SAntivirus Removal


SAntivirus

SAntivirus is an anti-malware tool that many security researchers categorize as a potentially unwanted program (PUP) due to misleading marketing tactics and difficult uninstallation. SAntivirus is typically distributed via file-bundles, and the usual location where it gets installed is C:\Program Files\SAntivirus\santivirusclient.exe.

SAntivirus

Such tools are incredibly common and though they don’t try to harm the computers they get installed on, their presence there could be particularly obstructive, and their misleading malware warnings could oftentimes lead the user to install more unwanted software and/or to purchase the paid version of SAntivirus without actually having any need for it.

SAntivirus is similar and related to another similar potentially unwanted program called Segurazo. The typical file location of SAntivirus is. C:\Program Files\SAntivirus\santivirusclient.exe.

SAntivirus Realtime Protection Lite

SAntivirus Realtime Protection Lite is a potentially unwanted program that’s distributed for free, and its primary goal is to help market its paid version. To achieve its goal, SAntivirus Realtime Protection Lite uses dishonest tactics such as aggressively showing false malware detection warnings.

SAntivirus

Typically, users get this software without wanting it – by installing some other app that formed a bundle together with SAntivirus. Another possible way this potentially unwanted program can spread is via random pop-up ads that appear in your browser when you visit certain sites. Clicking on such ads without having set your browser to always ask you to manually specify a location for new downloads could lead to automatically downloading a potentially unwanted program such as SAntivirus.

The fact, alone, that SAntivirus Realtime Protection Lite relies on such rather underhanded (though still legal and legitimate) techniques to get installed on more computers is enough to make users suspicious of the true intentions of this software. However, when you add to this the way this program markets its full version, it becomes apparent that you’d probably be better off uninstalling it.

Deleting SAntivirus, however, is not an easy task and, in fact, it is its difficult uninstallation that further convinces users that it is, indeed, an undesirable program that should be removed from their computers.

What is SAntivirus Realtime Protection Lite?

SAntivirus Realtime Protection is an unwanted app, marketed as a security tool, that tries to intimidate users into purchasing its paid version by showing them false malware detection warnings. SAntivirus Realtime Protection usually installs via file bundles and requires lots of effort to fully delete.

Earlier versions of the program could be easily uninstalled through the use of the program’s uninstallation executable or through the Control Panel. With current SAntivirus versions, however, though the uninstaller executable is still available, running it to delete the program would not rid you of everything related to SAntivirus – many components of this program would remain on the computer and this is likely to lead to the subsequent return of SAntivirus to the computer or the installation of other unwanted software without the user’s informed approval. 

The reason this is the case with newer SAntivirus versions lies in the many changes that this program introduces to the System Registry and other system settings. These changes allow the unwanted program to embed itself deep within the system to the point where one needs to seek out and delete all related data and settings in order to be able to manually delete this software. We will show you exactly what you must do in order to delete SAntivirus on your own, but if you feel like you may need extra help with this deletion or simply don’t have time to go through the whole removal process, you can also use the professional security program we’ve linked in the following guide that is specially designed to identify and delete programs that are unwanted but technically don’t qualify as malware.

Summary

NameSAntivirus
TypeTrojan
Danger LevelHigh (Trojans are often used as a backdoor for Ransomware)
SymptomsTrojans may slow-down your machine, delete or corrupt your data, cause, errors, freezes, crashes, and so on.
Distribution MethodSpam letters, pirated content, and misleading malvertisements are the usual suspects here.
Detection Tool

anti-malware offerOFFER *Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. SpyHunter's EULA,  Privacy Policy, and more details about Free Remover.

SAntivirus removal

The SAntivirus removal process comprises the following steps:

  1. Go into Safe Mode
  2. Run the uninstaller of the program or use the Control Panel to uninstall it.
  3. Perform a thorough Registry cleanup and delete any remaining files related to the PUP.
  4. To complete the SAntivirus removal, check and clean your browsers of any unwanted components or settings that may have been added to them.

Before you try to complete these steps, make sure to read their detailed description included below.

Note 1: Since you will need to restart your PC on several occasions during the removal process, it’s suggested that you bookmark this guide or have it open on another device so that you could easily access it while completing the steps.

Note 2: As previously mentioned on this page, SAntivirus is closely related to the Segurazo PUP and so, if during the completion of this guide you need to find and remove any items named SAntivirus, but you don’t see such items, look for ones named Segurazo and delete them (or vice versa).

How to remove SAntivirus?

