home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.1.0.0 built by: Windows

MD5:
1805e2c3b2394f23e129e2ba725bdb7c

SHA-1:
69f9c0537cbe25d435cc06d17150493d61ad85b2

SHA-256:
4de19c57b6d4da3526cca6160e0f90fdade43abd29090183e2591dd1ea153c22

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/30/2024 6:51:00 AM UTC  (today)

File size:
334.3 KB (342,280 bytes)

Product version:
10.1

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter free anti-keylogger\spyshelter.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
11/6/2014 2:08:03 AM

Valid to:
1/9/2016 12:09:30 AM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D2FCC60F24553FA9E8F529B814703D51

File PE Metadata
Compilation timestamp:
8/28/2015 7:50:36 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:FZJXYFX4GblbmxD9V+8XYoJ6BQnMKANioPqe5M/+fgNfhVHAtkkC1L:TJX01B+DyCvJEIoioS6M/NNfhVmkkC1L

Entry address:
0xAF16D

Entry point:
E8, F3, 3C, FF, FF, 1A, 41, 51, DB, 9F, 95, AE, 6E, 0C, 5C, A3, FF, 64, 15, CE, 38, 84, AE, 54, F8, A4, 8E, EE, A4, 1C, 36, 8A, 80, 03, DC, A3, DF, BE, 9A, 8F, 8F, BE, 11, D2, B0, 2C, 94, AB, AA, 3E, E4, 68, C2, 22, 7B, F0, DF, F8, E5, EF, BC, B8, 36, E1, A5, 60, 44, 0E, 0E, 7D, EC, A7, CC, 6C, A1, 8F, 93, F4, 1E, 1C, 3E, 03, 6C, 37, BC, A6, 66, C4, 0F, 77, 6B, D9, E0, F4, 65, 9A, 7B, F4, 61, FC, 8E, 1D, F9, 0E, 9D, C5, AD, 75, 95, FD, E7, EE, 29, B8, 09, 04, CB, 28, EF, 80, 97, 54, CD, 2C, B3, 61, C4, 0F...
 
[+]

Entropy:
7.8946  (probably packed)

Code size:
123.5 KB (126,464 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.