This post highlights issues around amdidx.exe malicious process and advises on the methodology to get rid of the associated ads-serving infection.
Adware applications are not abstract entities that cause various web browsing related problems. Instead, they all have denominations, specific affiliated add-ons and executables that make the adverse routine a reality. Over the past few weeks, lots of computer users have been reportedly suffering the consequences of an attack accompanied by the onset of amdidx.exe file among their running processes. As it turns out, this co-occurrence is far from accidental. Such PCs have a program inside that installs junk software without the victim’s permission. In their turn, these stealthily promoted applications then lead to problems, including the distortion of Internet preferences such as the homepage or search provider, and the injection of advertisements into random pages viewed in the course of every browsing session.
Amdidx.exe, located in Program Files\amdidx folder, is in fact a part of an ongoing adware campaign that the security industry is associating with Amonetize, an online marketing platform known for employing questionable practices. Some of the leading antimalware suites are detecting this bug as MSIL/Amonetize.AA, ADWARE/Amonetize.Gen7, Trojan.GenericKD.2952113 or BehavesLike.Win32.Backdoor.fc. What lurks under these spooky names is a piece of software that installs onto a computer without due consent of the user and automatically downloads different files and programs afterwards. It may leverage installation clients for this purpose, where the main idea is to get the person clicking on harmless-looking buttons for approval. Sometimes, though, the intrusion does not involve the victim’s participation at all, taking place entirely in the background.
The most common effect of amdidx.exe activity is ad-related. It enables browser plugins or add-ons that generate an additional layer on top of every visited website. This layer hosts a variety of sponsored items, including sections with deals, coupons, in-text links, popup ads with annoying software update prompts, and transitional ads. The affected user can try and close those objects each time they are encountered, but new ones promptly appear, making this tactic a waste of time. A working remedy consists in complete eradication of the underlying malware as well as the amdidx.exe process along the way.
Automated removal of amdidx.exe virus
Owing to an up-to-date database of malware signatures and intelligent behavioral detection, the recommended software can quickly locate the infection, eradicate it and remediate all harmful changes. So go ahead and do the following:
1. Download and install the antimalware tool. Open the solution and have it check your PC for PUPs and other types of malicious software by clicking the Start Computer Scan button
2. Rest assured the scan report will list all items that may harm your operating system. Select the detected entries and click Fix Threats to get the troubleshooting completed.
Use Control Panel to get rid of amdidx.exe adware
• Open up the Control Panel from your Start menu in Windows and select Uninstall a program
• To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Find Amonetize or some other unfamiliar entry under the Name column, click Uninstall and follow further directions to get the removal done.
Restore web browser settings to their original defaults
In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by amdidx.exe.
Reset Mozilla Firefox
• Open Firefox, type about:support in the URL area and press Enter
• On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it
• Follow subsequent directions to reset Firefox to its original settings
• Restart the browser.
Reset Google Chrome
• Open Chrome, click the icon for Chrome menu and choose Settings
• Scroll down the settings screen and click Show advanced settings
• Click Reset settings
• Finally, confirm the restoration by clicking Reset on the warning message
• Restart Chrome.
Reset Internet Explorer
• Select Internet options under IE’s Tools
• Proceed by clicking on Advanced tab, then select Reset
• To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled
• Reboot the machine to fully implement the fix.
Revise your security status
Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.
- Petya ransomware removal and system recovery (upd. June 27)
- Sorebrect ransomware – fileless malware exploits PsExec utility
- Remove MOLE02 ransomware virus and decrypt .mole02 files (upd. June 15)
- Erebus ransomware infects Linux web servers in South Korea
- Decrypt .master ransomware files – BTCWare virus variant