Can't remove Segorazo Anti Virus II and is there a way to block it?

I was hit with this virus some weeks ago, (Windows 10) and tried to remove it with Revo Uninstaller but it didn’t work. So, rebooted into Safe mode and deleted all files manually. To find all folders and files related to Segorazo, I used the free app “Everything”.

What I don’t understand is why did Avast not block this software?

Most anti-virus solutions consider SEGURAZO Anti Virus II as a so-called PUP, a potentially unwanted program,
also avast that then detects it when run into PUP-mode.

It is advised to get the last remnants of this unwanted half-baked av tool off, using MBAM,
after a run of Open Geek Uninstaller.

But I understood you already performed the uninstall procedure.

Sometimes Segurazo comes in piggibacking on malware so an additional malware scan could also be advisable.

Wait for a qualified malware remover here to come and assist you, whenever you need assistance.

polonus

@polonus, thanks for supplying additional software names. AdwareCleaner and MBAM found nothing after I removed Segurazo. Piggybacking is the reason why I asked if there is a way identify and block the app that carried Segurazo.

Can you post your MBAM/Adwcleaner logs here? Also, please run the FRST scan found here.

https://forum.avast.com/index.php?topic=194892.0

Polonus attached are the requested reports. Pls, let me know what is the status.

I’m not your expert (I’m not certified in Malware Removal).

2019-11-18 19:40 - 2019-11-18 19:40 - 000020298 _____ C:\Users\ineuw\Documents\Vivaldi Passwords.csv

Edit: Derp - is this a plain text CSV that you’ve chosen to import into Vivi? If so, remove the CSV file, no need to keep it around. If it’s been generated by the application, it’s encrypted, right? If not, get rid of it and drop the program.

I am sure that Windows and files are clean. I use Keepass.

Can you make screenshot of that Segorazo?

  • Open Notepad (click Start button → type notepad.exe → press Enter)
  • Copy text from code block below and paste it into Notepad
cmd: type C:\Users\ineuw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\startuporder.bat
  • Go to FileSave As
  • Make sure that UTF-8 is selected as Encoding (left side of Save button)
  • Save it as fixlist.txt on Desktop
  • Open again FRST and click on button Fix
  • Wait until FRST finishes
  • fixlog.txt should be genereted and opened. Attach it your post and wait further instructions.