file is corrupt and again ask to turn on virus. i thank you all very much and i will do as you have suggested. thanks
My System SpecsSystem Spec
01 Jul 2010   #9

Windows 7 & Windows Vista Ultimate
 
 

Hi, Hollywood2. Another name for the rogue is Antivirus Soft. See the removal guide at Bleeping Computer: Remove Antivirus Soft.
My System SpecsSystem Spec
Reply

 161.40.59.127 attacked port 13567 BankerfoxA




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 06:15 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33