Home Guides How to uninstall Segurazo virus / fake antivirus (July 2020 update)

How to uninstall Segurazo virus / fake antivirus (July 2020 update)

5 min read
This tutorial will walk you through the removal of Segurazo, a notorious rogue antivirus that installs itself furtively and displays exaggerated scan reports.
  1. What is Segurazo?
  2. Automated removal of Segurazo malware
  3. Restore web browser settings to their original defaults

What is Segurazo?

To make the most of a personal computer, the user has to ascertain that it’s bug-free and has no malware on board. With a plethora of Windows threats out there waiting to access new hosts, it’s okay to be a little bit paranoid about security these days. The trending obsession with protecting digital lives is a hype train cybercriminals couldn’t possibly miss. How about creating a program that claims to safeguard PCs and passing it off as an effective antivirus? This seems like a perfect vector of abuse with an unlimited audience of victims. Segurazo fits the mold of such an application. Its name is the Portuguese for “Safety”, and this is already an evident inconsistency in itself because the software doesn’t do much to keep its users on the safe side while doing a lot to dupe them into making wrong decisions. Segurazo Antivirus may appear legit at first blush, but a number of facts about its distribution tactics and system-borne operation debunk this impression big time. In 2020, this threat was rebranded as SAntivirus, sometimes also referred to as SAntivirus Product. This tweak is reflected in the setup wizard’s screens as well as in the manifestation of this pest on the installed programs list. The GUI of this scareware continues to feature the name “Segurazo”, though.

Misleading scan report shown by Segurazo Antivirus

Having slithered into a PC, this pseudo AV instantly starts a quick scan that supposedly looks for common security and system health issues, including vulnerable software, harmful browser extensions, network risks, and performance problems. No matter if the machine is safe and sound or actually needs a good deal of fixing, Segurazo will generate a results window that takes the user by surprise due to the detected items. The phrase “We found viruses!” suffices to throw most people off balance, and that’s the bait part of the malicious actors’ plan. When the unsuspecting victim begins exploring ways to remedy their computer and privacy, the application pretends to lend its helping hand by offering a one-click repair. The catch is that the cleanup can only take effect if the person switches from unregistered edition to the Pro version. The latter, predictably enough, implies a fee that must be paid in order to presumably unlock the whole healing potential of the solution under scrutiny. However, given that this is a scareware scenario, the upgrade is redundant and won’t do anything genuinely useful.

Threat details:
Name Segurazo Antivirus
Threat Category Rogue antivirus, scareware
Detection Codenames Bitdefender: Gen:NN.ZedlaF.32519.IC4@aS4Qx7di, Malwarebytes: PUP.Optional.Segurazo, McAfee: Artemis!C66BEEB5F948, Microsoft: PUA:Win32/Presenoker, Webroot: W32.Adware.Gen
Symptoms Runs bogus scans and displays annoying popups, reports non-existent security threats and PC performance issues, insists on activation of licensed version
Distribution techniques Malicious app bundles, spam, search engine poisoning, compromised websites, P2P sharing services
Severity High
Damage Slows down the computer, establishes persistence to prevent regular removal, interferes with system registry
Removal Scan your PC with Spyhunter to detect all files related to
Segurazo virus. Free scan determines if your system is
infected. To get rid of the threat, you need to purchase the full
version of the anti-malware tool:

In case the victim feels something isn’t right and lingers with license activation, Segurazo PUP (potentially unwanted program) will implement its plan B. In addition to the scan reports being displayed at boot time and then randomly splashing up once in a while, the rogue program will generate follow-up alerts about unsatisfactory system security status. These nag warnings pop up from the system tray area and remind the user about the importance of resolving the issues immediately.

An extra scare element is that the faux antivirus may redirect the prey’s default web browser to misleading sites echoing the same old message: buy the product now or leave the electronic well-being to chance. Of course it’s a bad idea to fall for all these repeating scans and follow-up notifications coming in multiple different forms, but they tend to get too noxious to endure. Under the circumstances, the best cure is to get rid of Segurazo. Before we get to that point, though, let’s dwell on the ways to avoid this hoax in the first place.

 SAntivirus, another name of Segurazo scareware

Despite the fact that this intrusive program appears to be downloadable off of its official web page, this option is actually missing and returns an error page saying “The requested URL /SegurazoSetup.exe was not found on this server”. Even if it were there, that would hardly ever be the source of the installation. Scareware authors don’t take a legitimate software distribution route. Instead, Segurazo leverages a much sneakier mechanism to get in. It comes with a bundle of several programs disguised as a single-component setup wizard. In other words, the installer appears to guide the user through getting one benign application but ends up dropping a few without proper notice. In many cases, the scam arrives with entities related to video games. These include game mods and cheats that turn out to be booby-trapped. Sometimes this scareware treacherously accompanies popular audio software such as Audacity, a disk image utility called PowerISO, or a mobile-to-desktop game emulator known as Nox. It’s worth mentioning that most of the core apps mentioned in these installers are benign and reputable. The fraudulent facet of this promotion is about bundling a number of programs surreptitiously within one setup client, which is typically an example of foul play perpetrated on uncertified software portals. To stay away from such a stratagem, users should always peek into the custom installation mode rather than keep the default one enabled. This way, the real composition of the package is revealed and it’s easy to deselect the unwanted items.

