Troj/Agent-AA is a DLL which can be used as part of a backdoor Trojan.
In order to run automatically when Windows starts up the Trojan may add registry entries under:
HKLM\System\CurrentControlSet\Services\
Troj/Agent-AA listens for TCP connections on port 1129. When an attacker
connects to this port with the correct password, they are provided with a command shell and a few additional commands that allow them to monitor or control the infected computer.
Troj/Agent-AA also stores user information in randomly-named LOG files in the
Windows system folder. This information may be accessed by the remote
intruder.