high
Summary
Summary
Action- More Information
| Affected operating systems | Windows |
|---|---|
| Characteristics |
|
| Protection available since | 29 December 2005 02:21:27 (GMT) |
| Last updated | 7 January 2006 06:14:00 (GMT) |
| Detected by | All Sophos products |
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
Action
- Summary
- Action
- More Information
Please follow the instructions for removing Trojans.
More Information
Troj/Agent-JK is a Trojan for the Windows platform.
When Troj/Agent-JK is installed the following files are created:
<Windows>\<filename1>.exe
<Windows>\jptc.dat
<Windows>\offun.exe
<Windows>\<filename2>.exe
The two files with randomly generated file names are detected as Troj/Clicker-AI.
The following registry entry is created to run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
<filename1>
<Windows>\<filename1>.exe
The file <filename2>.exe is registered as a new system driver service named "Windows Overlay Components", with a display name of "Windows Overlay Components" and a startup type of automatic, so that it is started automatically during system startup. Registry entries are created under:
HKLM\SYSTEM\CurrentControlSet\Services\Windows Overlay Components\
Registry entries are created under:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OvMon\
Troj/Agent-JK provides an uninstall option which can be accessed via the Add or Remove Programs dialog in the Windows Control Panel. The software is listed as "Windows Overlay Components".
|
