The program FAT32SERVER.EXE is used for hidden penetration into PC and its remote administration.
UnHackMe is recommended as a reliable program for solving the problem with FAT32SERVER.EXE.
Download for free: http://www.unhackme.com
Malware Analysis of FAT32SERVER.EXE
Full path on a computer: %WinDir%\Fat32server.exe
Detected by UnHackMe:
FAT32SERVER.EXE
Default location: %WinDir%\Fat32server.exe
Removal Results: Success
Number of reboot: 1
FAT32SERVER.EXE is known as:
Backdoor.Hupigon.AAFU, Backdoor.Hupigon.720896.E, Backdoor.Trojan, Mal_HPGN-1, Backdoor.Hupigon.axbr, Backdoor.Hupigon.2FCo6eeD7T8, Backdoor.Hupigon.AAFU (B), Backdoor.Hupigon.~HZU, BackDoor.Pigeon.5653, BehavesLike.Malware.eah (mx-v), Mal.Hupig-H, Backdoor.Huigezi.gmw, Hack.HuigeziT.cz, OScope.Backdoor.XiaoBird.6AF9, 255, a variant of Win32.Hupigon, Backdoor.Hupigon.22FC, Backdoor.Hupigon, Suspicion: unknown virus, Bck.Hupigon.LNX
FAT32SERVER.EXE hash:
- MD5: 37c6622eee64318f788804e0873d0734
How to quickly detect FAT32SERVER.EXE presence?
![]( "Registry")
Registry:
Registry:- HKLM\System\CurrentControlSet\Services\TrkwysFat\Type: 0×00000110
- HKLM\System\CurrentControlSet\Services\TrkwysFat\Start: 0×00000002
- HKLM\System\CurrentControlSet\Services\TrkwysFat\ErrorControl: 0×00000000
- HKLM\System\CurrentControlSet\Services\TrkwysFat\ImagePath: “%WinDir%\Fat32server.exe”
- HKLM\System\CurrentControlSet\Services\TrkwysFat\DisplayName: “Distributed Link Tracking Fat”
- HKLM\System\CurrentControlSet\Services\TrkwysFat\ObjectName: “LocalSystem”
- HKLM\System\CurrentControlSet\Services\TrkwysFat\Description: “OU??Ea