Hello, I hope you can assist me in removing this JS/Banker.BA files from my laptop. It has been on my computer for a week. And I have tried to use different antivirus to clear it, but after I restart computer, it always comes back. I thought actually the antivirus cannot help remove it completely. I am so curious that why antivirus cannot do anything with it. Without the help of antivirus, I don’t know how to clear it form my computer. I am not a computer savvy. So please save my computer.

JS/Banker.BA Virus Description:

JS/Banker.BA virus is a dangerous Trojan horse to attack windows computer. Once it gets on your machine, it will conduct harmful activities to damage the computer system. This virus enters windows system important areas like windows folder, start-up item or registry editor, and then it disables crucial files to mess up computer performance. If some crucial files are lost, you will find computer cannot start or shut down normally. For example, it may get some system errors telling you that this problem is due to some losing files, and then you cannot log in computer. Besides, JS/Banker.BA virus will replicate and implant itself into another place of system, so that it can deeply root into system and bypass the detection of antivirus. This Trojan horse will change browser settings and DNS to block you access the Internet. Also you will encounter browser hijacker problem on your web browser. What’s worse, JS/Banker.BA virus can work as a backdoor virus to bring other virus, malware and spyware into system. Once more infections get on your computer, you will find it is more sluggish and often gets stuck. If you check in CPU usage of your computer, you will find the usage becomes higher. Even worse, this Trojan horse together with other virus and malware can damage troubleshooting mode of computer if you can’t remove it timely, then your computer will be useless.

JS/Banker.BA virus can come to your computer through many ways. In most of cases, it can be distributed via hacked and porn websites, malicious links, free downloads, shareware, spam email attachments and peer-to-peer files and so on. Hacked and porn websites are usually controlled by cyber criminals and inserted with different kinds of threats to lure users to click. So when users visit those websites or accidentally click on something attractive but suspicious from this website, this virus will automatically come into targeted computer. Regarding to malicious links, they are from unknown senders or strange websites. If you click the link to open, then JS/Banker.BA infection will immediately activate itself and install into your computer.  Besides, bundling into free software will be a popular way to carry this virus into computer. Therefore, please keep an eye on your online behaviors. Don’t click on anything that you think suspicious.

Some Traits about JS/Banker.BA Virus

-Can slow down the performance of the computer, or even blue screen.

-Can create many junk files which occupy a lot of space in hard drive.

-Can download other malicious programs into computer, which make further damage.

-Can redirect you to pages you don’t want all the time no matter what you are doing.

-Take a long time to turn on or shut down your computer

-Your sensitive information can be stolen by hacker who can access to your computer with the help of this Trojan.

-May pretend as an anti-virus program and cheat you that computer is in dangerous, and ask you to pay to remove the threats.

Warm prompt: It’s complicated for people who are not computer savvy or not familiar with the virus to remove the JS/Banker.BA virus. You can contact YooCare/YooSecurity PC professional online service for help:

Removal Guide for PCs with Windows OS

There is a removal guide of Trojan provided here; however, expertise is required during the process of removal, please make sure you are capable to do it by yourself.

>>>>>> Press Ctrl+Shift+Esc keys simultaneously to get the Task Manager to stop the active processes of JS/Banker.BA virus. To do this, you will need to click the “Processes” tag at the top then find out suspicious processes and right click on them and select “End Process”.



>>>>>> Click “Start” menu at the lower left corner and type “regedit” in the search programs and files box and press Enter key. Then you will open the “Registry Editor”.



>>>>>> You will need to find out the suspicious registry files related to this virus in the Registry Editor, They are usually located in: HKEY_LOCAL_MACHINE > SOFTWARE. You need to distinguish them from their “Name” and “Data” at the right column. All of them will be randomly distributed. If you are not good at this, ask for an expert for help.

registry editor

>>>>>> After you find out the suspicious registry files, you need to find out where the .exe files of the JS/Banker.BA virus locates. Usually, they will be in the operating system drive. To open it, you will need to click Start menu > Computer & My computer. Generally speaking, the Operating System drive is Local Disk (C:).


>>>>>> Basically speaking, all the related files of Trojan virus will be located in Windows > System32. Find out all the files of the JS/Banker.BA virus and delete them. Make sure that all the files you deleted are viruses, but not the files of the operating system. Any mistakes will cause data loss even system crash.


Video of Key Steps on How to Modify or Change Windows Registry:


JS/Banker.BA virus can severely attack your computer once it gets on your PC. It corrupts your system files, weakens the security level of the infected computer and modifies all your key registry settings as well as disables your firewall because of its root-kit. The CPU usage percentage will become higher than before, which will cause constant blue or black screen death and system freeze. this virus helps cyber criminals remotely control the infected PC. So hackers can do anything on your PC and get any information from your computer or by tracking your online history. And users’ personal information like credit card, bank account details, log-in passwords or other financial information could be leaked out. Victims of this JS/Banker.BA virus will suffer from financial loss. This Trojan must be removed as fast as possible to avoid further damages if you detect this nasty thing on your computer.

Warm prompt: If you are not computer savvy or not familiar with the virus to remove JS/Banker.BA virus. You can contact YooCare/YooSecurity PC professional online service for help:

Published by Tony Shepherd & last updated on August 15, 2015 4:01 am

Leave a Reply