Jump to content

Welcome to Geeks to Go
Geeks to Go Welcome
Create Account Login to Account
Photo

Removal instructions for SecuriDex

- - - - -

  • Please log in to reply
No replies to this topic

#1
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Content is republished with permission from Malwarebytes.

What is SecuriDex?

The Malwarebytes research team has determined that SecuriDex is adware. These adware applications display advertisements not originating from the sites you are browsing.

How do I know if my computer is affected by SecuriDex?

You may see this entry in your list of installed programs:

warning4.png

This is the main window of the program:

main.png

How did SecuriDex get on my computer?

Adware applications use different methods for distributing themselves. This particular one was offered as a media-player.

How do I remove SecuriDex?

Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted program.
  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Enable free trial of Malwarebytes Anti-Malware Premium
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Is there anything else I need to do to get rid of SecuriDex?
  • No, Malwarebytes' Anti-Malware removes SecuriDex completely.
How would the full version of Malwarebytes Anti-Malware help protect me?

We hope our application and this guide have helped you eradicate this hijacker.

As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the SecuriDex adware. It would have warned you before the adware could install itself, giving you a chance to stop it before it became too late.

protection1.png


Technical details for experts

Possible signs in FRST logs:
 () C:\Program Files (x86)\SecuriDex\WindowsApplication.exe
 HKCU\...\Run: [WindowsApplication] => C:\Program Files (x86)\SecuriDex\WindowsApplication.exe [22528 2016-01-20] ()
 C:\Users\{username}\Desktop\SecuriDex.lnk
 C:\Program Files (x86)\SecuriDex

SecuriDex1.12 (HKLM-x32\...\SecuriDex1.12) (Version: 1.12 - SecuriDex, LLC)
Alterations made by the installer:
File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Program Files (x86)\SecuriDex
       Adds the file favicon.ico"="1/9/2016 3:44 AM, 9662 bytes, A
       Adds the file Interop.QuartzTypeLib.dll"="1/9/2016 9:24 AM, 18944 bytes, A
       Adds the file Microsoft.CSharp.dll"="3/18/2010 6:31 PM, 65376 bytes, A
       Adds the file mscorlib.dll"="3/18/2010 6:31 PM, 2650448 bytes, A
       Adds the file Securidex.exe"="1/19/2016 11:38 PM, 315392 bytes, A
       Adds the file System.Core.dll"="3/18/2010 6:31 PM, 282456 bytes, A
       Adds the file System.Data.DataSetExtensions.dll"="3/18/2010 6:31 PM, 30072 bytes, A
       Adds the file System.Data.dll"="3/18/2010 6:31 PM, 1328984 bytes, A
       Adds the file System.Deployment.dll"="3/18/2010 6:31 PM, 599904 bytes, A
       Adds the file System.dll"="3/18/2010 6:31 PM, 919880 bytes, A
       Adds the file System.Drawing.dll"="3/18/2010 6:31 PM, 212824 bytes, A
       Adds the file System.Management.dll"="3/18/2010 6:31 PM, 96608 bytes, A
       Adds the file System.Runtime.Serialization.dll"="3/18/2010 6:31 PM, 429432 bytes, A
       Adds the file System.Web.Extensions.dll"="1/20/2007 4:56 PM, 701816 bytes, A
       Adds the file System.Windows.Forms.dll"="3/18/2010 6:31 PM, 1637736 bytes, A
       Adds the file System.Xml.dll"="3/18/2010 6:31 PM, 941904 bytes, A
       Adds the file System.Xml.Linq.dll"="3/18/2010 6:31 PM, 47968 bytes, A
       Adds the file Uninstall.exe"="5/2/2016 3:57 PM, 107056 bytes, A
       Adds the file Uninstall.ini"="5/2/2016 3:57 PM, 4783 bytes, A
       Adds the file WindowsApplication.exe"="1/19/2016 11:38 PM, 22528 bytes, A
    In the existing folder C:\Users\{username}\Desktop
       Adds the file SecuriDex.lnk"="5/2/2016 3:57 PM, 1903 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SecuriDex1.12]
       "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\SecuriDex\Uninstall.exe"
       "DisplayName"="REG_SZ", "SecuriDex1.12"
       "DisplayVersion"="REG_SZ", "1.12"
       "EstimatedSize"="REG_DWORD", 10175
       "HelpLink"="REG_SZ", "mailto:[email protected]"
       "InstallDate"="REG_SZ", "20160502"
       "InstallLocation"="REG_SZ", "C:\Program Files (x86)\SecuriDex\"
       "InstallSource"="REG_SZ", "C:\Users\{username}1\AppData\Local\Temp\nslF2F6.tmp\Securidex\"
       "Language"="REG_DWORD", 1033
       "NoModify"="REG_DWORD", 1
       "NoRepair"="REG_DWORD", 1
       "Publisher"="REG_SZ", "SecuriDex, LLC"
       "UninstallString"="REG_SZ", "C:\Program Files (x86)\SecuriDex\Uninstall.exe"
       "URLInfoAbout"="REG_SZ", "http://www.securidex.com/"
       "VersionMajor"="REG_DWORD", 1
       "VersionMinor"="REG_DWORD", 12
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SecuriDex]
       "(Default)"="REG_SZ", "nsefjhcrtasuisdo8512"
       "ProductVersion"="REG_SZ", "1.12"
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
       "WindowsApplication"="REG_SZ", "C:\Program Files (x86)\SecuriDex\WindowsApplication.exe"
Malwarebytes Anti-Malware log:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/2/2016
Scan Time: 4:06 PM
Logfile: mbam2Securidex.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.05.02.02
Rootkit Database: v2016.04.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {username}

