home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows 64-bit kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.8.6.0 built by: Windows

MD5:
59a6ffd7c82a0807dd194999247ac1f0

SHA-1:
2c1b3bc7c16c972b60c14592410635635f0db90b

SHA-256:
2b3ef70bdac33f554ec81fca9e09ef68b2c3469821c5dd79957432bdf15bdc16

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 3:42:24 PM UTC  (today)

File size:
1.8 MB (1,938,320 bytes)

Product version:
10.8.6

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win64 SYS)

Common path:
C:\Program Files\spyshelter firewall\spyshelter.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
8/25/2016 6:55:30 PM

Valid to:
8/26/2017 3:49:24 PM

Subject:
CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=OLKUSZ, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G3, O=GlobalSign nv-sa, C=BE

Serial number:
7F3EA61EAE04BAEDC14B924C

File PE Metadata
Compilation timestamp:
10/28/2016 12:30:00 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
49152:ojtH977cgjmGCI8aQNIWqN2IeBJKGcH72sz9cgx8WcY:ojtd35CI8kTN9efFc6szrx8WcY

Entry address:
0x416AA2

Entry point:
68, 12, 0A, 85, 79, E8, 89, 49, 03, 00, 49, 26, 47, 8B, E9, 98, 19, 47, 8B, 36, 72, 47, 47, 0B, C4, 63, B9, B8, F4, 1F, 60, 98, B8, 74, E0, 4B, 98, B8, F4, 94, E0, 98, B8, 74, 21, 64, 98, B8, 74, A2, DE, 98, B8, F4, 40, C5, 98, B8, F4, 64, 15, 98, B8, 74, 8B, 3C, 98, B8, F4, C3, 8E, 98, B8, 74, 40, 24, C6, B8, F4, A2, 15, 38, 47, 0B, 29, 96, 19, 47, 8B, 06, 9D, 19, 47, 0B, 26, AE, 19, 47, 8B, 5B, 12, 19, 47, 8B, 90, 30, 19, 47, 0B, 9A, 2F, C4, B8, F4, E5, B1, FB, B8, F4, 73, DF, 57, 46, 8B, 4F, B8, 47, 8B...
 
[+]

Code size:
202.5 KB (207,360 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.