PUP.Optional.Segurazo

短简历

PUP.Optional.Segurazo是Mal必威平台APPwarebytes的检测名称可能不需要的程序(PUP)叫做Segurazo杀毒软件。该软件由Digital Communications Inc.销售,面向Windows系统。

圭塞古拉佐

Segurazo的主屏幕

症状

受影响系统的用户可能在安装过程中看到以下警告:

安装Segurazo

EULA Segurazo

他们可能会在已安装的程序和功能列表中看到此条目:

安装Segurazo

以及Windows下运行的服务列表中的这些服务:

服务Segurazo

感染的类型和来源

可以从他们的网站下载PUP.Optional.Segurazo,但用户报告说捆绑包商也在安装它。

假阳性Segurazo

假阳性Segurazo

后果

PUP.Optional.Segurazo不容易手动卸载或删除。即使使用Malwarebytes,也有助于在开始扫描之前“退出”Segurazo。更高版本要求在安全模必威平台APP式下进行删除。

右键菜单Segurazo

右键菜单Segurazo

保护

必威平台APPMalwarebytes保护用户免受PUP.Optional.Segurazo通过使用实时保护。

块Segurazo

必威平台APPMalwarebytes阻止Segurazo

修复

必威平台APP恶意软件可以检测和删除。可选。Segurazo,但最近的变种要求这是在安全模式。

请按照以下说明操作:

使用网络必威平台APP安全模式运行Malwarebytes:

步骤1:

通过网络引导进入安全模式:

  • 重新启动计算机。
  • 当机器首次再次启动时,通常会列出机器中安装的一些设备、内存量、已安装的硬盘驱动器等。此时,您应轻按F8重复钥匙,直到你看到高级启动选项菜单。
  • 选择以下选项网络安全模式使用箭头键。
  • 然后按进入在键盘上启动到安全模式.
  • 如果提示您选择要登录的用户帐户,请单击您的普通用户名(而不是管理员除非这是您的普通用户帐户)才能登录到Windows

步骤2:

  • 下载伪必威平台APP到您的桌面。
  • 双击MBSetup.exe并按照提示安装程序。
  • 当你的必威平台APP伪的窗户安装完成后,程序将打开欢迎使用Malwarebytes屏幕。必威平台APP
  • 点击开始按钮。
  • 点击扫描开始威胁扫描.
  • 点击检疫以删除发现的威胁。
  • 如果提示您完成删除过程,请重新启动系统。

必威平台APP伪删除日志

Ma必威平台APPlwarebytes删除日志将类似于以下内容:

