Segurazo

Segurazo Description

Segurazo ScreenshotThe Segurazo application, a/k/a SAntivirus, presents itself as a helpful, genuine antivirus tool capable of bringing considerable benefits to those who give it a chance. However, in reality, Segurazo is far from helpful and is certainly not as trustworthy a tool as one would expect from an antivirus application. Instead of effective threat detection and real-time protection, SAntivirus will bombard you with dozens of falsely exaggerated security reports in a relentless effort to urge you to buy the premium version of this dodgy tool.

Segurazo As a Drive-By Download

In general, malware actors tend to distribute Potentially Unwanted Programs (PUPs) by smuggling them into software bundles containing all sorts of legit programs. Like any other PUP, Segurazo often lands on targeted PCs as part of a software bundle. You can inadvertently install one if you click on a deceptive pop-up ad, a fake Flash update, or a random free software bundle. Long story short, you may end up installing Segurazo alongside the original software you were looking for. Of course, that won't happen unless you go for a custom or advanced installation rather than a full one. That is why it is always useful to hand-pick the bundle components you wish to install while disregarding those with next to nothing to do with your original purpose.

This Week In Malware Episode 43 Part 3 Video: Bogus Segurazo Antivirus Tricks Computer Users Using Fake Features

Post-Installation Behavior

If you still happen to let Segurazo install itself on your machine, be ready for a wave of exaggerated security reports. Those reports will be very likely to predict a bleak for your PC unless you purchase a premium Segurazo subscription. Such behavior is typical of any rogue antivirus application out there, and Segurazo makes no exception. The purpose is clear — to mislead you into believing that your system is under imminent threat due to the number of security issues found by the seemingly simple SAntivirus tool. The thing is, even if you do pay to unlock all the features Segurazo claims to have, you would still be unable to fix any of the imaginary issues outlined therein. Such intimidation technique works surprisingly well in general, which may explain why many PC users end up purchasing the full Segurazo antivirus package that would promise them to fix all existent (and even non-existent) security issues in their PCs.

Let’s Be Clear

When searching for a genuine antivirus solution, bear in mind that no legitimate application would resort to intimidation and social engineering tricks to urge you to get the full version of the product. Any application that does so is not trustworthy, and you should not waste your hard-earned money on it. To date, dozens of reputable antivirus program vendors have flagged the Segurazo application as unsafe, riskware, hack tool, or PUP.

If you want to purchase a subscription to a real-time online security service, make sure you do your research first and only trust applications from legitimate, reputable vendors. Once you’ve picked a robust software solution capable of doing the job, use it to remove Segurazo, as well as any other unwanted applications, from your system. If you wish to do it manually, you will need to perform a thorough search for deceptive programs on your Control Panel and suspicious extensions in your web browser(s). Those procedures may differ depending on your underlying OS and default browser.

Technical Information

File System Details

Segurazo creates the following file(s):
# File Name Size MD5 Detection Count
1 %PROGRAMFILES(x86)%\segurazo\rsenginehelper.exe.config 383 e3d5f62b7b28176a510484e465fa0f18 196,909
2 %PROGRAMFILES(x86)%\segurazo\exclusionslist.dat 2,816 f084d2fbfdfad019c73c12756429951d 17,203
3 C:\Program Files (x86)\Segurazo\x64\rsEnginePM_x64.dll 228,120 f33b211a5a27f3fd45c7e16479e42772 1,184
4 %PROGRAMFILES(x86)%\segurazo\sinspector.dll 194,664 afa613af1332326ec9081ec55b0a009a 964
5 %PROGRAMFILES(x86)%\segurazo\segurazoic.exe\segurazoic.exe 4,561,616 e8f44c3e9bdac233b2cd20cb43ffd806 280
6 %PROGRAMFILES(x86)%\segurazo\segurazoservice.exe\segurazoservice.exe 250,472 1daae6285b600484ab2b4be3d8fb27bf 199
7 SegurazoSetup.exe 18,473,904 f569405567d73b19b773530549668a96 26
More files

