Windows Safeguard Utility
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 4 |
| First Seen: | May 20, 2011 |
| Last Seen: | January 8, 2020 |
| OS(es) Affected: | Windows |
Windows Safeguard Utility is a rogue anti-spyware program that poses a severe security threat to your computer. Windows Safeguard Utility is a malicious application disguised itself as a genuine anti-spyware utility. Windows Safeguard Utility has absolutely no anti-spyware or security components. Rather, Windows Safeguard Utility is a harmful program that should be removed immediately.
Table of Contents
Where Did Windows Safeguard Utility Come From?
Windows Safeguard Utility is thought to come from the Russian Federation. This country is notorious for harboring some of the worst computer criminals in the world, second only to China. Windows Safeguard Utility and its clones first started appearing in 2010 and by early 2011 had provoked a great deal of infections around the world.
How Does Windows Safeguard Utility Infect a Computer?
Windows Safeguard Utility is typically delivered by a Trojan. The most popular method associated with this rogue application is the Fake Microsoft Security Essentials Alert Trojan. This Trojan, as its name says, displays a fake alert from Microsoft Security Essentials. This alert will claim that Microsoft Security Essentials has discovered an infected file and that it is necessary to download and install an additional security program to take care of it. Computer users that are fooled by this fake alert allow it then to download a rogue anti-spyware program, which may be Windows Safeguard Utility.
How Does the Fake Microsoft Security Essentials Trojan Attack a Computer?
Trojans are usually found on high-risk websites and disguised as legitimate downloads. There are several ways that the Trojan associated with Windows Safeguard Utility made its way into your computer. Here are some common ways to become infected with a Trojan.
- Trojans may be disguised as video codecs for viewing adult videos.
- Trojans may hide in compressed files in file sharing networks.
- Trojans may be disguised as legitimate updates from a third-party site.
- Trojans may be delivered through vulnerabilities in JavaScript or Flash.
Windows Safeguard Utility Removal
Windows Safeguard Utility may be difficult to remove because Windows Safeguard Utility takes steps to protect itself. Usually a fully updated anti-malware tool will take care of this particular rogue anti-spyware program; however, Windows Safeguard Utility prevents the user from running his/her security software. Here are some things to remember when trying to remove Windows Safeguard Utility:
- Never give Windows Safeguard Utility your credit card information.
- Do not attempt to delete any files marked as infected by Windows Safeguard Utility
- As long as Windows Safeguard Utility is on your system, remember that any sensitive files, personal information, or passwords are at risk.
SpyHunter Detects & Remove Windows Safeguard Utility
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | ywruai.exe | f4dcf81bd36dcb24f8979394e95af344 | 1 |
| 2. | %AppData%\Microsoft\[RANDOM CHARACTERS].exe |
Registry Details
Messages
The following messages associated with Windows Safeguard Utility were found:
| Safe Boot includes several tools allowing the operational system to better control application software, so that to achieve enhanced security and system stability. |
|
Warning!
Location: C:\Program Files\Dell\quickset\quickset.exe Viruses: Trojan.Win32.Agent Deny – Forbid the execution of potentially harmful software. Enable Protection – Click to activate antivirus and remove all infections. |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.