What is JDK5SWFMZY, How to remove JDK5SWFMZY
Monday, July 19th, 2010JDK5SWFMZY is a harmful program.
It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum. |
Filename: {random:3}.exe, example: Ipa.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | JDK5SWFMZY
Command: %Temp%\{random:3}.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [JDK5SWFMZY] C:\DOCUME~1\username\LOCALS~1\Temp\Ipa.exe
DDS Line:
uRun: [JDK5SWFMZY] C:\DOCUME~1\username\LOCALS~1\Temp\Ipa.exe
Combofix/RSIT Line:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“JDK5SWFMZY”=C:\DOCUME~1\username\LOCALS~1\Temp\Ipa.exe
Description: trojan FakeAlert, also known as Mal/FakeAV-CX [Sophos], TrojanDownloader:Win32/Renos.KF [Microsoft], Win-Trojan/Variant.183296.B [AhnLab]
How to remove: use HijackThis + Malwarebytes` Anti-malware or the steps below.
1. Download OTM by OldTimer from here and save to your desktop.
Run OTM, copy,then paste the following text in “Paste Instructions for Items to be Moved” window (under the yellow bar):
:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“JDK5SWFMZY”=-
:Commands
[emptytemp]
[Reboot]
Click the red Moveit! button. If you are asked to reboot the machine choose Yes. When the tool is finished, it will produce a report for you.
2. Download Malwarebytes Anti-malware. Install, perform a scan and let it remove what it found. Reboot afterwards (important).