home

SpyShelter.exe

SpyShelter

Datpol Janusz Siemienowicz

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SpyShelter’.
Publisher:
Datpol  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter GUI

Version:
9,7,0,0

MD5:
bf3c5f4cf34bfb95b37607565e0bd03c

SHA-1:
979da3588f380e351c88e9f6769e8c3f1b044bc2

SHA-256:
99a42c9da0d243efb6043d239402ed8b0afe294a527c1bb73e9f802262646c86

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 11:05:44 AM UTC  (today)

File size:
3.4 MB (3,517,704 bytes)

Product version:
9,7,0,0

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelter.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter firewall\spyshelter.exe

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
11/5/2014 6:08:03 PM

Valid to:
1/8/2016 4:09:30 PM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D2FCC60F24553FA9E8F529B814703D51

File PE Metadata
Compilation timestamp:
3/11/2015 9:08:52 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x4CE100

Entry point:
60, 68, 2F, 06, E5, 77, C7, 44, 24, 20, D7, 81, 55, D7, 9C, C7, 44, 24, 20, 45, 14, 5F, B4, 60, 9C, 53, 8D, 64, 24, 48, E9, 21, DD, 33, 00, 00, 00, 56, 69, 72, 74, 75, 61, 6C, 51, 75, 65, 72, 79, 45, 78, 00, 00, 00, 53, 65, 6C, 65, 63, 74, 43, 6C, 69, 70, 52, 67, 6E, 00, F5, 81, E3, FF, 0F, 00, 00, F5, F9, E8, 74, CC, 1F, 00, 00, 00, 45, 78, 74, 54, 65, 78, 74, 4F, 75, 74, 57, 00, 8D, 9D, 12, 82, 65, C9, 0F, 98, C3, 5B, 8D, 34, 95, D5, B5, 09, 1B, E8, A1, 88, 29, 00, 00, 00, 47, 65, 74, 45, 78, 69, 74, 43...
 
[+]

Entropy:
7.9083  (probably packed)

Code size:
4 MB (4,240,384 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SpyShelter

Command:
C:\Program Files\spyshelter firewall\spyshelter.exe


Scan SpyShelter.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.