SAntivirus
SAntivirus is a potentially unwanted program (PUP) that presents itself as a helpful antivirus solution. The program is related to the Segurazo PUP, and it similarly tends to install on systems without clear consent, typically bundled with other software downloads. After infiltrating a system, it can be difficult to remove and often reinstalls itself. Once active, the PUP may slow down your computer, generate intrusive advertisements, and cause system instability. There are also concerns about its data collection practices, as it might collect personal information. Therefore, it’s critical to treat SAntivirus as a potential threat. Users are advised to use reputable antivirus or anti-malware tools to detect and remove this PUP and safeguard their systems.
Is SAntivirus a virus?
Santivirus is technically not a virus but a PUP (potentially unwanted program). This means that SAntivirus is unlikely to damage your software or data, but it can still lead to different issues. The main problem with this PUP is that it uses deceptive and misleading tactics to trick users into buying its license without any actual need to do that.
How to delete SAntivirus?
The process to delete SAntivirus can be rather lengthy since simply uninstalling this PUP typically won’t fully get rid of it. For this reason, you need to manually locate and delete all its files, settings and registry entries. Exact instructions on how to fully eliminate SAntivirus are available in our detailed guide. Additionally, the professional malware removal tool available on this page can automatically get rid of SAntivirus for you.
Is SAntivirus safe?
Although technically not a virus, it can’t really be said that SAntivirus is safe. The PUP can install without the user’s permissions, make unwanted changes in various system settings, and is unusually difficult to fully remove, which is why it’s best to delete it from your system if it’s currently there.
SAntivirus Realtime Protection Lite
SAntivirus Realtime Protection Lite, formerly known as Segurazo, is a deceitful software posing as an antivirus program. It sneaks into systems bundled with other downloads and performs misleading system scans, delivering false-positive results to coax users into purchasing its license key. Far from offering protection, this PUP is a persistent threat that intentionally obfuscates its uninstallation process to remain lodged within your system. Its association with dubious programs like crypto-miners or fake browsers exacerbates its impact, leading to a noticeable slowdown in system performance. Consequently, it’s critical to remove SAntivirus Realtime Protection Lite promptly, by using reliable security software, like the one we’ve posted here, or by following our detailed removal tutorial.
What is SAntivirus?
SAntivirus is categorized as a PUP (a potentially unwanted program) and as such, it doesn’t pose as severe a threat as Trojans or Ransomware. Despite this, its potential for harm shouldn’t be understated. Masquerading as an antivirus program, it leverages deceptive tactics to generate false-positive results, urging users to purchase its license key. Beyond this, SAntivirus can slow system performance, interfere with user experience, and create openings for more harmful malware by occupying system resources. Preemptive measures against this PUP include avoiding unfamiliar downloads, closely monitoring software installation processes, and using a reputable antivirus tool. Despite its lower threat level, this PUP can still pose significant inconvenience and potential security risks, warranting swift and decisive removal.
Summary
Name | SAntivirus |
Type | PUP |
Danger Level | High (Trojans are often used as a backdoor for Ransomware) |
Symptoms | Trojans may slow-down your machine, delete or corrupt your data, cause, errors, freezes, crashes, and so on. |
Distribution Method | Spam letters, pirated content, and misleading malvertisements are the usual suspects here. |
Detection Tool |
How to Uninstall SAntivirus
The SAntivirus removal process comprises the following steps:
- Go into Safe Mode
- Run the uninstaller of the program or use the Control Panel to uninstall it.
- Perform a thorough Registry cleanup and delete any remaining files related to the PUP.
- To complete the SAntivirus removal, check and clean your browsers of any unwanted components or settings that may have been added to them.
Before you try to complete these steps, make sure to read their detailed description included below.
Note 1: Since you will need to restart your PC on several occasions during the removal process, it’s suggested that you bookmark this guide or have it open on another device so that you could easily access it while completing the steps.
Note 2: As previously mentioned on this page, SAntivirus is closely related to the Segurazo PUP and so, if during the completion of this guide you need to find and remove any items named SAntivirus, but you don’t see such items, look for ones named Segurazo and delete them (or vice versa).
How to remove SAntivirus?
To remove SAntivirus, you should still begin by running the uninstaller executable for this program. However, some unwanted data would likely remain on the computer, so to fully remove SAntivirus, you will also need to clean the Registry and then delete the remaining data.
