Should I block it?

90%

90% of PCs block this file from running.

Possible reason:

Multiple malware detections

Additional versions

5.8.0.0	40.00%
3, 0, 0, 1	10.00%
3, 0, 0, 1	20.00%
3, 0, 0, 1	15.00%
3, 0, 0, 1	5.00%
3, 0, 0, 1	5.00%
3, 0, 0, 1	5.00%

Relationships

Parent process

services.exe (Services and Controller app by Microsoft)

Related files

guardagent.exe

EaseUS Todo Backup by CHENGDU YIWO Tech Development Co. (Signed)

Remove guardagent.exe

Version:	3, 0, 0, 1
MD5:	a6a4223573cfcf87843cfcb3a9c237c7
SHA1:	40d13aa0ea7a5a72d1e98fe74167483e6e803b1c
SHA256:	eff78f1c6f709649f54511b233d24744d197a05865c4189ba0b6f57cb73564a0

Warning 3 antivirus scanners has detected malware.

Overview

guardagent.exe is malware that runs as a service under the name Guard Agent Service (Guard Agent) with extensive SYSTEM privileges (full administrator access). The file is digitally signed by CHENGDU YIWO Tech Development Co. which was issued by the VeriSign certificate authority (CA).

Details

File name:	guardagent.exe
Publisher:	CHENGDU YIWO Tech Development Co., Ltd
Product name:	EaseUS Todo Backup
Description:	EaseUS Todo Backup Agent Application
Typical file path:	C:\Program Files\easeus\todo backup\bin\guardagent.exe
Original name:	GuardAgent
File version:	3, 0, 0, 1
Size:	22.63 KB (23,176 bytes)
Certificate
Issued to:	CHENGDU YIWO Tech Development Co.
Authority (CA):	VeriSign
Expiration date:	Sunday, November 9, 2014
Digital DNA
File packed:	No
.NET CLR:	No

More details

Behaviors

Services

Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)

'Guard Agent'

Malware detections

Based on 40+ industry antivirus scanners, 3 of them detected the following malware.

Antivirus engine	Engine version	Detection
Trend Micro HouseCall	9.700.0.1001	TROJ_GEN.F47V0801
Vba32 AntiVirus	3.12.22.2	Worm.Qvod
ViRobot	2011.4.7.4223	Worm.Win32.A.Qvod.93184

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

CPU
Total CPU:	0.00000181%	0.028634%
User CPU:	0.00000181%	0.014873%
Context switches:	2/sec	284/sec
Memory
Private memory:	1.1 MB	21.59 MB
Private (maximum):	3.43 MB
Private (minimum):	508 KB
Non-paged memory:	1.1 MB	21.59 MB
Virtual memory:	23.97 MB	140.96 MB
Virtual memory (peak):	25.28 MB	169.69 MB
Working set:	1.11 MB	18.61 MB
Working set (peak):	3.55 MB	37.95 MB
Resource allocations
Threads:	3	12
Handles:	50	600

Process properties

Integrety level:	System
Platform:	64-bit
Command line:	"C:\Program Files\easeus\todo backup\bin\guardagent.exe"
Owner:	SYSTEM
Windows Service
Service name:	Guard Agent
Display name:	Guard Agent Service
Description:	“Monitor EaseUS Todo Backup agent.”
Type:	Win32OwnProcess
Parent process:	services.exe (Services and Controller app by Microsoft)

Distribution by Windows OS

OS version	distribution
Windows 7 Home Premium	40.00%
Windows 7 Professional	20.00%
Windows 7 Ultimate	15.00%
Windows 8	10.00%
Windows 8 Pro	10.00%
Microsoft Windows XP	5.00%

Distribution by country

United States installs about 60.00% of EaseUS Todo Backup.

Distribution by PC manufacturer

PC Manufacturer	distribution
Dell	60.87%
Intel	17.39%
Hewlett-Packard	8.70%
Acer	4.35%
GIGABYTE	4.35%
American Megatrends	4.35%

Remove Adware and Spyware Programs, FREE Download!