必威平台APP的Malwarebytes www.malwarebytes.com -Log详细信息 - 扫描日期:19年7月19日扫描时间:上午11:36日志文件:c06d0aca-aa08-11e9-929a-00ffdcc6fdfc.json  - 软件信息 - 版本:3.7.1.2839版本的组件:1.0.586更新包版本:1.0.11626许可:高级 - 系统信息 - 操作系统:Windows 7 Service Pack 1的CPU:64位文件系统:NTFS用户:METALLICA-PC \ Metallica的-Scan总结 - 扫描类型:威胁扫描扫描启动由:手动结果:已完成对象扫描:236547个威胁检测到:96个威胁隔离:96已用时间:7分钟,26秒 - 扫描选项 - 记忆:启用启动:启用文件系统:启用档案:启用的Rootkits:启用启发式:启用PUP:检测PUM:检测-Scan详细信息 - 过程:3 PUP.Optional.Segurazo,C:\ PROGRAMDATA \ SEGURAZO \ SEGURAZOIC.EXE,隔离,[1510],[709536],1.0.11626 PUP.Optional.Segurazo,C:\程序文件(x86)\ Segurazo \ SegurazoService.exe,隔离,[1510],[709091],1.0.11626 PUP.Optional.Segurazo,C:\ ProgramData \ Segurazo \ SegurazoWD.exe,隔离,[1510],[709093],1.0.11626模块:5 PUP.Optional.Segurazo,C:\ PROGRAMDATA \ SEGURAZO \ SEGURAZOIC.EXE,隔离,[1510],[709536],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\SegurazoEngine.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\SegurazoService.exe, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\ProgramData\Segurazo\SegurazoEngine.dll, Quarantined, [1510], [709093],1.0.11626 PUP.Optional.Segurazo, C:\ProgramData\Segurazo\SegurazoWD.exe, Quarantined, [1510], [709093],1.0.11626 Registry Key: 29 PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\Segurazo, Quarantined, [1510], [709100],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Quarantined, [1510], [709095],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}\InprocServer32, Quarantined, [1510], [709095],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Quarantined, [1510], [709095],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}\InprocServer32, Quarantined, [1510], [709095],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}\InprocServer32, Quarantined, [1510], [709095],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Quarantined, [1510], [709095],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\SegurazoAntivirus, Quarantined, [1510], [709101],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\Segurazo, Quarantined, [1510], [709100],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\segurazoclient_RASAPI32, Quarantined, [1510], [709099],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\.LNK\SHELLEX\CONTEXTMENUHANDLERS\SegurazoShellExtension.FileContextMenuExt, Quarantined, [1510], [709528],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\*\SHELLEX\CONTEXTMENUHANDLERS\SegurazoShellExtension.FileContextMenuExt, Quarantined, [1510], [709528],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\FOLDER\SHELLEX\CONTEXTMENUHANDLERS\SegurazoShellExtension.FileContextMenuExt, Quarantined, [1510], [709097],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\segurazoclient_RASMANCS, Quarantined, [1510], [709099],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\SegurazoShellExtension.FileContextMenuExt, Quarantined, [1510], [709098],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\SegurazoShellExtension.FileContextMenuExt, Quarantined, [1510], [709096],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SegurazoService_RASAPI32, Quarantined, [1510], [709099],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\SYSTEMFILEASSOCIATIONS\*\SHELLEX\CONTEXTMENUHANDLERS\SegurazoShellExtension.FileContextMenuExt, Quarantined, [1510], [709530],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SegurazoService_RASMANCS, Quarantined, [1510], [709099],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\SYSTEMFILEASSOCIATIONS\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\SegurazoShellExtension.FileContextMenuExt, Quarantined, [1510], [709530],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\SYSTEMFILEASSOCIATIONS\.LNK\SHELLEX\CONTEXTMENUHANDLERS\SegurazoShellExtension.FileContextMenuExt, Quarantined, [1510], [709530],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SegurazoWD_RASAPI32, Quarantined, [1510], [709099],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SegurazoWD_RASMANCS, Quarantined, [1510], [709099],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\SYSTEMFILEASSOCIATIONS\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\SegurazoShellExtension.FileContextMenuExt, Quarantined, [1510], [709530],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\SYSTEMFILEASSOCIATIONS\FOLDER\SHELLEX\CONTEXTMENUHANDLERS\SegurazoShellExtension.FileContextMenuExt, Quarantined, [1510], [709530],1.0.11626 PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SegurazoIC, Quarantined, [1510], [709536],1.0.11626 PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SegurazoSvc, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Segurazo, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SegurazoWD, Quarantined, [1510], [709093],1.0.11626 Registry Value: 3 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}|, Quarantined, [1510], [709095],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\CLASSES\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}|, Quarantined, [1510], [709095],1.0.11626 PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}|, Quarantined, [1510], [709095],1.0.11626 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 8 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\amd64, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\Cache, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x64, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x86, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\PROGRAM FILES (X86)\SEGURAZO, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SEGURAZO, Quarantined, [1510], [709092],1.0.11626 PUP.Optional.Segurazo, C:\PROGRAMDATA\SEGURAZO, Quarantined, [1510], [709093],1.0.11626 PUP.Optional.Segurazo, C:\USERS\METALLICA\APPDATA\ROAMING\SEGURAZOCLIENT, Quarantined, [1510], [709094],1.0.11626 File: 48 PUP.Optional.Segurazo, C:\PROGRAM FILES (X86)\SEGURAZO\SEGURAZOSHELL64_V1069.DLL, Quarantined, [1510], [709095],1.0.11626 PUP.Optional.Segurazo, C:\PROGRAM FILES (X86)\SEGURAZO\SEGURAZOSHELL86_V1069.DLL, Quarantined, [1510], [709095],1.0.11626 PUP.Optional.Segurazo, C:\PROGRAMDATA\SEGURAZO\SEGURAZOIC.EXE, Quarantined, [1510], [709536],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\amd64\KernelTraceControl.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\amd64\msdia140.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x64\7z64.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x64\ext_x64.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x64\lz4_x64.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x64\rsEngineFW_x64.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x64\rsEnginePM_x64.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x64\rsLggrServer_x64.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x64\System.Data.SQLite.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x86\7z86.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x86\ext_x86.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x86\KernelTraceControl.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x86\lz4_x86.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x86\msdia140.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x86\rsEngineFW_x86.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x86\rsEnginePM_x86.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x86\rsLggrServer_x86.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\x86\System.Data.SQLite.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\SegurazoService.exe.config, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\Errors.dat, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\ExclusionsList.dat, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\Microsoft.Diagnostics.Tracing.TraceEvent.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\Microsoft.Win32.TaskScheduler.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\rsEngine.config, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\rsEngine.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\rsEngineHelper.exe, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\rsEngineHelper.exe.config, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\rsEngineSDK.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\SegurazoClient.exe, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\SegurazoClient.exe.config, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\SegurazoEngine.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\SegurazoService.config, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\SegurazoService.exe, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\SegurazoTools.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\SegurazoUninstaller.exe, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\SegurazoUninstaller.exe.config, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\System.Threading.dll, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\Program Files (x86)\Segurazo\uninstaller.ico, Quarantined, [1510], [709091],1.0.11626 PUP.Optional.Segurazo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo\Segurazo Antivirus.lnk, Quarantined, [1510], [709092],1.0.11626 PUP.Optional.Segurazo, C:\ProgramData\Segurazo\SegurazoEngine.dll, Quarantined, [1510], [709093],1.0.11626 PUP.Optional.Segurazo, C:\ProgramData\Segurazo\SegurazoWD.config, Quarantined, [1510], [709093],1.0.11626 PUP.Optional.Segurazo, C:\ProgramData\Segurazo\SegurazoWD.exe, Quarantined, [1510], [709093],1.0.11626 PUP.Optional.Segurazo, C:\ProgramData\Segurazo\SegurazoWD.exe.config, Quarantined, [1510], [709093],1.0.11626 PUP.Optional.Segurazo, C:\Users\Metallica\AppData\Roaming\segurazoclient\segurazoclientConfig.xml, Quarantined, [1510], [709094],1.0.11626 PUP.Optional.Segurazo, C:\USERS\METALLICA\DESKTOP\SEGURAZOSETUP.EXE, Quarantined, [1510], [709102],1.0.11626 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)

