The file FJPARK4.EXE is a computer worm.
The worm FJPARK4.EXE is a self-replicating malicious program,
which uses a computer network to send copies of itself to other computers.
You must fix the FJPARK4.EXE problem as soon as possible!
Delete the file FJPARK4.EXE from all infected computers in your network.
Set up your network firewall against FJPARK4.EXE intervention.
Malware Analysis of FJPARK4.EXE
Full path on a computer: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-82505\fjpark4.exe
Detected by UnHackMe:
FJPARK4.EXE
Default location: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-82505\fjpark4.exe
Removal Results: Success
Number of reboot: 1
FJPARK4.EXE is known as:
Worm.Net-Kolab.68231, TrojWare.Injector.BGJ, BackDoor.Gurl.2, Trojan.Agent.aaxv (v), Troj.Agent-AAXV, Backdoor.Azbreg.bqi, Trj.Zbot.M, Trojan.Lethic.B, W32.Trojan.WLUI-7811, Trojan.HmBlocker, BScope.Backdoor.IRCBot.2122, Win32.Injector.AEJX, Trojan.Ircbrute, W32.Injector.AEJX.tr
FJPARK4.EXE hash:
- MD5: daa78d1335af0d547e359f9bd9cb66fc
How to quickly detect FJPARK4.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-82505\fjpark4.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\fjpark4: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-82505\fjpark4.exe”
- HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: “explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-82505\fjpark4.exe”
Folders:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-82505
Files:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-82505\Desktop.ini
- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-82505\fjpark4.exe