home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
9.5.00.00 built by: Windows

MD5:
7ccdcdc50196fe4d85983aeccfccbfbc

SHA-1:
b03036093f2a613e4345fd4779af1ff722efd33e

SHA-256:
536570bd68eaebb5bac6ef824fccfb69647929d743e47146574ed4f181655991

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 9:50:32 AM UTC  (today)

File size:
409.8 KB (419,680 bytes)

Product version:
9.5

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter premium\spyshelter.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
8/26/2014 1:14:04 PM

Valid to:
12/8/2014 5:09:30 PM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121B2A7BEEB0FC74F69CC135D6161C7095F

File PE Metadata
Compilation timestamp:
10/23/2014 3:05:59 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:/ErGWX8Ga04Mm8qoewchJdefGmy0qFwZLuibKIjhlKYJlCDwEcWO2IJtH3w:syWs04MmzZJRmyhUiBIjDKYflbWBIHw

Entry address:
0xA1DD3

Entry point:
55, C7, 04, 24, 11, DE, 8B, FE, 55, 68, 14, C9, DD, 37, E9, 73, D9, 03, 00, 50, 83, C1, FF, 9C, FF, 34, 24, 66, 89, 7C, 24, 0C, 50, 8D, 64, 24, 14, 0F, 84, 3E, E3, 03, 00, F9, 0F, BA, E5, 1E, 9C, 81, C2, 1C, 01, 00, 00, 9C, C7, 04, 24, ED, EB, 2C, 46, 8D, 64, 24, 08, E9, E9, A8, 03, 00, C0, FD, 38, 29, 55, 22, 3A, DF, 6B, 66, D9, 9D, 31, D6, E7, E8, D6, 4B, D2, 9B, 12, B9, F0, C5, 13, 02, AD, 06, BB, 12, 31, 3F, 7C, 4D, 03, 3A, B3, 52, 0A, 89, 93, E6, 72, 51, 60, 69, 9C, B4, 3B, 09, FF, 4F, A5, 2C, 8C, 96...
 
[+]

Code size:
148.5 KB (152,064 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.