home

spyshelter.sys

Datpol

It runs as a Windows kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.6.0.0 built by: Windows

MD5:
91072f594cbefd843660dfb788ef5799

SHA-1:
c2367990945e0f1bc3dc914f3d3416f4f5735a71

SHA-256:
937423e452600b0bed45043ce9c674eb8cde9a07b5aed1e8134a7908adbd03de

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 6:32:04 AM UTC  (today)

File size:
440.9 KB (451,464 bytes)

Product version:
10.6

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter premium\spyshelter.sys

Digital Signature
Signed by:
Datpol

Authority:
GlobalSign nv-sa

Valid from:
12/17/2015 7:54:53 AM

Valid to:
9/9/2016 11:37:53 AM

Subject:
CN=Datpol, O=Datpol, L=Olkusz, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121B855E0C0CC521D24E52FEBEB543ED512

File PE Metadata
Compilation timestamp:
12/21/2015 4:24:07 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:Vuq4v5RITy8LWLZ/fzakp1FUhjR98YCzzcj4bJNE77NESPAxT3DjPCG3aMv+wO8G:UbRRIFLaPwR9qZA/qSPwfjPCG3vJG

Entry address:
0xF768D

Entry point:
9C, 60, C7, 44, 24, 20, FF, 7D, AE, F0, 66, C7, 44, 24, 04, A2, 8E, C7, 44, 24, 1C, 11, A7, 29, 35, 9C, 66, 89, 7C, 24, 04, 8D, 64, 24, 20, E9, A7, 17, 00, 00, 66, 0F, B6, DB, 66, F7, D7, 8B, 5C, 24, 08, 8D, 3C, 8D, 30, EE, 71, 81, E9, DA, F5, FF, FF, 85, FE, 3B, 4D, FC, 60, 9C, 8D, 64, 24, 24, 0F, 83, BB, A1, F9, FF, E8, E5, AC, FB, FF, FF, 30, 8F, 44, 24, 0C, 9C, 66, C7, 04, 24, F7, 18, FF, 74, 24, 10, C2, 14, 00, 50, F0, 1F, FD, FD, 8B, F7, 92, 61, B2, B4, 77, C2, 1C, 20, 74, 41, 94, 2E, C8, C5, EF, 7D...
 
[+]

Code size:
162.5 KB (166,400 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.