Danger level 9
Type: Backdoors
Common infection symptoms:
  • Annoying Pop-up's
  • Block exe files from running
  • Connects to the internet without permission
  • Installs itself without permissions
  • Shows commercial adverts
  • Slow Computer
  • Slow internet connection
  • System crashes
Other mutations known as:

Backdoor.Agent

Backdoor Agent is a computer infection that compromises your system security and opens a backdoor that allows other malware to enter your computer. It is commonly categorized as a cloaked malware, because it enters the system surreptitiously and remains hidden long enough to avoid being detected and create more trouble on your computer. Remove Backdoor Agent before your computer becomes swarmed with serious malicious infections.

If you do not know whether you are infected with Backdoor Agent or not, check your Task Manager for process files that are directly related to the backdoor. You can find a complete list of files and processes below this description, but ctfmon.exe should be enough to realize that Backdoor Agent is dangerous enough to jeopardize your entire system. For starters, this file is responsible for downloading hidden codes from remote websites which means that Backdoor Agent can connect to the Internet behind your back and communicate with other computer system via HTTP protocols.

Also, this backdoor hijacks legitimate system processes, such as alg.exe. Application Layer Gateway is an official service component for Windows Operating system. However, it can be hijacked by Backdoor Agent, so if alg.exe on your Task Manager process list is not located at System32 directory, it means that you are really infected with malware.

Backdoor Agent is hard to detect due to the fact that most of its components are polymorphic and so they can easily changer their structure. However, if you receive various system tray pop-ups, messages and error notifications, if you experience an onslaught of browser pop-ups, it is very likely that you are infected with Backdoor Agent. This backdoor tries its best to avoid being deleted, so it disables safe mode on your computer, and disables Windows Security Center.

Naturally, it is very troublesome to terminate Backdoor Agent on your own, considering its complicated nature. Therefore, we strongly advise investing in a powerful antimalware tool that can scan your system and remove Backdoor Agent automatically along with its components. Do make sure that your system is safeguarded against similar computer threats.

Download Spyware Removal Tool to Remove* Backdoor.Agent
  • Quick & tested solution for Backdoor.Agent removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Backdoor.Agent

Files associated with Backdoor.Agent infection:

mstaskmgr.exe
aqadcup.exe
9A459C39.DLL
userint32.exe
winpol.exe
EBstrSvc.exe
lsass.exe
aspimgr.exe
uwxv.exe
ryjidote.dll
qwertybot.exe
socksbot[1].exe, msupdt.exe
mmmdhfdh.dll
msupdt.exe
socksbot[1].exe
ip_fw.sys
Fonts.exe
services.exe
alg.exe
csrssc.exe
svchost.exe
ckp.exe
mstask32.com
WinHealer.dll
SysInfo.dll
netfx20.exe
cftmon.exe
8399.exe
TuneUp.exe
bndmss.exe
ryjidote.dll

Backdoor.Agent DLL's to remove:

ryjidote.dll
9A459C39.DLL
ryjidote.dll
mmmdhfdh.dll
WinHealer.dll
SysInfo.dll

Backdoor.Agent processes to kill:

mstaskmgr.exe
aqadcup.exe
userint32.exe
winpol.exe
EBstrSvc.exe
lsass.exe
aspimgr.exe
uwxv.exe
qwertybot.exe
socksbot[1].exe, msupdt.exe
msupdt.exe
socksbot[1].exe
Fonts.exe
services.exe
alg.exe
csrssc.exe
svchost.exe
ckp.exe
netfx20.exe
cftmon.exe
8399.exe
TuneUp.exe
bndmss.exe

Remove Backdoor.Agent registry entries:

HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN aqadcup
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUNWindows Service Manager
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUNwinpol
RUNNING PROGRAMlsass.exe
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceseBoostr Service
RUNNING PROGRAMaspimgr.exe
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMicrosoft ASPI Manager
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN uwxv
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{30D36D16-F091-499C-D9AF-7D2B4CB48684}
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUNqwertybot.exe
MICROSOFTWINDOWSCURRENTVERSIONPOLICIESEXPLORERRUNsys
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSNTCURRENTVERSIONWINDOWSAPPINIT_DLLS AppInit_DLLs
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN services.exe
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN Application Layer Gateway
HKEY_CURRE
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.