home

PassThruSvr.exe

PassThruSvr Application

The executable PassThruSvr.exe has been detected as malware by 3 anti-virus scanners. It runs as a separate (within the context of its own process) windows Service named “Internet Pass-Through Service”.
Product:
PassThruSvr Application

Version:
1.2.1.9

MD5:
722c2b8b9e55187be948f713575afdf1

SHA-1:
129e3778a3f94104836133ea2094e613489d52f8

SHA-256:
986dcaa2e2de0f6b4d9d10004df022871675c840ec3e294c82bf093247c2dc37

Scanner detections:
3 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
5/8/2024 5:20:10 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Floxif.H virus
6.3.12010.0

F-Prot
W32/Floxif.B
4.6.5.141

F-Secure
Win32.Floxif.A
5.16.24

File size:
239.4 KB (245,191 bytes)

Product version:
1.2.1.9

Copyright:
Copyright (C) 2012

Original file name:
PassThruSvr.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Traditional, Taiwan)

Common path:
C:\Program Files\htc\internet pass-through\passthrusvr.exe

File PE Metadata
Compilation timestamp:
9/30/2013 8:03:17 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0xCF08

Entry point:
E9, 90, 65, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8D, 42, FF, 5B, C3, 8D, A4, 24, 00, 00, 00, 00, 8D, 64, 24, 00, 33, C0, 8A, 44, 24, 08, 53, 8B, D8, C1, E0, 08, 8B, 54, 24, 08, F7, C2, 03, 00, 00, 00, 74, 15, 8A, 0A, 83, C2, 01, 3A, CB, 74, CF, 84, C9, 74, 51, F7, C2, 03, 00, 00, 00, 75, EB, 0B, D8, 57, 8B, C3, C1, E3, 10, 56, 0B, D8, 8B, 0A, BF, FF, FE, FE, 7E, 8B, C1, 8B, F7, 33, CB, 03, F0, 03, F9, 83, F1, FF, 83, F0, FF, 33, CF, 33, C6, 83, C2, 04, 81, E1...
 
[+]

Entropy:
7.1202

Packer / compiler:
Xtreme-Protector v1.05

Code size:
114.5 KB (117,248 bytes)

Service
Display name:
Internet Pass-Through Service

Service name:
PassThru Service

Description:
Detect HTC Android device for internet pass-through function.

Type:
Win32OwnProcess


Remove PassThruSvr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.