home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows 64-bit kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
8.2.00.00 built by: Windows

MD5:
cd054468af72153e9a38ebba6d87760e

SHA-1:
c23d9b37146cf1bb99a3894f4691a3379f838844

SHA-256:
287aefd23179718e1d4be7d54999e52acf142c5c809a73d783036490b5ab58f6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 3:21:49 AM UTC  (today)

File size:
684.3 KB (700,728 bytes)

Product version:
8.2

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter premium\spyshelter.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
9/9/2012 2:58:51 AM

Valid to:
11/7/2013 5:09:30 PM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, OU=Datpol, O=Datpol Janusz Siemienowicz, L=Olkusz, S=malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121EAB2799A417769A6985740A2E4F3F285

File PE Metadata
Compilation timestamp:
4/4/2013 8:30:08 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
12288:uzCddIrptGdzZj/OMxKZPr8Wk47D7+TijvVQMwW53ty9D3gN+S437:Xdd0rGJ/JKZQWv7D7KuvVfwAgJwkS4L

Entry address:
0xAB565

Entry point:
E9, C1, 91, 00, 00, E9, 0B, A6, FF, FF, 0F, 87, F5, C6, 00, 00, E9, 48, EA, 00, 00, 60, 96, 91, 6B, BB, B1, 6F, 13, 2B, 76, 85, 9A, 55, C5, 56, 8E, C9, 76, DD, 81, 32, 0A, 1A, EB, DB, E9, 36, CE, 1A, 64, 55, C6, B5, 2D, 6F, 6C, 58, 71, DD, 2C, 2C, 65, AE, 12, 52, F6, 0B, A0, AC, 75, FB, A6, F9, A5, 20, 1A, 93, 62, 55, 50, 07, B4, 6E, 92, 2A, B6, 1F, F5, 2F, EC, A0, DC, EF, 03, 24, 7B, 38, D2, 1F, 4D, 14, 9B, 33, EE, 12, 49, 41, 2D, 4D, A3, A7, 1F, 2E, E1, D8, FC, F0, B7, BE, ED, DB, 00, 68, AB, 35, C5, C9...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
135 KB (138,240 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.