Agent.exe
EaseUS Todo Backup by CHENGDU YIWO Tech Development Co. (Signed)
Warning 3 antivirus scanners has detected malware in various versions of Agent.exe.
Overview
agent.exe has 7 known versions, the most recent one is 5.8.0.0. It is started as a Windows Service called 'EaseUS Agent Service' with the name 'EaseUS Agent' and described as “Provides service to backup files and image disks.”. . In addition, it is run under the context of the SYSTEM account with extensive privileges (the administrator accounts have the same privileges). The average file size is about 65.1 KB. It is an authenticode code-signed executable issued to CHENGDU YIWO Tech Development Co. by the certification authority VeriSign. The programs EaseUS Todo Backup Home 5.5, EaseUS Todo Backup Free 5.3 and EaseUS Todo Backup Free 6.0 have been observed as installing specific variations of agent.exe. During the process's lifecycle, the typical CPU resource utilization is about 0.0007% including both foreground and background operations, the average private memory consumption is about 34.17 MB. Addionally, typically read and write I/O disk operations is about 22.69 KB per minute for reads and 1.31 KB per minute for writes.
 Details
|
| File name: | agent.exe |
| Publisher: | CHENGDU YIWO Tech Development Co., Ltd |
| Product name: | EaseUS Todo Backup |
| Description: | EaseUS Todo Backup Agent Application |
| Typical file path: | C:\Program Files\easeus\todo backup\bin\agent.exe |
| Certificate |
| Issued to: | CHENGDU YIWO Tech Development Co. |
| Authority (CA): | VeriSign |
| Expiration date: | Sunday, November 9, 2014 |
| Windows Service |
| Service name: | EaseUS Agent |
| Display name: | EaseUS Agent Service |
| Description: | “Provides service to backup files and image disks.” |
| Type: | Win32OwnProcess |
Programs installed in
(Note, the programs listed below are for all versions of EaseUS Todo Backup.)
|
CHENGDU YIWO Tech Development Co., Ltd |
|
“It is a reliable data backup & system disaster recovery software for home users. It enables users one click to back up system and restore it to the original state when disaster happens and performs co...”
|
CHENGDU YIWO Tech Development Co., Ltd |
|
“EaseUS Todo Backup Free, as the world's first all-in-one backup & system disaster recovery software, is hard disk image, file backup, disaster recovery and disk clone freeware for home users to full p...”
Behaviors
(Note, the behaviors below are for all versions of agent.exe, select a unique version for details.)
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
Malware detections
Based on 40+ industry antivirus scanners, 3 of them detected the following malware.
| Antivirus engine | Engine version | Detection | File version |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.F47V1104 |
3, 5, 0, 1 |
| Vba32 AntiVirus |
3.12.24.3 |
Worm.Qvod |
3, 5, 0, 1 |
| ViRobot |
2011.4.7.4223 |
Worm.Win32.A.Qvod.131072.B |
3, 5, 0, 1 |
All file variations of agent.exe
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
40.00% |
|
| Windows 7 Professional |
20.00% |
|
| Windows 7 Ultimate |
15.00% |
|
| Windows 8 |
10.00% |
|
| Windows 8 Pro |
10.00% |
|
| Microsoft Windows XP |
5.00% |
|
Distribution by country
United States installs about 60.00% of EaseUS Todo Backup.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Dell |
60.87% |
|
| Intel |
17.39% |
|
| Hewlett-Packard |
8.70% |
|
| Acer |
4.35% |
|
| GIGABYTE |
4.35% |
|
| American Megatrends |
4.35% |
|