To remove SAntivirus, you should still begin by running the uninstaller executable for this program. However, some unwanted data would likely remain on the computer, so to fully remove SAntivirus, you will also need to clean the Registry and then delete the remaining data.

Step 1: Safe Mode

Your PC will need to be in Safe Mode while you are completing the next steps, so be sure to boot it into Safe Mode by following the steps available on the linked page.

Step 2: Running the uninstallation executable

  1. Go to your C: drive (or the drive where Windows is installed on your PC if it’s another one), and navigate to (C:)/Program Files (x86)/Segurazo.
  2. In that folder, you should see an executable named SegurazoUninstaller.exe or SAntivirusUninstaller.exe – open it.
  3. When the executable opens, click the Remove Protection button and click no if you get asked whether you’d wish to restart your PC.
  4. Close all programs, files, and folders that may currently be open on your screen, leaving only the SAntivirus/Segurazo uninstaller open.
  5. In the uninstaller window, check the Configuration files and Antivirus Protection boxes, and click Uninstall.
  6. After the uninstallation process completes, click No if the uninstaller again asks you if you’d like to restart the PC.
  7. Go back to (C:)/Program Files (x86) and see if the Segurazo folder is still there. If it is, click it, press Del from the keyboard, and click Yes to delete that folder. It’s very likely that you’d get an error message that tells you some of the files inside the folder can’t be deleted. If this happens, open the folder, delete what you can from it, and proceed to the next part of the guide. 

Usually, there will be two stubborn files left in the Segurazo folder that must be deleted, but before you could erase them, you’d need to first clean the Registry. Here, we should tell you about the free malware scanner (shown below) that’s available on our site – it’s a powerful tool you can use directly from your browser as it requires no installation. We recommend using it to test any other suspicious files that may be on your computer for malware content so that you’d know to delete them if they are found to be unwanted/malicious.

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Drag and Drop File Here To Scan
Drag and Drop File Here To Scan
Loading
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.

    How to uninstall SAntivirus

    To uninstall SAntivirus successfully, in addition to running its uninstaller, you’d also need to find and delete all Registry entries related to it. After this, to fully uninstall SAntivirus, you must go back to its folder and eliminate whatever files may be left in it.

    If you allow anything related to SAntivirus to remain on your PC, there’s a high probability that this potentially unwanted program may find its way back into your computer. Therefore, you must be very thorough with this cleanup and find and eliminate every last bit of data linked to this program to be sure your PC is clean from it.

    Step 3: Registry Cleanup

    1. Open the Registry Editor by typing regedit.exe in the Start Menu, hitting Enter, and then clicking Yes to give your Admin confirmation and enter the Registry Editor app.
      • Now, you will have to find and delete every SAntivirus item that’s in the System Registry, and we will show you which those items are and how to remove them. However, note that if you are uncertain about anything concerning this step, it’s better to contact us and consult us through the comments section below rather than deleting any items you are uncertain about. If an item that shouldn’t be removed from the Registry gets deleted, this could have unpredictable and sometimes severe consequences for the system.
        1 8
    2. Open the Edit menu of the Registry Editor, click Find, type SAntivirus, and hit Enter to find items related to it. If no items are found, try searching for Segurazo.
      2 8
    3. The first item that gets found should be located in this directory: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store. Click in it in the left panel, then find this item C:\Program Files (x86)\Segurazo\SegurazoUninstaller.exe in the right panel, select it, press Del, and click Yes.
    4. Repeat the search – the next items that must be deleted should be in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SegurazoUninstaller_RASMANCS. Expand this folder/key in the left panel and delete the following sub-folders shown under it:
      • segurazoclient_RASAPI32
      • segurazoclient_RASMANCS
      • SegurazoService_RASAPI32
      • SegurazoService_RASMANCS
      • SegurazoUninstaller_RASAPI32
      • SegurazoUninstaller_RASMANCS.
        3 8
    5. Perform another search. The next folder/key should be HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Segurazo – delete it from the left panel.
    6. Search again, the next SAntivirus/Segurazo item should be in the HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager folder. Click that folder in the left, look to the right, find an item labelled PendingFileRenameOperations and delete it.
    7. The next search should bring you to the HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application folder. After you click it, look at the items shown in the right panel and delete the one named SegurazoSvc.
    8. Search for the next unwanted item – the folder that gets found should be \Device\HarddiskVolume5\Program Files (x86)\Segurazo\SegurazoUninstaller.exe – you must delete it from the left panel.
    9. Finally, scroll back to the top of the left panel, click the Computer icon at the top, press Ctrl + F and perform one final search for SAntivirus/Segurazo to make sure there are no more items related to either of those programs. If anything is found, delete it and proceed to the next part of the guide.

