Jump to content

Removal instructions for SecuriDex


Recommended Posts

  • Staff
What is SecuriDex?

The Malwarebytes research team has determined that SecuriDex is adware. These adware applications display advertisements not originating from the sites you are browsing.

How do I know if my computer is affected by SecuriDex?

You may see this entry in your list of installed programs:

warning4.png

This is the main window of the program:

main.png

How did SecuriDex get on my computer?

Adware applications use different methods for distributing themselves. This particular one was offered as a media-player.

How do I remove SecuriDex?

Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted program.
  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Enable free trial of Malwarebytes Anti-Malware Premium
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Is there anything else I need to do to get rid of SecuriDex?
  • No, Malwarebytes' Anti-Malware removes SecuriDex completely.
How would the full version of Malwarebytes Anti-Malware help protect me?

We hope our application and this guide have helped you eradicate this hijacker.

As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the SecuriDex adware. It would have warned you before the adware could install itself, giving you a chance to stop it before it became too late.
 

protection1.png


Technical details for experts

Possible signs in FRST logs:
 () C:\Program Files (x86)\SecuriDex\WindowsApplication.exe
 HKCU\...\Run: [WindowsApplication] => C:\Program Files (x86)\SecuriDex\WindowsApplication.exe [22528 2016-01-20] ()
 C:\Users\{username}\Desktop\SecuriDex.lnk
 C:\Program Files (x86)\SecuriDex

SecuriDex1.12 (HKLM-x32\...\SecuriDex1.12) (Version: 1.12 - SecuriDex, LLC)
Alterations made by the installer:
File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Program Files (x86)\SecuriDex
       Adds the file favicon.ico"="1/9/2016 3:44 AM, 9662 bytes, A
       Adds the file Interop.QuartzTypeLib.dll"="1/9/2016 9:24 AM, 18944 bytes, A
       Adds the file Microsoft.CSharp.dll"="3/18/2010 6:31 PM, 65376 bytes, A
       Adds the file mscorlib.dll"="3/18/2010 6:31 PM, 2650448 bytes, A
       Adds the file Securidex.exe"="1/19/2016 11:38 PM, 315392 bytes, A
       Adds the file System.Core.dll"="3/18/2010 6:31 PM, 282456 bytes, A
       Adds the file System.Data.DataSetExtensions.dll"="3/18/2010 6:31 PM, 30072 bytes, A
       Adds the file System.Data.dll"="3/18/2010 6:31 PM, 1328984 bytes, A
       Adds the file System.Deployment.dll"="3/18/2010 6:31 PM, 599904 bytes, A
       Adds the file System.dll"="3/18/2010 6:31 PM, 919880 bytes, A
       Adds the file System.Drawing.dll"="3/18/2010 6:31 PM, 212824 bytes, A
       Adds the file System.Management.dll"="3/18/2010 6:31 PM, 96608 bytes, A
       Adds the file System.Runtime.Serialization.dll"="3/18/2010 6:31 PM, 429432 bytes, A
       Adds the file System.Web.Extensions.dll"="1/20/2007 4:56 PM, 701816 bytes, A
       Adds the file System.Windows.Forms.dll"="3/18/2010 6:31 PM, 1637736 bytes, A
       Adds the file System.Xml.dll"="3/18/2010 6:31 PM, 941904 bytes, A
       Adds the file System.Xml.Linq.dll"="3/18/2010 6:31 PM, 47968 bytes, A
       Adds the file Uninstall.exe"="5/2/2016 3:57 PM, 107056 bytes, A
       Adds the file Uninstall.ini"="5/2/2016 3:57 PM, 4783 bytes, A
       Adds the file WindowsApplication.exe"="1/19/2016 11:38 PM, 22528 bytes, A
    In the existing folder C:\Users\{username}\Desktop
       Adds the file SecuriDex.lnk"="5/2/2016 3:57 PM, 1903 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SecuriDex1.12]
       "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\SecuriDex\Uninstall.exe"
       "DisplayName"="REG_SZ", "SecuriDex1.12"
       "DisplayVersion"="REG_SZ", "1.12"
       "EstimatedSize"="REG_DWORD", 10175
       "HelpLink"="REG_SZ", "mailto:support@securidex.com"
       "InstallDate"="REG_SZ", "20160502"
       "InstallLocation"="REG_SZ", "C:\Program Files (x86)\SecuriDex\"
       "InstallSource"="REG_SZ", "C:\Users\{username}1\AppData\Local\Temp\nslF2F6.tmp\Securidex\"
       "Language"="REG_DWORD", 1033
       "NoModify"="REG_DWORD", 1
       "NoRepair"="REG_DWORD", 1
       "Publisher"="REG_SZ", "SecuriDex, LLC"
       "UninstallString"="REG_SZ", "C:\Program Files (x86)\SecuriDex\Uninstall.exe"
       "URLInfoAbout"="REG_SZ", "http://www.securidex.com/"
       "VersionMajor"="REG_DWORD", 1
       "VersionMinor"="REG_DWORD", 12
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SecuriDex]
       "(Default)"="REG_SZ", "nsefjhcrtasuisdo8512"
       "ProductVersion"="REG_SZ", "1.12"
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
       "WindowsApplication"="REG_SZ", "C:\Program Files (x86)\SecuriDex\WindowsApplication.exe"
Malwarebytes Anti-Malware log:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/2/2016
Scan Time: 4:06 PM
Logfile: mbam2Securidex.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.05.02.02
Rootkit Database: v2016.04.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {username}

