home

spyshelter.sys

Datpol

It runs as a Windows kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.8.4.0 built by: Windows

MD5:
1f9b26870b51e0f07518b0a2024ebba7

SHA-1:
9e87eeea4290983d164a0796b891cbbe2275b489

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/4/2024 5:01:21 PM UTC  (today)

File size:
1.4 MB (1,419,816 bytes)

Product version:
10.8.4

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter premium\spyshelter.sys

Digital Signature
Signed by:
Datpol

Authority:
GlobalSign nv-sa

Valid from:
9/9/2015 5:37:53 PM

Valid to:
9/9/2016 5:37:53 PM

Subject:
CN=Datpol, O=Datpol, L=Olkusz, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121C3B40F5627D2C5927A0D3740680419CC

File PE Metadata
Compilation timestamp:
8/5/2016 4:30:03 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
24576:kWhvsdYHneoswe75gLdxaEL2WQp+SGVyj7gMW1mDnL87KXbn/zR8pVrLPDCZ+Do:kWvsdY0wSgL/PLzPSV3TW14nL8sbn/z7

Entry address:
0x2F8F01

Entry point:
68, 5C, 67, 4A, 58, E8, 24, 1F, EC, FF, 00, 00, 00, 4B, 65, 51, 75, 65, 72, 79, 50, 65, 72, 66, 6F, 72, 6D, 61, 6E, 63, 65, 43, 6F, 75, 6E, 74, 65, 72, 00, 0D, C7, 40, C4, AF, 08, 6D, BF, 3B, A6, B4, 82, BF, 3B, E8, 13, 52, 40, C4, 81, E7, EC, BF, 3B, 7B, 48, F8, BF, 3B, E6, A0, E2, BF, 3B, 30, F5, FE, BF, 3B, 4B, FB, 83, 40, C4, BF, AE, 9C, 40, C4, 2C, D5, 7F, BF, 3B, 97, 2A, 4E, BF, 3B, A2, 55, 56, 97, 18, C6, A2, 3B, A0, 0F, 3F, 5D, C4, D9, 5A, A2, 3B, 75, D2, F0, 5D, C4, 98, D8, 16, 5D, C4, 78, 0E, 03...
 
[+]

Code size:
166.5 KB (170,496 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.