home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.8.6.0 built by: Windows

MD5:
236b2e4d5d0fb94bdaa4f7faae98af34

SHA-1:
7d9b60e1146282553815de0411f4b7a082a8e28b

SHA-256:
4506249aeba4c1e7a89e13819668d6039c2073962d6dd8600736a5ec40bcb5d9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 3:43:40 PM UTC  (today)

File size:
1.4 MB (1,432,976 bytes)

Product version:
10.8.6

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter firewall\spyshelter.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
8/25/2016 5:55:30 PM

Valid to:
8/26/2017 2:49:24 PM

Subject:
CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=OLKUSZ, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G3, O=GlobalSign nv-sa, C=BE

Serial number:
7F3EA61EAE04BAEDC14B924C

File PE Metadata
Compilation timestamp:
10/27/2016 11:29:50 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
24576:75/LqAmkaAjTW3ONsBlKVThisifqV7kKw3VxNWjWIT7ky//2wjp3eiul/oZ5IqZc:1DikaAjTW+B1isifcYlMj//2upO7/ofg

Entry address:
0x2F3D25

Entry point:
68, A5, BB, A3, FF, E8, 9B, 58, EC, FF, CF, 7D, 77, 29, ED, 44, 5D, 87, 6E, 20, 70, B9, A0, 6F, 20, AC, F2, D0, B2, 99, 2C, 06, DF, CF, 4D, 3E, 09, 0F, 97, 19, 36, 50, 48, 63, 36, E9, 92, 88, 56, 93, A7, 06, DF, 2A, AA, C5, 6A, 27, CC, CF, 00, 49, 98, D1, 16, 32, 22, D0, 63, 0D, 3B, 07, A0, D9, 07, AF, 9D, AF, EA, BA, 35, B8, 5F, C6, 2B, 83, AF, B5, 48, 5A, 2A, C8, 4D, 37, 7C, 02, 01, 3D, 79, 46, D9, 07, B3, CF, E1, 51, 0D, AA, 71, 84, 69, A8, 61, F6, D6, C7, 37, 2C, 01, 0B, C0, 62, 73, 7F, 96, 30, 01, F9...
 
[+]

Code size:
178 KB (182,272 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.