Step 1: Safe Mode
Your PC will need to be in Safe Mode while you are completing the next steps, so be sure to boot it into Safe Mode by following the steps available on the linked page.
Step 2: Running the uninstallation executable
- Go to your C: drive (or the drive where Windows is installed on your PC if it’s another one), and navigate to (C:)/Program Files (x86)/Segurazo.
- In that folder, you should see an executable named SegurazoUninstaller.exe or SAntivirusUninstaller.exe – open it.
- When the executable opens, click the Remove Protection button and click no if you get asked whether you’d wish to restart your PC.
- Close all programs, files, and folders that may currently be open on your screen, leaving only the SAntivirus/Segurazo uninstaller open.
- In the uninstaller window, check the Configuration files and Antivirus Protection boxes, and click Uninstall.
- After the uninstallation process completes, click No if the uninstaller again asks you if you’d like to restart the PC.
- Go back to (C:)/Program Files (x86) and see if the Segurazo folder is still there. If it is, click it, press Del from the keyboard, and click Yes to delete that folder. It’s very likely that you’d get an error message that tells you some of the files inside the folder can’t be deleted. If this happens, open the folder, delete what you can from it, and proceed to the next part of the guide.
Usually, there will be two stubborn SAntivirus files left in the Segurazo folder that must be deleted, but before you could erase them, you’d need to first clean the Registry. Here, we should tell you about the free malware scanner (shown below) that’s available on our site – it’s a powerful tool you can use directly from your browser as it requires no installation. We recommend using it to test any other suspicious files that may be on your computer for malware content so that you’d know to delete them if they are found to be malicious and/or related to SAntivirus.
How to uninstall SAntivirus
To uninstall SAntivirus successfully, in addition to running its uninstaller, you’d also need to find and delete all Registry entries related to it. After this, to fully uninstall SAntivirus, you must go back to its folder and eliminate whatever files may be left in it.
If you allow anything related to SAntivirus to remain on your PC, there’s a high probability that this potentially unwanted program may find its way back into your computer. Therefore, you must be very thorough with this cleanup and find and eliminate every last bit of data linked to this program to be sure your PC is clean from it.
Step 3: Registry Cleanup
- Open the Registry Editor by typing regedit.exe in the Start Menu, hitting Enter, and then clicking Yes to give your Admin confirmation and enter the Registry Editor app.
- Now, you will have to find and delete every SAntivirus item that’s in the System Registry, and we will show you which those items are and how to remove them. However, note that if you are uncertain about anything concerning this step, it’s better to contact us and consult us through the comments section below rather than deleting any items you are uncertain about. If an item that shouldn’t be removed from the Registry gets deleted, this could have unpredictable and sometimes severe consequences for the system.
- Now, you will have to find and delete every SAntivirus item that’s in the System Registry, and we will show you which those items are and how to remove them. However, note that if you are uncertain about anything concerning this step, it’s better to contact us and consult us through the comments section below rather than deleting any items you are uncertain about. If an item that shouldn’t be removed from the Registry gets deleted, this could have unpredictable and sometimes severe consequences for the system.
- Open the Edit menu of the Registry Editor, click Find, type SAntivirus, and hit Enter to find items related to it. If no items are found, try searching for Segurazo.
- The first SAntivirus item that gets found should be located in this directory: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store. Click in it in the left panel, then find this item C:\Program Files (x86)\Segurazo\SegurazoUninstaller.exe in the right panel, select it, press Del, and click Yes.
- Repeat the search – the next items that must be deleted should be in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SegurazoUninstaller_RASMANCS. Expand this folder/key in the left panel and delete the following sub-folders shown under it:
- segurazoclient_RASAPI32
- segurazoclient_RASMANCS
- SegurazoService_RASAPI32
- SegurazoService_RASMANCS
- SegurazoUninstaller_RASAPI32
- SegurazoUninstaller_RASMANCS.
- Perform another search. The next folder/key should be HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Segurazo – delete it from the left panel.
- Search again, the next SAntivirus/Segurazo item should be in the HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager folder. Click that folder in the left, look to the right, find an item labelled PendingFileRenameOperations and delete it.
- The next search should bring you to the HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application folder. After you click it, look at the items shown in the right panel and delete the one named SegurazoSvc.