添加一个排斥

如果用户希望保留该程序并在以后的扫描中排除它,他们可以将该程序添加到排除列表中。以下是如何做到这一点。

  • 打开Win必威平台APPdows恶意软件。
  • 单击检测的历史
  • 单击允许列表
  • 将项目添加到允许列表点击添加.
  • 选择排除类型允许使用文件或文件夹并使用选择一个文件夹按钮以选择要保留的软件的主文件夹。
  • 对属于该软件的任何辅助文件或文件夹重复此操作。

如果要允许程序连接到Internet,例如获取更新,还需要添加类型排除允许应用程序连接到internet并使用浏览按钮选择要授予访问权限的文件。

跟踪/IOC

您可能会在FRST日志中看到这些条目:

(数字通信有限公司- >数字通信公司)C:\Program Files (x86)\Segurazo\ SegurazoClient.exe(数字通信有限公司- >数字通信公司)C:\Program Files (x86)\Segurazo\ SegurazoService.exe(数字通信有限公司- >数字通信公司)C: \ ProgramData \ Segurazo \ SegurazoIC.exe(数字通信公司。-> Digital Communications Inc) C:\ProgramData\Segurazo\SegurazoWD.exe "SegurazoIC" => service was unlocked. <==== ATTENTION R2 SegurazoIC; C:\ProgramData\Segurazo\SegurazoIC.exe [542120 2019-03-18] (Digital Communications Inc. -> Digital Communications Inc) R2 SegurazoSvc; C:\Program Files (x86)\Segurazo\SegurazoService.exe [179624 2019-03-18] (Digital Communications Inc. -> Digital Communications Inc) R2 SegurazoWD; C:\ProgramData\Segurazo\SegurazoWD.exe [38312 2019-03-18] (Digital Communications Inc. -> Digital Communications Inc) C:\Program Files (x86)\Segurazo C:\ProgramData\Segurazo C:\Users\{username}\AppData\Roaming\segurazoclient C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo Segurazo Antivirus (HKLM-x32\...\Segurazo) (Version: 1.0.6.9 - Digital Communications Inc) ContextMenuHandlers1: [SegurazoShellExtension.FileContextMenuExt] -> {BFD98515-CD74-48A4-98E2-13D209E3EE4F} => C:\Program Files (x86)\Segurazo\SegurazoShell64_v1069.dll [2019-03-18] (Digital Communications Inc. -> Digital Communications Inc) ContextMenuHandlers4: [SegurazoShellExtension.FileContextMenuExt] -> {BFD98515-CD74-48A4-98E2-13D209E3EE4F} => C:\Program Files (x86)\Segurazo\SegurazoShell64_v1069.dll [2019-03-18] (Digital Communications Inc. -> Digital Communications Inc) ContextMenuHandlers6: [SegurazoShellExtension.FileContextMenuExt] -> {BFD98515-CD74-48A4-98E2-13D209E3EE4F} => C:\Program Files (x86)\Segurazo\SegurazoShell64_v1069.dll [2019-03-18] (Digital Communications Inc. -> Digital Communications Inc)

选择您的语言