home

TrafSvc.EXE

TrafSvc Service

Alexey Kazakovskiy

It runs as a separate (within the context of its own process) windows Service named “TMeter 12.5.625”.
Publisher:
Alexey Kazakovskiy  (signed and verified)

Product:
TrafSvc Service

Version:
12.5.625.0

MD5:
98cf0775b2d826b4f137fa7d564b728f

SHA-1:
9006bcb236e52ff65e37bffa248bcf3499ed64e0

SHA-256:
12f18fa63e7a4a6b4d46af7e845bcaa6114948d432ef1c8817acc57637d27ae4

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/15/2024 3:44:36 AM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan.Crypt2
t3scan.1.8.5.0

File size:
434.8 KB (445,240 bytes)

Product version:
12.5.625.0

Copyright:
Copyright (c) 2012 Alexey Kazakovsky

Original file name:
TrafSvc.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\tmeter\trafsvc.exe

Digital Signature
Signed by:
Alexey Kazakovskiy

Authority:
GlobalSign nv-sa

Valid from:
8/29/2012 1:01:38 PM

Valid to:
8/30/2013 1:01:38 PM

Subject:
CN=Alexey Kazakovskiy, C=RU

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121097746975080FC22BBD2788E2FFDEB47

File PE Metadata
Compilation timestamp:
10/30/2012 6:38:30 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
12288:UkH/WDQSAqMdTwnuz2FWJsUcCMj2kIGa08f7:tWDQkqRSu1fku0K7

Entry address:
0x1000

Entry point:
68, 01, 50, 74, 00, E8, 01, 00, 00, 00, C3, C3, 78, 9E, D9, 69, 18, 58, 1B, 66, 76, 80, 98, 1B, 6A, 8E, 2B, 19, EC, 25, 3E, 78, B6, 72, 52, 45, 76, F1, B2, C2, 48, 32, 1A, C4, 6A, 78, 84, C3, 2A, DC, F7, 65, 19, 41, F7, 35, A4, E2, 54, 5A, 1E, 58, F2, B2, F9, 8B, E4, F4, C7, A9, FE, 16, 82, 03, EC, A7, 8E, 1C, 9F, B1, 90, 48, A4, 9D, 52, 26, 55, DD, 79, 37, 7D, 6F, AB, FB, 92, 6C, 6C, AC, 69, AF, 2B, CA, 97, DB, 54, A2, 00, A6, A6, 54, 5D, 23, 52, 7A, 74, A3, A4, 9F, 1C, 2D, 74, E6, 68, 94, 4F, E4, 6F, A5...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
613.5 KB (628,224 bytes)

Service
Display name:
TMeter 12.5.625

Service name:
TrafSvc

Description:
Counts IP traffic and creates reports of IP traffic usage.

Type:
Win32OwnProcess


Scan TrafSvc.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.