Threat Description

Trojan:W32/Agent.AFB

Details

Aliases:Trojan:​W32/Agent.AFB, Trojan.Win32.Agent.afb
Category:Malware
Type:TrojanRootkit
Platform:W32

Summary



A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More

You may wish to refer to the Support Community for further assistance. You also may also refer to General Removal Instructions for a general guide on alternative disinfection actions.



Technical Details



Trojan:W32/Agent.AFB is a trojan with rootkit functionality. It is usually associated with Adware programs.

Activity

Trojan:W32/Agent.AFB may drop .DLL , .SYS or .EXE files as its component. It typically drops its components in the following locations on the infected machine:

  • Windows temporary folder
  • Windows Directory
  • Windows System Directory
  • Program files directory

The dropped .SYS file is a driver that is use to hide some registry entries. This is done by hooking several APIs related to registry operations.






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More