- Installs itself without permissions
- Connects to the internet without permission
- Slow internet connection
- System crashes
- Slow Computer
Cridex Trojan is a computer infection that can replicate and spread on its own, therefore, even though it is called a Trojan, it should be classified as worm. Since 2012 spring Cridex Trojan targeted more than 137 financial organizations worldwide. In order to infect as many computers as possible this worm uses various distribution channels. Usually, Cridex Trojan spreads via removable disks or network drives, exploiting system vulnerabilities to infect them.
Once Cridex Trojan gets into the target computer it modifies Windows registry's subkey so that the malware could start automatically whenever the system boots. Also, Cridex Trojan is very good at protecting itself from being removed. It tries to hide its presence by injecting malicious codes into legitimate system processes. For example, explorer.exe, firefox.exe and iexplore.exe could be used as a camouflage by Cridex Trojan and the security programs would not consider these processes as treats, even if they carry malicious codes inside.
Most commonly Cridex Trojan uses removable drives to spread from one computer to another. Its copy is usually named randomly and then it is placed in a randomly named folder. Cridex Trojan also comes with a file that initiates autorun whenever the infected drive is plugged into a computer. Once the user accesses the folder with the malicious installation file, his computer gets infected with Cridex Trojan.
Once Cridex Trojan is installed on your computer, it connects to a list of remote IP addresses via port 8080. These addresses include: 18.104.22.168, 22.214.171.124, 126.96.36.199 and many more. When the connection is established, Cridex Trojan reports to its creator that yet another computer has been infected and then receives configuration data and instructions on what to do next. To put it simply, Cridex Trojan greatly compromises your computer, because it can upload data from your system and download more malicious applications.
To protect your computer and yourself from this infection, you need to remove Cridex Trojan immediately. If you cannot do that on your own, acquire a powerful computer security tool and remove Cridex Trojan automatically. Do all it takes to get rid of this infection.
How to manually remove Cridex Trojan
Files associated with Cridex Trojan infection:
Cridex Trojan processes to kill:
Remove Cridex Trojan registry entries: