How to Remove Dridex Trojan Horse

Just received a Word or Excel document with Dridex virus?

Dridex is a malicious Trojan virus, that can steal personal information through HTML injections. It’s a threat you shouldn’t take lightly as it’s capable of inflicting some pretty severe damages to your system. Don’t underestimate the scope of the problems the presence of this infection can, and will, lead to if you let it. If you don’t take action immediately after you become aware of its existence, you’ll bitterly regret it. Don’t let it stay, and you won’t get stuck dealing with a myriad of issues, the most severe of which is a security threat against your personal and financial information. Also, the longer you postpone the removal of the Trojan, the bigger the chance of you running into The Blue Screen of Death. Oh, yes. That’s a distinguished possibility. Once the Trojan is done implementing its malevolent, hazardous components into your system, your computer begins to display that there’s something wrong with it. Its performance gets slower and slower with each passing day. What’s more, the virus will make a backdoor so as to allow other viruses to sneak in and invade your PC, as well. You can see how this only adds to the possibility of you one day no longer being able to use your computer due to too many hazardous infections calling it home. Don’t you think it would be best to protect your system from such viruses, and yourself from unknown third parties and hackers? Do yourself a favor, and defend yourself and your system from the hazardous Trojan. Do what you have to so as to remove Dridex as soon as the opportunity presents itself.

remove dridex

 

How did I get infected with?

Like, most malicious and hazardous infections, Dridex slithers into your computer by resorting to trickery and deceit. If you have received an e-mail with the following random attachments: De_274196R.doc, De_NQ5390550V.doc, sw_report.xls or 20131030164403.xls and opened them then you probably were infected! It preys on your distraction, naivety, and haste and sneaks in while keeping you oblivious to it. That’s right. Until the tool decides to reveal itself, you’re utterly unaware of its existence. It turns to the old but gold means of invasion to enter your PC. More often than not, it hitches a ride with freeware or spam email attachments or hides behind corrupted sites or links. Even a single moment of carelessness can lead to getting stuck with the hazardous Trojan and an ever-growing pile of daily messes. What’s worse, the tool uses you to get to your contacts, as well. Oh, yes. The virus gets a hold of the email addresses from your contact list and sends them corrupted messages as if you’re the sender. That’s how it increases its victim pool. If you wish not to fall into the trap of Trojan.Dridex and save your contacts from enduring the same fate, be more careful! Remember that even a little extra attention goes a long, long way.

dridex banking trojan

Why is this dangerous?

Dridex is, as experts would say, a banking Trojan. If you’re unsure of what that implies, it’s pretty straightforward. A banking Trojan is a malicious infection that covertly infiltrates your system and then goes into ‘spying mode’ trying to steal any and all information it can later use to produce profits. That includes information related to banking (hence the name) – logins, passwords, personal details like your name, phone number, email address, etc. Dridex jeopardizes your privacy, every piece of information be it financial or personal. Do you wish for your private life to fall into the hands of strangers with questionable intentions? People, who can use it as they see fit? Do you honestly believe anything positive will come from that? Don’t be naive. The vicious virus seeks to exploit you in any way possible. It will cause you nothing but grievances and headaches, so stop it before the situation gets so dire you no longer can. Remember The Blue Screen of Death? Don’t wait around until you experience it, courtesy of Dridex. Stop the Trojan from handing the control of your system to hackers. Don’t let it threaten your or your system’s security. Get rid of it NOW! You won’t regret it, and your future self will be quite grateful for your timely reaction.

Manual Dridex Removal Instructions

STEP 1: Windows 8 Removal

STEP 2: Windows 7/XP/Vista Removal

STEP 1: Start Your Computer into Safe Mode with Networking in Windows 8

  • Make sure you do not have any floppy disks, CDs, and DVDs inserted in your computer
  • Move the mouse to the upper right corner until the windows 8 charm menu appears
  • Click on the magnifying glass

win-8-advanced-settings

  • select Settings
  • in the search box type Advanced
  • On the left the following should appear

advanced-startup-options-win-8

  • Click on Advanced Startup Options
  • Scroll down a little bit and click on Restart Now

advanced-startup-restart

  • Click on Troubleshoot

troubleshoot

  • Then Advanced options

advanced-options

  • Then Startup settings

startup-settings

  • Then Restart

restart-win-8

  • When you see this screen press F5 – Enable Safe Mode with Networking

f4-win-8

 

STEP 2: Start Your Computer into Safe Mode with Networking in Windows 7/XP/Vista

  • Make sure you do not have any floppy disks, CDs, and DVDs inserted in your computer
  • Restart the computer
  • When you see a table, start tapping the F8 key every second until you enter the Advanced Boot Options

kbd F8

  • in the Advanced Boot Options screen, use the arrow keys to highlight Safe Mode with Networking , and then press ENTER.

safe-mode-with-networking

STEP 3: Locate the startup location

  • Once the operating system loads press simultaneously the Windows Logo Button and the R key.

win-plus-r

  • A dialog box should open. Type “Regedit”

 

Depending on your OS (x86 or x64) navigate to:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] or
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] or
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

  • and delete the display Name: “random name”

 

 

  • Then open your explorer and navigate to:

%LocalAppData%\uqgtmedia

where %LocalAppData% refers to:

C:\Users\{username}\AppData\Local
delete Dridex
  • delete the whole folder

please have in mind that the trojan creates random files and hides them in different places.

Double check with any antimalware program for any leftovers. Keep your software up-to date.

Leave a Comment