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 316474
Time Elapsed: 2 min, 19 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 2
Rogue.TechSupportScam, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, 2180, Delete-on-Reboot, [9d7d28a9f6a3c0766919b46b92701ce4]
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, 2180, Delete-on-Reboot, [e03a8f4206930f27c63fde63887bf709]

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.SecuriDex, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SecuriDex1.12, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, HKLM\SOFTWARE\WOW6432NODE\SecuriDex, Quarantined, [ac6e9c35fc9d37ff8384ed5451b27f81], 

Registry Values: 3
Rogue.TechSupportScam, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|WindowsApplication, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, Quarantined, [9d7d28a9f6a3c0766919b46b92701ce4]
PUP.Optional.SecuriDex, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|WindowsApplication, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, Quarantined, [e03a8f4206930f27c63fde63887bf709]
PUP.Optional.SecuriDex, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SecuriDex1.12|URLInfoAbout, http://www.securidex.com/, Quarantined, [b961fdd48118241230d6ac9547bc0000]

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex, Delete-on-Reboot, [e03a8f4206930f27c63fde63887bf709], 

Files: 24
Rogue.TechSupportScam, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, Delete-on-Reboot, [9d7d28a9f6a3c0766919b46b92701ce4], 
PUP.Optional.SecuriDex, C:\Users\{username}\Desktop\setupSecuridex.exe, Quarantined, [859500d1c2d74ceab5e09d98649ed62a], 
Rogue.TechSupportScam, C:\Program Files (x86)\SecuriDex\Securidex.exe, Quarantined, [66b4864b435679bd6c171807e91923dd], 
PUP.Optional.SecuriDex, C:\Users\{username}\Desktop\SecuriDex.lnk, Quarantined, [14063c959504ec4ab4501130c043b64a], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Uninstall.ini, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Data.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\favicon.ico, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Interop.QuartzTypeLib.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Microsoft.CSharp.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\mscorlib.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Securidex.exe, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Core.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Data.DataSetExtensions.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Deployment.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Drawing.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Management.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Runtime.Serialization.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Web.Extensions.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Windows.Forms.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Xml.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Xml.Linq.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Uninstall.exe, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, Delete-on-Reboot, [e03a8f4206930f27c63fde63887bf709], 

Physical Sectors: 0
(No malicious items detected)


(end)
As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.
We use different ways of protecting your computer(s):
  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention
Save yourself the hassle and get protected.
Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.