home

spyshelter.sys

Datpol

It runs as a Windows 64-bit kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.7.7.0 built by: Windows

MD5:
17aeb8efebc8e4e149b0cf11996d5c39

SHA-1:
c872ecc2dcb567b185e135a9e07bd8ec14462732

SHA-256:
4626240f9cb1b5b0d1a8990e1fbd992cbafdcd1d4636bc42ded3c3a81ef7f676

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/4/2024 4:55:06 PM UTC  (today)

File size:
1.1 MB (1,177,640 bytes)

Product version:
10.7.7

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter premium\spyshelter.sys

Digital Signature
Signed by:
Datpol

Authority:
GlobalSign nv-sa

Valid from:
9/9/2015 5:37:53 PM

Valid to:
9/9/2016 5:37:53 PM

Subject:
CN=Datpol, O=Datpol, L=Olkusz, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121C3B40F5627D2C5927A0D3740680419CC

File PE Metadata
Compilation timestamp:
6/13/2016 4:40:10 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
24576:4an9af7olj/ArkvnZu22BuGT2/sr97zAOhwGQ0bvBDQFSi8Iq+VmeH:4mU7oj4rkvnZu2wKI1EOhwGXbvBDQsIn

Entry address:
0x289F43

Entry point:
68, 31, 7C, D3, 11, E8, CB, AD, 02, 00, 49, 6E, 45, 66, 70, 42, 6D, 7D, 79, 7A, 4F, 03, ED, 7E, 78, 4E, 39, DB, 68, 94, 87, B4, 09, B1, 70, 52, 75, 6E, 45, 76, 63, 6D, 4A, 7E, 6A, 43, 1F, FB, 66, 74, 43, 2A, 8B, 53, 64, 44, 6A, 68, 72, 6D, 79, 44, 76, 41, 29, E1, 14, B8, 01, 00, 00, 00, C3, 77, 62, 71, 60, 6C, 74, 08, 52, 75, 6E, 42, 74, 76, 6D, 65, 74, 4C, 44, 25, EC, 7B, 79, 48, 19, E4, 54, 89, 9B, A9, 02, A4, 70, 52, 75, 6E, 56, 74, 65, 69, 78, 75, 4C, 44, 25, EC, 7B, 79, 48, 1E, FF, 75, 94, 87, A7, 6C...
 
[+]

Code size:
187 KB (191,488 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.