A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.
Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.
Trojan:W32/Agent.AFB is a trojan with rootkit functionality. It is usually associated with Adware programs.
Trojan:W32/Agent.AFB may drop .DLL , .SYS or .EXE files as its component. It typically drops its components in the following locations on the infected machine:
- Windows temporary folder
- Windows Directory
- Windows System Directory
- Program files directory
The dropped .SYS file is a driver that is use to hide some registry entries. This is done by hooking several APIs related to registry operations.