Segurazo virus removal isn’t as simple as using the Control Panel (‘Apps & features’ pane) in Windows. This software prevents the operating system’s regular uninstall feature from being effective. Therefore, the cleanup should be performed in Safe Mode with Networking. To access it, tap F8 repeatedly when your computer is starting up – doing so will open the Advanced Boot Options menu. Then, use the arrow keys to navigate to Safe Mode with Networking and press Enter to boot into it. Once this is done, follow the steps below to eradicate Segurazo phony antivirus.

Automated removal of Segurazo malware

Owing to an up-to-date database of malware signatures and intelligent behavioral detection, the recommended software can quickly locate the infection, eradicate it and remediate all harmful changes. So go ahead and do the following:

1. Download and install the antimalware tool. Open the solution and have it check your PC for PUPs and other types of malicious software by clicking the Start Computer Scan button

Download Segurazo remover

2. Rest assured the scan report will list all items that may harm your operating system. Select the detected entries and click Fix Threats to get the troubleshooting completed.

Use Control Panel to get rid of the Segurazo virus

  • Open up the Control Panel from your Start menu in Windows. Open up the Control Panel from your Start menu in Windows. Depending on the OS build, select Uninstall a program (Windows 10, 7 and Vista) or Add or Remove Programs (Windows 8)
    Access program uninstall screen on Windows
  • To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Find an unfamiliar, suspicious entry under the Name column, click Uninstall and follow further directions to get the removal doneUninstall unwanted program

Restore web browser settings to their original defaults

In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by the Segurazo virus.

Reset Google Chrome

  • Open Chrome, click the icon for Chrome menu and choose Settings
  • Scroll down the settings screen and click Show advanced settings
  • Click Reset settings
  • Finally, confirm the restoration by clicking Reset on the warning message
  • Restart Chrome

Reset Mozilla Firefox

  • Open Firefox, type about:support in the URL area and press Enter
  • On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it
    Refresh Firefox button
  • Follow subsequent directions to reset Firefox to its original settings
    Complete refreshing Firefox
  • Restart the browser.

Reset Internet Explorer

  • Select Internet options under IE’s Tools (Alt+X)
    Open up Internet options in Internet Explorer
  • Proceed by clicking on Advanced tab, then select Reset
    Locate and click the Reset button in IE
  • To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled
    IE reset confirmation
  • Reboot the machine to fully implement the fix.

Reset Safari

  • Go to the Safari menu and select Preferences
    Go to Safari Preferences
  • When on the Preferences screen, select the Privacy tab and hit the Remove All Website Data button if you are up to erasing all website data stored on your Mac. Otherwise, you can use a site-specific removal option described below
    Remove All Website Data button
  • A dialog will appear, asking you to validate your choice. Click the Remove Now button if you are sure. Be advised this will log you out of online services and undo personalized web browser settings such as saved passwords, etc.
    Confirm website data removal
  • Safari also allows deleting data for specific sites rather than all sites in general. To use this option, click the Details button under Privacy tab
    Details button under Privacy tab
  • Select the websites for which you would like to erase data and click the Remove button
    Removing data for selected sites in Safari
  • Click the Done button to confirm and exit. You can also select the Remove All option to remove all data stored by the listed websites.

Revise your security status

Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.

Download Segurazo virus removal tool


Why can’t I uninstall Segurazo?

Why can’t I uninstall Segurazo?

The main quirk of Segurazo / SAntivirus scareware which underlies its persistence on a Windows computer is that it tampers with the registry. This is the core database that manages the operating system and specifies the functions and behavior of third-party applications. The infection adds new services named SAntivirusIC and SAntivirusSvc and configures the PC to execute them at startup time. It additionally creates a kernel driver (SAntivirusKD) to gain a firmer foothold in the machine. This fusion of tricks allows the rogue program to survive regular manual cleaning techniques and reinstall its components even after they seem to have been successfully deleted.

Is Segurazo a virus?

Is Segurazo a virus?

If you stick with the academic definition, then Segurazo cannot be considered a virus. Strictly speaking, a computer virus is a malicious program that exhibits a self-replication capability once executed. Segurazo cannot do that. It stealthily infiltrates a PC, establishes persistence, and displays fake system scan reports to dupe the victim into buying its license. It doesn’t spawn copies of itself across the contaminated environment, though. These properties make it a scareware, or a rogue antivirus.

That being said, some people think of a virus and any garden-variety harmful code as synonymous concepts. If you apply this generic and somewhat erroneous categorization to the SAntivirus scenario, then yes, it can be regarded as a virus. But, again, this doesn’t fit into the conventional classification model for malicious code.

Is Segurazo dangerous?

Is Segurazo dangerous?

Not really. It’s annoying, intrusive, aggressive, and persistent, but it can be labeled “dangerous” by a fairly slim margin. Segurazo (SAntivirus) should definitely be removed from a PC if it pulls off the furtive installation trick, though. Because Segurazo hijacks a victim’s preferred web browser as part of its brainwashing, it may keep track of the Internet history, search requests, and account credentials. This is a risk that shouldn’t be underestimated. Furthermore, as if the fake scan reports and follow-up alerts weren’t irksome enough, it may silently download more threats onto the infected machine. Long story short, Segurazo isn’t nearly as dangerous as entities like ransomware or cryptojackers, but it diminishes the user experience and may cause privacy issues.

Rate article

5/5 (2)

Leave a Reply

Your email address will not be published. Required fields are marked *