home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
9.1.00.00 built by: Windows

MD5:
206323cb5a10b3d2757d279cc5d172ec

SHA-1:
5b1e9ffb8f1735c2cba3e6562c8e0d1d2b2adc3f

SHA-256:
633467e1baef40d8bd76c02c5ebefc56960dbea53a743ae2870148d0065de11f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 11:23:27 AM UTC  (today)

File size:
336.8 KB (344,928 bytes)

Product version:
9.1

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter personal free\spyshelter.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
11/1/2013 10:08:56 AM

Valid to:
12/8/2014 5:09:30 PM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112176D4B94E84F997B75286D5F8613C2EFD

File PE Metadata
Compilation timestamp:
7/1/2014 2:13:07 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:KdFesMyF14AvoVJUDdHIMAzu8v1J/ChT2J1dKBp0ySAaU9V/Zc+zg7VSNec2GX:KdM8GCuMA6WJa12JQV9Vh/zg7VwX

Entry address:
0xB4B4C

Entry point:
9C, 88, 3C, 24, E9, 46, F4, FC, FF, 8D, 64, 24, 04, 0F, 82, 50, 07, 00, 00, 66, 0F, BA, E4, 08, F5, 3B, 45, F0, 60, 9C, 57, E8, 0D, CC, FF, FF, 60, 9C, 3D, 7F, 00, 00, 00, 68, B1, 5B, D9, 03, E9, A9, 58, 00, 00, 08, C0, 60, E9, F4, DC, FB, FF, D2, EF, C6, C7, 0B, D2, DF, 66, 0F, AD, EB, 66, 8B, 1E, 9C, 66, C7, 04, 24, EB, D7, 81, E3, FF, 0F, 00, 00, F5, 38, F1, F5, F8, 01, 14, 3B, 83, EC, FC, 9C, 88, 0C, 24, 83, C6, 02, 68, 84, 87, F6, 10, 9C, 49, 60, 66, C7, 44, 24, 04, 00, 5C, 8D, 64, 24, 2C, 0F, 85, E0...
 
[+]

Code size:
123.5 KB (126,464 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.