Dridex Removal Guide

Dridex is no ordinary adware program. It is a dangerous computer infection that tries to steal your banking credentials. Computer security experts label Dridex as a banking Trojan. This means that this malware programs stealthily enters your system and runs in the background for an extended period of time. Unless you run regular system scans, you will not notice that Dridex is on your computer until it is too late. Remove Dridex from your system the moment an antivirus program detects this application. You have to protect your sensitive information from malicious exploitation.

Banking Trojans from the same group have been quite active this year. For example, Geodo Trojan (which is directly related to Dridex) has been known to sent fake e-invoices to unsuspecting computer users in Germany and Switzerland. Other versions of the same infection include such programs as Feodo, Cridex, and Bugat. Just like Dridex, they get distributed via spam email messages that masquerade as official emails from your financial services provider.

As far as Dridex distribution method is concerned, this Trojan travels in the spam email attachments. According to the research, the spam messages that carry Dridex pretend they are sent by Evernote (or Evernote message center). Users are compelled to click those messages because the subject line has their names n it along with the note that says “File has been sent.” Although the spam message does not have any content, it comes with an attachment file. The file is called DSC_XXXXXXX.ZIP. Take note that the final seven numbers on the file are often generated randomly, and they may differ from message to message.

If user downloads the file and unzips it, he finds a PDF file inside it. However, it only looks like a PDF file because that is how Dridex and other Trojan applications trick users into installing them. If you click the file, you will initiate the Trojan installation. The infection will automatically connect to its command and control center through a remote server, and it will download the main payload onto your computer.

Since Trojans are not conspicuous, you may not know at first that Dridex is running on your PC. This infection will inject malicious code into financial institutions’ websites in order to collect your banking credentials. If Dridex manages to steal sensitive financial information from you, you should contact your bank so that they would issue you new login credentials.

It is clear that an average computer user cannot remove Dridex from his computer manually. It is a dangerous Trojan infection, and unless you are a computer security expert, you should not attempt a manual removal. Invest in a legitimate computer security application and terminate Dridex automatically. At the same time, you will be able to safeguard your system against similar infections in the future.