» spysheltertdi.sys
Overview
Analysis
File Details

spysheltertdi.sys

Datpol Janusz Siemienowicz

File name:

spysheltertdi.sys

Publisher:

Datpol Janusz Siemienowicz (signed and verified)

MD5:

77836c99c6274db2949a5aabfc6e8355

SHA-1:

58542c15fa426c87724a943454b91cb18e5c53bd

SHA-256:

99624e6ba41a4ed3fced7f2d43557fecae28c3483746d9ea0230f2e8dd31e87e

Scanner detections:

3 / 68

Status:

Clean (3 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

11/27/2024 9:31:00 AM UTC (today)

Scan engine

Detection

Engine version

McAfee

Generic Obfuscated.c

5600.6959

Trend Micro House Call

PAK_Generic.005

7.2.305

Trend Micro

PAK_Generic.005

10.465.01

File size:

104.8 KB (107,360 bytes)

File type:

Driver (Win64 SYS)

Common path:

C:\Program Files\spyshelter firewall\spysheltertdi.sys

Digital Signature

Signed by:

Datpol Janusz Siemienowicz

Authority:

GlobalSign nv-sa

Valid from:

8/26/2014 1:14:04 PM

Valid to:

12/8/2014 5:09:30 PM

Subject:

E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121B2A7BEEB0FC74F69CC135D6161C7095F

File PE Metadata

Compilation timestamp:

10/23/2014 2:30:39 PM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

1536:0Onl737TVCGs1Sw771ZRkwC/O3IHUGxejCvpJ1yfmWCwOfJ7QSheia:j737wbkOT6dgsoCvpcmjJ0ShM

Entry address:

0x22D54

Entry point:

0F, 8F, DD, 30, 00, 00, 68, E9, 7C, FD, FF, 0F, 89, 0B, 7E, FF, FF, 68, FF, 48, 94, 7B, E9, 3F, 87, 00, 00, 0F, 85, 72, 6C, FF, FF, 66, 81, FD, 4F, A3, F9, C6, 47, FF, 00, F8, 0F, A3, C1, 48, F7, C4, 08, 00, 00, 00, E9, E3, 3E, FF, FF, E9, AE, 56, FF, FF, 66, FF, CE, 66, C1, E6, 0C, 48, 89, FE, 0F, A3, E2, 48, 29, C6, E9, 28, 64, FF, FF, E9, FB, 4D, FF, FF, E9, E8, F5, FF, FF, 66, 0F, B6, C1, D2, FC, D2, C3, 48, 89, E8, F8, D2, EB, B3, 01, 66, 0F, BA, E5, 06, 56, 66, D3, C6, 11, EE, C1, C6, 08, 66, C1, EE... 
[+]

Code size:

35.5 KB (36,352 bytes)

Scan spysheltertdi.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.