home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows 64-bit kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.1.0.0 built by: Windows

MD5:
90d3baa3b2479d1e940f01802bc22641

SHA-1:
e34d221c7ed1337da2e380e2396db831b6043755

SHA-256:
2da3948b242180ee7c5867f6bc64581e4276555e8c2cc3b5e06163309ef24830

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/30/2024 12:17:16 AM UTC  (today)

File size:
1.1 MB (1,148,168 bytes)

Product version:
10.1

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter firewall\spyshelter.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
11/5/2014 12:08:03 PM

Valid to:
1/8/2016 10:09:30 AM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D2FCC60F24553FA9E8F529B814703D51

File PE Metadata
Compilation timestamp:
8/28/2015 6:36:42 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
24576:C5N3mAbqrCapcYtGa9DgGSfpzfQ8mdQeuQxwd12WI9oeiemt:c3mAbqegt0GU1xzoldQeTY2WI+Lt

Entry address:
0x190AE5

Entry point:
68, 9D, 02, 0C, 0F, E8, 45, 1A, 0E, 00, 00, 00, 00, 52, 74, 6C, 41, 64, 64, 41, 63, 65, 00, A3, D0, DA, E5, 1E, 2F, FD, BB, 10, 57, 66, F0, BB, 03, 09, 18, FD, 50, AC, 7D, 4C, 51, 39, 4A, 89, B8, 6F, 49, 43, A4, B5, 6C, 53, D5, 42, 73, 75, 72, 43, 04, 15, BD, 9F, C1, 23, 12, 5A, AE, CB, C6, D7, F6, FE, 6B, 1A, 2B, 82, DA, 79, 02, 33, AF, BB, 10, E3, D2, A2, BB, 03, 05, 14, AF, 50, AC, 01, 30, 03, 39, 4A, DD, EC, 3D, 49, 43, 18, 09, 3E, 53, D5, F6, C7, 27, 72, 43, B8, A9, EE, 18, A7, 5B, 9E, AD, D9, 0E, 01...
 
[+]

Entropy:
7.9574  (probably packed)

Code size:
1.1 MB (1,141,248 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.