home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
3.1.00.00 built by: Windows

MD5:
7fbe70f021c7a5781076c3a4d2485403

SHA-1:
b1ac7286e25cb207c825ab8f328fc58ae85f5e89

SHA-256:
469806ff21dfeb9975786432e300fecf28744f40a7cc2423df39b7cf24931454

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 11:34:51 AM UTC  (today)

File size:
416.3 KB (426,336 bytes)

Product version:
3.1

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\spyshelter firewall\spyshelter.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
11/1/2013 5:08:56 PM

Valid to:
12/9/2014 12:09:30 AM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112176D4B94E84F997B75286D5F8613C2EFD

File PE Metadata
Compilation timestamp:
7/1/2014 8:17:51 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:9oxpSIQg0SBPA+I+d2TWh229mJGiTMy26aH/80Hf5cVbHIsQNQTmqZZMuEVhWoIF:uxjQ9SBPXvdyG7ign68E0GTFZMFE8E

Entry address:
0x82C85

Entry point:
68, C3, CB, EA, 71, E8, 05, 71, 00, 00, E8, 52, 8F, 00, 00, CD, 90, 88, 40, E7, 1A, 17, 28, B9, FC, BB, C6, 91, FC, AB, E2, 39, 6C, 20, 71, 83, 32, 99, 03, 56, 25, 80, 38, FB, 69, F8, 98, D5, 02, 85, 18, 3E, F9, 0E, 99, 41, DB, 8E, C7, 10, CD, 8A, F3, AC, E1, B6, EF, B0, E5, 51, 81, C6, 87, 0B, CF, 90, 25, 82, 37, 10, 36, DB, C5, 91, EF, DB, D1, 5A, E4, DB, 73, B7, 61, 46, B7, E8, 85, C8, B0, 7A, 56, 1B, F4, 30, E0, 7A, 1B, 0B, E0, C0, D6, 16, 58, 5C, A1, B1, C5, E2, 3A, 6E, 8B, 4F, 9F, B2, 4B, 93, DA, DA...
 
[+]

Entropy:
7.9151  (probably packed)

Code size:
132.5 KB (135,680 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.