» spysheltertdi.sys
Overview
Analysis
File Details

spysheltertdi.sys

Datpol Janusz Siemienowicz

File name:

spysheltertdi.sys

Publisher:

Datpol Janusz Siemienowicz (signed and verified)

MD5:

168bfb4fa4be473c8271dabd205660df

SHA-1:

a2a1e49c4ed9298c83816f663ef02b44a92dc55a

SHA-256:

bf102d80b5ffe4adf0bf35ca79e3f2262a5c8f83de7077f95d822d772de29a53

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/27/2024 9:35:05 AM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

W64.HfsAutoA

1.3.0.6379

File size:

91.8 KB (94,008 bytes)

File type:

Driver (Win64 SYS)

Common path:

C:\Program Files\spyshelter firewall\spysheltertdi.sys

Digital Signature

Signed by:

Datpol Janusz Siemienowicz

Authority:

GlobalSign nv-sa

Valid from:

9/8/2012 7:58:51 PM

Valid to:

11/7/2013 11:09:30 AM

Subject:

E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, OU=Datpol, O=Datpol Janusz Siemienowicz, L=Olkusz, S=malopolskie, C=PL

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121EAB2799A417769A6985740A2E4F3F285

File PE Metadata

Compilation timestamp:

5/22/2013 2:06:16 PM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

1536:+HLQadWlwQcJpWwtZ+/K3Q9lEhwIoMS/FnsPjsf6GMmbIM3YFBVuxCR6iz:0LpnQc/WwtM/KA9lc8Nns7sCMbI9n

Entry address:

0x257EF

Entry point:

E9, 10, E3, FE, FF, 00, 00, 52, 74, 6C, 41, 62, 73, 6F, 6C, 75, 74, 65, 54, 6F, 53, 65, 6C, 66, 52, 65, 6C, 61, 74, 69, 76, 65, 53, 44, 00, E9, 5F, 0B, FF, FF, 00, 00, 5A, 77, 53, 65, 74, 53, 65, 63, 75, 72, 69, 74, 79, 4F, 62, 6A, 65, 63, 74, 00, 83, C1, 01, E9, 37, 11, FF, FF, 0F, 84, 62, A1, FF, FF, 84, DE, F8, 66, 39, D5, F5, 48, 81, C2, 28, 01, 00, 00, E9, DB, 0F, FF, FF, 69, D2, 0A, 00, 00, 00, F9, 0F, A3, FB, F9, 01, C2, E9, F6, F9, FE, FF, 0F, 9B, C0, 0F, 97, C0, 0F, 98, C0, AC, 66, 0F, A3, E3, 66... 
[+]

Entropy:

7.4593

Packer / compiler:

Xtreme-Protector v1.05

Code size:

34.5 KB (35,328 bytes)

Scan spysheltertdi.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.