    Step 4: Deleting the remaining files

    It’s finally time to delete the files that were left behind after you uninstalled SAntivirus together with the SAntivirus/Segurazo folder. This process, however, like the rest of the removal guide, isn’t as straightforward:

    1. Go back to the (C:)/Program Files (x86)/Segurazo folder if that folder is still on your computer and write down the full and exact names of the files that are in it together with their extensions.
    2. Next, click in the address bar at the top, highlight the path to that folder, right-click it, and select copy.
      4 6
    3. Press Ctrl + Shift + Esc to start the Task Manager, click on the Processes tab, find the File Explorer process, and quit it by clicking on it, selecting the End Process button, and clicking on Yes.
    4. Next, open the Start Menu, type cmd in its search box, and when the cmd.exe shows up, right-click it, select Run as Administrator, and then select Yes.
    5. In the next window, type del /f *filename*, but instead of *filename*, you must paste the file path you copied and next to it type one of the names that you wrote down earlier.
      • To paste copied text into the cmd window, right-click the title bar of the app, click Edit, and then click Paste.
        5 6
      • Here is what the full command should typically look like. The only thing that may vary is the exact names of the files (mind the single spaces that must be present between “del“, “/f“, and “C:“:
        • del /f C:\Program Files (x86)\Segurazo\SegurazoShell64_v1069.dll
        • del /f C:\Program Files (x86)\Segurazo\SegurazoKD.sys.
          6 6
    6. Execute the command by pressing Enter – once it completes, do the same thing with all files that are still in the SAntivirus/Segurazo folder.
    7. Finally, go back to the (C:)/Program Files (x86)/Segurazo folder and delete it.

    Step 5: Cleaning the browsers

    Though SAntivirus doesn’t typically interfere with the user’s browsers, due to the fact that this program often gets installed via file-bundles, alongside other potentially unwanted apps that could target your browser, it’s best to also check the browsing programs on your computer and clean them from anything potentially unwanted.

    Start by right-clicking on the icon of the main browser, and going to Properties > Shortcut. There, you will see a text field labelled Target – click in it, see if there’s any text past “.exe” and if there is, delete that text.

    After this, access the main browser, go to its menu, and select the Extensions/Add-ons option. For most browsers, the menu icon is in the top-left. For Opera, it’s in the top-right. If you are a Chrome user, after you click on the browser menu, first select the More Tools option, and then you will see the Extensions button in the side-menu.

    7 5 1024x448

    On the page where the browser’s extensions are shown, first disable and then remove/uninstall anything that you don’t recognize, trust, or need.

    8 5 1024x525

    Next, click on the browser menu again and go to Settings > Privacy and Security.

    9 5

    There, find an option labelled Clear data/Clear browsing data/Choose what to clear, click it, and open the Advanced tab in the window that shows up (if such a tab is present). Then put ticks in all boxes shown in that window – leave only the passwords box unticked – and then click on Clear data/Clear to delete any temporary browser data that may hold records of anything unwanted.

    10 2

    Finally, remember that this step must be performed for every browser in the system and not only the main one.

    If you didn’t’ manage to fully get rid of SAntivirus

    If data from this unwanted program is still somehow present in the system, remember that the removal tool that we mentioned earlier and that is linked in the guide can quickly locate and delete anything that remains from the unwanted program, as well as protect your computer from future threats. We recommend using it if you still think your computer isn’t fully clean and/or if you want an extra layer of protection for it.

    blank

    About the author

    blank

    Lidia Howler

    Lidia is a web content creator with years of experience in the cyber-security sector. She helps readers with articles on malware removal and online security. Her strive for simplicity and well-researched information provides users with easy-to-follow It-related tips and step-by-step tutorials.

    1 Comment

    • Hi,

      I was attacked by this virus today. I have been trying to clear this from my system using your super helpful guide. But I see some of the residue of the folder (SAntivirus) in HKEY_LOCAL_MACHINE and I a, not able to delete it. Please help asap.

    Leave a Comment

    Buy SpyHunter now and remove any malware immediately

    Remove Now

    $7 / Month          $4.69 / Month*

    33% off expires in

    Hours
    Minutes
    Seconds

    *Regional prices may vary.