Aliases: Backdoor/Win32.Etso (AhnLab) winpe/Agent.ALQHI (Norman) Trojan horse Agent3.BHML (AVG) BDS/Rogue.724628.2 (Avira) Trojan.DownLoader4.54317 (Dr.Web) Win32/Agent.SUQ trojan (ESET) W32/Agent.SUQ (Fortinet) Backdoor.Win32.Winnti (Ikarus) Troj/Winnti-A (Sophos) BKDR_WINNTI.SM2 (Trend Micro)
Microsoft Defender Antivirus detects and removes this threat.
Winnti is a family of multi-component malware that give attackers persistent access and control over infected computers through a backdoor. It has known associations with activity groups involved in cyberespionage.
Use the following free Microsoft software to detect and remove this threat:
You should also run a full scan. A full scan might find hidden malware.
Insert any additional remediation steps
If you’re using Windows XP, see our Windows XP end of support page.