home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows 64-bit kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.8.6.0 built by: Windows

MD5:
16c22bcb03230abede01622f90f5f1eb

SHA-1:
d8ad2f80fbad56f51ada44a9e1e8b098808ce1da

SHA-256:
7c5ccf62af3943d99e35dc5504b42988585bc8d67ce47d00d8f885e2290c154e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/6/2024 10:08:35 AM UTC  (today)

File size:
1.8 MB (1,935,248 bytes)

Product version:
10.8.6

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter premium\spyshelter.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
8/25/2016 4:55:30 PM

Valid to:
8/26/2017 1:49:24 PM

Subject:
CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=OLKUSZ, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G3, O=GlobalSign nv-sa, C=BE

Serial number:
7F3EA61EAE04BAEDC14B924C

File PE Metadata
Compilation timestamp:
10/28/2016 10:17:18 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
49152:Ytsl7NZrdZjyWODlr5J3NELqDEnTcRgD9kPmLZoSUGuxL3M/5Nkk6q:esHrQRr58uAoRu9kPmLWlVMBOkH

Entry address:
0x2CF766

Entry point:
68, FE, BE, 72, 6B, E8, 90, A0, 17, 00, 00, 00, 4B, 65, 45, 6E, 74, 65, 72, 43, 72, 69, 74, 69, 63, 61, 6C, 52, 65, 67, 69, 6F, 6E, 00, 00, 6F, A9, 12, 81, 56, 5E, 08, 2B, 1D, 91, 1E, 8C, 52, A1, EF, 9A, 87, D0, 18, FF, 81, 5D, 11, 15, 6B, C8, 23, 68, 6B, 49, 75, 53, 9A, 97, 08, 49, 9B, F8, FC, 18, 27, 1C, C9, 17, 4B, 4C, C8, C4, 61, 68, 1F, 75, 76, 53, BF, 37, 0A, 66, F6, AD, 9B, FF, 5A, 3D, 27, 06, E5, C2, 2F, 0C, 8F, 29, C1, A6, 5D, 6B, B9, 20, 5C, D9, 53, 84, 41, F1, 00, A9, AF, 1C, 5D, 56, 65, 35, 9F...
 
[+]

Code size:
195 KB (199,680 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.