home

TSvr.exe

svr.exe

合肥智明星通软件科技有限公司

The application TSvr.exe by 合肥智明星通软件科技有限公司 has been detected as a potentially unwanted program by 4 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “IhPul”.
Publisher:
tsvr.com  (signed by 合肥智明星通软件科技有限公司)

Product:
svr.exe

Description:
tsvr.com

Version:
3.0.0.22

MD5:
770ca56356a7daa36bc3fe1d3578fe6d

SHA-1:
9eeb2f6267380a5aecd924ad59750ff0e1738d7c

SHA-256:
1dce725beab4e5771a428f472949d4705e0e4aa57c50316e2eb828e57ad23023

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
6/12/2024 6:09:42 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Adware Generic_r.BEX
2015.0.4591

Dr.Web
Adware.Mutabaha.1314
9.0.1.05190

ESET NOD32
Win32/ELEX.HB potentially unwanted application
7.0.302.0

Microsoft Security Essentials
Threat.Undefined
1.223.403.0

File size:
464.3 KB (475,416 bytes)

Product version:
3.0.0.22

Copyright:
Copyright (C) TSVR Since 2015

Original file name:
TSvr.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\appdata\roaming\tsv\tsvr.exe

Digital Signature
Signed by:
合肥智明星通软件科技有限公司

Authority:
GlobalSign nv-sa

Valid from:
5/19/2016 4:41:49 PM

Valid to:
8/5/2016 1:17:44 PM

Subject:
CN=合肥智明星通软件科技有限公司, O=合肥智明星通软件科技有限公司, L=合肥, S=安徽, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121F16FF0116D0F7CAA5F06D836157BCA02

File PE Metadata
Compilation timestamp:
5/23/2016 9:24:28 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:I5jduj1gyzaK5YDEwLgrsi0ambRjox3PAWICa:IpVyzdoi0amVjoVAWTa

Entry address:
0x50ABC

Entry point:
E8, C3, 09, 00, 00, E9, 03, FE, FF, FF, FF, 25, F4, 43, 45, 00, FF, 25, F8, 43, 45, 00, FF, 25, FC, 43, 45, 00, FF, 25, 00, 44, 45, 00, FF, 25, 04, 44, 45, 00, FF, 25, 08, 44, 45, 00, FF, 25, 0C, 44, 45, 00, FF, 25, 10, 44, 45, 00, FF, 25, 14, 44, 45, 00, FF, 25, 18, 44, 45, 00, FF, 25, 1C, 44, 45, 00, FF, 25, 20, 44, 45, 00, CC, CC, FF, 25, 24, 44, 45, 00, FF, 25, 28, 44, 45, 00, FF, 25, 2C, 44, 45, 00, FF, 25, 30, 44, 45, 00, FF, 25, 34, 44, 45, 00, FF, 25, 38, 44, 45, 00, FF, 25, 3C, 44, 45, 00, CC, CC...
 
[+]

Code size:
330 KB (337,920 bytes)

Service
Display name:
IhPul

Type:
Win32OwnProcess


Remove TSvr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.