Troj/Agent-JK is a Trojan for the Windows platform.
When Troj/Agent-JK is installed the following files are created:
<Windows>\<filename1>.exe
<Windows>\jptc.dat
<Windows>\offun.exe
<Windows>\<filename2>.exe
The two files with randomly generated file names are detected as Troj/Clicker-AI.
The following registry entry is created to run <filename1>.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
<filename1>
<Windows>\<filename1>.exe
The file <filename2>.exe is registered as a new system driver service named "Windows Overlay Components", with a display name of "Windows Overlay Components" and a startup type of automatic, so that it is started automatically during system startup. Registry entries are created under:
HKLM\SYSTEM\CurrentControlSet\Services\Windows Overlay Components\
Registry entries are created under:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OvMon\
Troj/Agent-JK provides an uninstall option which can be accessed via the Add or Remove Programs dialog in the Windows Control Panel. The software is listed as "Windows Overlay Components".