home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.0.0.0 built by: Windows

MD5:
20110efc949747848945a03e5c2d6d07

SHA-1:
8a12f6077aafb8b40cbcafca5ff4d8c7528bc665

SHA-256:
1f89b1213848231af57f23142b70d939647663b47f9770ce8b9e31d3b0f9c12f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 7:41:08 AM UTC  (today)

File size:
469.3 KB (480,520 bytes)

Product version:
10.0

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter firewall\spyshelter.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
11/5/2014 8:08:03 PM

Valid to:
1/8/2016 6:09:30 PM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D2FCC60F24553FA9E8F529B814703D51

File PE Metadata
Compilation timestamp:
7/29/2015 3:56:25 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
12288:GW5AaZlXFexI3OGcAvNfACFudrfTib0sumN5a6+:GEAwNFexoOGrlACMFeb087v+

Entry address:
0xDA88A

Entry point:
60, E8, 87, 9A, 00, 00, 10, D7, FB, A2, C5, F5, 35, A1, 2C, BF, C0, A9, 5C, E3, 48, 90, F6, C8, AC, 27, 8A, 0F, 34, 9E, 02, 5B, C0, A3, 86, 94, 38, F9, DE, D2, B4, 0D, 72, 08, 6B, E2, 03, FF, 70, 2E, 23, 8A, A5, C1, C4, 5A, 22, C7, 7F, 41, 2D, D3, FA, 46, F2, A3, 62, E4, A4, A9, 93, 91, 36, 33, 78, EC, 5A, 3E, 74, 18, 77, A2, 47, 71, 86, C7, B8, AC, 71, 38, 28, 53, E2, A6, FD, C1, 54, D8, 5A, 5A, 8E, 92, 36, B9, F5, F6, 73, 35, 26, 68, 37, 7B, C1, 86, A0, A5, 5A, DA, CB, C9, CC, 70, 8B, B9, 3F, 02, 6E, 7D...
 
[+]

Packer / compiler:
ASPack v1.08.04

Code size:
158.5 KB (162,304 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.