What is SecuriDex?
The Malwarebytes research team has determined that SecuriDex is adware. These adware applications display advertisements not originating from the sites you are browsing.
How do I know if my computer is affected by SecuriDex?
You may see this entry in your list of installed programs:
This is the main window of the program:
How did SecuriDex get on my computer?
Adware applications use different methods for distributing themselves. This particular one was offered as a media-player.
How do I remove SecuriDex?
Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted program.
- Please download Malwarebytes Anti-Malware to your desktop.
- Double-click mbam-setup-version.exe and follow the prompts to install the program.
- At the end, be sure a check-mark is placed next to the following:
- Enable free trial of Malwarebytes Anti-Malware Premium
- Launch Malwarebytes Anti-Malware
- Then click Finish.
- If an update is found, you will be prompted to download and install the latest version.
- Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
- When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
- Reboot your computer if prompted.
- No, Malwarebytes' Anti-Malware removes SecuriDex completely.
We hope our application and this guide have helped you eradicate this hijacker.
As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the SecuriDex adware. It would have warned you before the adware could install itself, giving you a chance to stop it before it became too late.
Technical details for experts
Possible signs in FRST logs:
() C:\Program Files (x86)\SecuriDex\WindowsApplication.exe HKCU\...\Run: [WindowsApplication] => C:\Program Files (x86)\SecuriDex\WindowsApplication.exe [22528 2016-01-20] () C:\Users\{username}\Desktop\SecuriDex.lnk C:\Program Files (x86)\SecuriDex SecuriDex1.12 (HKLM-x32\...\SecuriDex1.12) (Version: 1.12 - SecuriDex, LLC)Alterations made by the installer:
File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\SecuriDex Adds the file favicon.ico"="1/9/2016 3:44 AM, 9662 bytes, A Adds the file Interop.QuartzTypeLib.dll"="1/9/2016 9:24 AM, 18944 bytes, A Adds the file Microsoft.CSharp.dll"="3/18/2010 6:31 PM, 65376 bytes, A Adds the file mscorlib.dll"="3/18/2010 6:31 PM, 2650448 bytes, A Adds the file Securidex.exe"="1/19/2016 11:38 PM, 315392 bytes, A Adds the file System.Core.dll"="3/18/2010 6:31 PM, 282456 bytes, A Adds the file System.Data.DataSetExtensions.dll"="3/18/2010 6:31 PM, 30072 bytes, A Adds the file System.Data.dll"="3/18/2010 6:31 PM, 1328984 bytes, A Adds the file System.Deployment.dll"="3/18/2010 6:31 PM, 599904 bytes, A Adds the file System.dll"="3/18/2010 6:31 PM, 919880 bytes, A Adds the file System.Drawing.dll"="3/18/2010 6:31 PM, 212824 bytes, A Adds the file System.Management.dll"="3/18/2010 6:31 PM, 96608 bytes, A Adds the file System.Runtime.Serialization.dll"="3/18/2010 6:31 PM, 429432 bytes, A Adds the file System.Web.Extensions.dll"="1/20/2007 4:56 PM, 701816 bytes, A Adds the file System.Windows.Forms.dll"="3/18/2010 6:31 PM, 1637736 bytes, A Adds the file System.Xml.dll"="3/18/2010 6:31 PM, 941904 bytes, A Adds the file System.Xml.Linq.dll"="3/18/2010 6:31 PM, 47968 bytes, A Adds the file Uninstall.exe"="5/2/2016 3:57 PM, 107056 bytes, A Adds the file Uninstall.ini"="5/2/2016 3:57 PM, 4783 bytes, A Adds the file WindowsApplication.exe"="1/19/2016 11:38 PM, 22528 bytes, A In the existing folder C:\Users\{username}\Desktop Adds the file SecuriDex.lnk"="5/2/2016 3:57 PM, 1903 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SecuriDex1.12] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\SecuriDex\Uninstall.exe" "DisplayName"="REG_SZ", "SecuriDex1.12" "DisplayVersion"="REG_SZ", "1.12" "EstimatedSize"="REG_DWORD", 10175 "HelpLink"="REG_SZ", "mailto:[email protected]" "InstallDate"="REG_SZ", "20160502" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\SecuriDex\" "InstallSource"="REG_SZ", "C:\Users\{username}1\AppData\Local\Temp\nslF2F6.tmp\Securidex\" "Language"="REG_DWORD", 1033 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "SecuriDex, LLC" "UninstallString"="REG_SZ", "C:\Program Files (x86)\SecuriDex\Uninstall.exe" "URLInfoAbout"="REG_SZ", "http://www.securidex.com/" "VersionMajor"="REG_DWORD", 1 "VersionMinor"="REG_DWORD", 12 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SecuriDex] "(Default)"="REG_SZ", "nsefjhcrtasuisdo8512" "ProductVersion"="REG_SZ", "1.12" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsApplication"="REG_SZ", "C:\Program Files (x86)\SecuriDex\WindowsApplication.exe"Malwarebytes Anti-Malware log:
Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 5/2/2016 Scan Time: 4:06 PM Logfile: mbam2Securidex.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.05.02.02 Rootkit Database: v2016.04.17.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username} Scan Type: Threat Scan Result: Completed Objects Scanned: 316474 Time Elapsed: 2 min, 19 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 2 Rogue.TechSupportScam, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, 2180, Delete-on-Reboot, [9d7d28a9f6a3c0766919b46b92701ce4] PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, 2180, Delete-on-Reboot, [e03a8f4206930f27c63fde63887bf709] Modules: 0 (No malicious items detected) Registry Keys: 2 PUP.Optional.SecuriDex, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SecuriDex1.12, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, HKLM\SOFTWARE\WOW6432NODE\SecuriDex, Quarantined, [ac6e9c35fc9d37ff8384ed5451b27f81], Registry Values: 3 Rogue.TechSupportScam, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|WindowsApplication, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, Quarantined, [9d7d28a9f6a3c0766919b46b92701ce4] PUP.Optional.SecuriDex, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|WindowsApplication, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, Quarantined, [e03a8f4206930f27c63fde63887bf709] PUP.Optional.SecuriDex, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SecuriDex1.12|URLInfoAbout, http://www.securidex.com/, Quarantined, [b961fdd48118241230d6ac9547bc0000] Registry Data: 0 (No malicious items detected) Folders: 1 PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex, Delete-on-Reboot, [e03a8f4206930f27c63fde63887bf709], Files: 24 Rogue.TechSupportScam, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, Delete-on-Reboot, [9d7d28a9f6a3c0766919b46b92701ce4], PUP.Optional.SecuriDex, C:\Users\{username}\Desktop\setupSecuridex.exe, Quarantined, [859500d1c2d74ceab5e09d98649ed62a], Rogue.TechSupportScam, C:\Program Files (x86)\SecuriDex\Securidex.exe, Quarantined, [66b4864b435679bd6c171807e91923dd], PUP.Optional.SecuriDex, C:\Users\{username}\Desktop\SecuriDex.lnk, Quarantined, [14063c959504ec4ab4501130c043b64a], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Uninstall.ini, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Data.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\favicon.ico, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Interop.QuartzTypeLib.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Microsoft.CSharp.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\mscorlib.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Securidex.exe, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Core.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Data.DataSetExtensions.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Deployment.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Drawing.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Management.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Runtime.Serialization.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Web.Extensions.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Windows.Forms.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Xml.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Xml.Linq.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Uninstall.exe, Quarantined, [e03a8f4206930f27c63fde63887bf709], PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, Delete-on-Reboot, [e03a8f4206930f27c63fde63887bf709], Physical Sectors: 0 (No malicious items detected) (end)As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.
We use different ways of protecting your computer(s):
- Dynamically Blocks Malware Sites & Servers
- Malware Execution Prevention