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 316474
Time Elapsed: 2 min, 19 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 2
Rogue.TechSupportScam, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, 2180, Delete-on-Reboot, [9d7d28a9f6a3c0766919b46b92701ce4]
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, 2180, Delete-on-Reboot, [e03a8f4206930f27c63fde63887bf709]

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.SecuriDex, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SecuriDex1.12, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, HKLM\SOFTWARE\WOW6432NODE\SecuriDex, Quarantined, [ac6e9c35fc9d37ff8384ed5451b27f81], 

Registry Values: 3
Rogue.TechSupportScam, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|WindowsApplication, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, Quarantined, [9d7d28a9f6a3c0766919b46b92701ce4]
PUP.Optional.SecuriDex, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|WindowsApplication, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, Quarantined, [e03a8f4206930f27c63fde63887bf709]
PUP.Optional.SecuriDex, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SecuriDex1.12|URLInfoAbout, http://www.securidex.com/, Quarantined, [b961fdd48118241230d6ac9547bc0000]

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex, Delete-on-Reboot, [e03a8f4206930f27c63fde63887bf709], 

Files: 24
Rogue.TechSupportScam, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, Delete-on-Reboot, [9d7d28a9f6a3c0766919b46b92701ce4], 
PUP.Optional.SecuriDex, C:\Users\{username}\Desktop\setupSecuridex.exe, Quarantined, [859500d1c2d74ceab5e09d98649ed62a], 
Rogue.TechSupportScam, C:\Program Files (x86)\SecuriDex\Securidex.exe, Quarantined, [66b4864b435679bd6c171807e91923dd], 
PUP.Optional.SecuriDex, C:\Users\{username}\Desktop\SecuriDex.lnk, Quarantined, [14063c959504ec4ab4501130c043b64a], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Uninstall.ini, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Data.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\favicon.ico, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Interop.QuartzTypeLib.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Microsoft.CSharp.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\mscorlib.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Securidex.exe, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Core.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Data.DataSetExtensions.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Deployment.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Drawing.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Management.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Runtime.Serialization.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Web.Extensions.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Windows.Forms.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Xml.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\System.Xml.Linq.dll, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\Uninstall.exe, Quarantined, [e03a8f4206930f27c63fde63887bf709], 
PUP.Optional.SecuriDex, C:\Program Files (x86)\SecuriDex\WindowsApplication.exe, Delete-on-Reboot, [e03a8f4206930f27c63fde63887bf709], 

Physical Sectors: 0
(No malicious items detected)


(end)
As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.
We use different ways of protecting your computer(s):
  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention
Save yourself the hassle and get protected.
  • 0

Advertisements





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

featured
Malware Removal How to Guides Windows 7 System Building Download Files Register welcome

Never used a forum? Learn how.