Registry Details

Segurazo creates the following registry entry or registry entries:
Registry key
SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SegurazoShellExtension.FileContextMenuExt
SOFTWARE\Classes\.lnk\ShellEx\ContextMenuHandlers\SegurazoShellExtension.FileContextMenuExt
SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\SegurazoShellExtension.FileContextMenuExt
SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\SegurazoShellExtension.FileContextMenuExt
SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\SegurazoShellExtension.FileContextMenuExt
SOFTWARE\Classes\SystemFileAssociations\*\shellex\ContextMenuHandlers\SegurazoShellExtension.FileContextMenuExt
SOFTWARE\Classes\SystemFileAssociations\.lnk\shellex\ContextMenuHandlers\SegurazoShellExtension.FileContextMenuExt
SOFTWARE\Classes\SystemFileAssociations\Directory\shellex\ContextMenuHandlers\SegurazoShellExtension.FileContextMenuExt
SOFTWARE\Classes\SystemFileAssociations\Folder\shellex\ContextMenuHandlers\SegurazoShellExtension.FileContextMenuExt
SOFTWARE\Classes\SystemFileAssociations\lnkfile\shellex\ContextMenuHandlers\SegurazoShellExtension.FileContextMenuExt
SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SegurazoService.exe
SOFTWARE\Microsoft\Tracing\SegurazoClient_RASAPI32
SOFTWARE\Microsoft\Tracing\SegurazoClient_RASMANCS
SOFTWARE\Microsoft\Tracing\SegurazoService_RASAPI32
SOFTWARE\Microsoft\Tracing\SegurazoService_RASMANCS
SOFTWARE\Microsoft\Tracing\SegurazoUninstaller_RASAPI32
SOFTWARE\Microsoft\Tracing\SegurazoUninstaller_RASMANCS
SOFTWARE\Microsoft\Tracing\SegurazoWD_RASAPI32
SOFTWARE\Microsoft\Tracing\SegurazoWD_RASMANCS
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.SegurazoAntiviru
SOFTWARE\Microsoft\Windows\SAntivirus
software\microsoft\windows\segurazo
SOFTWARE\Microsoft\Windows\Segurazo
SOFTWARE\SAntivirus
SOFTWARE\SAntivirusProduct
SOFTWARE\SegOption
software\segurazo
SOFTWARE\wow6432node\santivirus
SYSTEM\ControlSet001\Enum\Root\LEGACY_SEGURAZOKD
SYSTEM\ControlSet001\Services\SAntivirusIC
SYSTEM\ControlSet002\Enum\Root\LEGACY_SEGURAZOKD
SYSTEM\ControlSet002\Services\SAntivirusIC
SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEGURAZOKD
SYSTEM\CurrentControlSet\services\eventlog\Application\SegurazoSvc
SYSTEM\CurrentControlSet\Services\SAntivirusIC
SYSTEM\CurrentControlSet\Services\SAntivirusSvc
SYSTEM\CurrentSet001\Services\SAntivirusSvc
SYSTEM\CurrentSet002\Services\SAntivirusSvc
CLSID
{7784BE7F-A15C-4A41-ACF5-4CC020154952}
{BFD98515-CD74-48A4-98E2-13D209E3EE4F}
Directory
%ALLUSERSPROFILE%\Application Data\SAntivirus
%allusersprofile%\microsoft\windows\start menu\programs\segurazo
%ALLUSERSPROFILE%\SAntivirus
%allusersprofile%\segurazo
%APPDATA%\santivirusclient
%appdata%\segurazoclient
%APPDATA%\SegurazoUninstaller
%PROGRAMFILES%\Digital Communications\SAntivirus
%programfiles%\segurazo
%PROGRAMFILES(x86)%\Digital Communications\SAntivirus
%PROGRAMFILES(x86)%\segurazo
Uninstaller
segurazo

Related Posts

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.