- Search for the next unwanted item – the folder that gets found should be \Device\HarddiskVolume5\Program Files (x86)\Segurazo\SegurazoUninstaller.exe – you must delete it from the left panel.
- Finally, scroll back to the top of the left panel, click the Computer icon at the top, press Ctrl + F and perform one final search for SAntivirus/Segurazo to make sure there are no more items related to either of those programs. If anything is found, delete it and proceed to the next part of the guide.
Step 4: Deleting the remaining files
It’s finally time to delete the files that were left behind after you uninstalled SAntivirus together with the SAntivirus/Segurazo folder. This process, however, like the rest of the removal guide, isn’t as straightforward:
- Go back to the (C:)/Program Files (x86)/Segurazo folder if that folder is still on your computer and write down the full and exact names of the files that are in it together with their extensions.
- Next, click in the address bar at the top, highlight the path to that folder, right-click it, and select copy.
- Press Ctrl + Shift + Esc to start the Task Manager, click on the Processes tab, find the File Explorer process, and quit it by clicking on it, selecting the End Process button, and clicking on Yes.
- Next, open the Start Menu, type cmd in its search box, and when the cmd.exe shows up, right-click it, select Run as Administrator, and then select Yes.
- In the next window, type del /f *filename*, but instead of *filename*, you must paste the file path you copied and next to it type one of the names that you wrote down earlier.
- To paste copied text into the cmd window, right-click the title bar of the app, click Edit, and then click Paste.
- Here is what the full command should typically look like. The only thing that may vary is the exact names of the files (mind the single spaces that must be present between “del“, “/f“, and “C:“:
- del /f C:\Program Files (x86)\Segurazo\SegurazoShell64_v1069.dll
- del /f C:\Program Files (x86)\Segurazo\SegurazoKD.sys.
- To paste copied text into the cmd window, right-click the title bar of the app, click Edit, and then click Paste.
- Execute the command by pressing Enter – once it completes, do the same thing with all files that are still in the SAntivirus/Segurazo folder.
- Finally, go back to the (C:)/Program Files (x86)/Segurazo folder and delete it.
Step 5: Cleaning the browsers
Though SAntivirus doesn’t typically interfere with the user’s browsers, due to the fact that this program often gets installed via file-bundles, alongside other potentially unwanted apps that could target your browser, it’s best to also check the browsing programs on your computer and clean them from anything potentially unwanted.
Start by right-clicking on the icon of the main browser, and going to Properties > Shortcut. There, you will see a text field labelled Target – click in it, see if there’s any text past “.exe” and if there is, delete that text.
After this, access the main browser, go to its menu, and select the Extensions/Add-ons option. For most browsers, the menu icon is in the top-left. For Opera, it’s in the top-right. If you are a Chrome user, after you click on the browser menu, first select the More Tools option, and then you will see the Extensions button in the side-menu.
On the page where the browser’s extensions are shown, first disable and then remove/uninstall anything that you don’t recognize, trust, or need.
Next, click on the browser menu again and go to Settings > Privacy and Security.
There, find an option labelled Clear data/Clear browsing data/Choose what to clear, click it, and open the Advanced tab in the window that shows up (if such a tab is present). Then put ticks in all boxes shown in that window – leave only the passwords box unticked – and then click on Clear data/Clear to delete any temporary browser data that may hold records of anything unwanted.
Finally, remember that this step must be performed for every browser in the system and not only the main one.
If you didn’t’ manage to fully get rid of SAntivirus
If data from SAntivirus is still somehow present in the system, remember that the removal tool that we mentioned earlier and that is linked in the guide can quickly locate and delete anything that remains from the unwanted program, as well as protect your computer from future threats. We recommend using it if you still think your computer isn’t fully clean from SAntivirus and/or if you want an extra layer of protection for it.
Hi,
I was attacked by this virus today. I have been trying to clear this from my system using your super helpful guide. But I see some of the residue of the folder (SAntivirus) in HKEY_LOCAL_MACHINE and I a, not able to delete it. Please help asap.
I have try it..
I successfully log in to save mode in windows 8, by yours tutorial..
And i delate manually in the program file, and now i have fake acdc, fake avast and comfortable calage..
And i will do the same thing..
Thanks
Redzone JFF