Trojan.SafeGuard is Malwarebytes’ detection name for a Trojan that is marketed as a false anti-malware scanner.
Trojan.SafeGuard performs a LSP hijack on infected machines.
Trojan.SafeGuard is usually installed by the users themselves as part of a bundler or as a result of aggressive marketing.
Malwarebytes protects users from Trojan.SafeGuard by using real-time protection.
Malwarebytes blocks Trojan.SafeGuard
Malwarebytes can detect and remove Trojan.SafeGuard without further user interaction.
The user should be prompted to reboot at least once, because of the needed reset of the Winsock. Without a reboot, the user could potentially lose their Internet connection.
You can use the Malwarebytes Anti-Malware Nebula console to scan endpoints.
Choose the Scan + Quarantine option. Afterwards you can check the Detections page to see which threats were found.
On the Quarantine page you can see which threats were quarantined and restore them if necessary.
Select your language