This article will show you how to scan a Windows computer for the Dridex computer virus.
Running the detection tool
The helpful folks over at lexsi.com have developed a Dridex detection tool which you can download and use for free.
About this tool
- Download the Dridex detection and cleaning tool (currently version 3) to your Documents or Desktop.
- Extract the .zip folder using the password from the Lexsi website (found under the Detection heading). You should now see a new file named DridexDetector.exe - but don't run it just yet.
- You must now now restart your computer in safe mode.
- Once in safe mode, go to the DridexDetector.exe file and right-click it, and then select Run as administrator.
- If User Account Control pops up, click Yes.
- The scan will now run - this should only take a few seconds.
- If you see [ Found ] in the results then your computer is infected.
- If you see [ Not Found ] your computer should be clean.
What to do if your computer is infected
For non-University supplied computers
Currently the only guaranteed way to remove the Dridex virus is to format the hard disk of the infected computer and perform a fresh install of Windows.
Do NOT use System Restore, this simply reinstalls the Dridex virus.
For University-supplied computers
Please alert your Department's IT support contact.