home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows 64-bit kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.1.0.0 built by: Windows

MD5:
c7b42e74dc02ded64e72b0028d6dc81c

SHA-1:
a7fe828c3893fa7ea9c77bfb02e68c3da6759566

SHA-256:
015f2127f4324eaee94ed9d400b163ec2841b566cf373ed1637ac776d177ab13

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/30/2024 12:08:18 AM UTC  (today)

File size:
1 MB (1,055,496 bytes)

Product version:
10.1

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter free anti-keylogger\spyshelter.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
11/5/2014 7:08:03 PM

Valid to:
1/8/2016 5:09:30 PM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D2FCC60F24553FA9E8F529B814703D51

File PE Metadata
Compilation timestamp:
8/28/2015 12:50:46 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
24576:AIksow9uGQoMDXVE970LfYyMEAAfyxFLWJvEYnbCNHmb:Ah7wtQoMD2hyfTBq/LWJcNHmb

Entry address:
0x2305B1

Entry point:
68, 91, 29, D0, FF, E8, E2, DF, 00, 00, 00, 00, 00, 50, 73, 47, 65, 74, 54, 68, 72, 65, 61, 64, 50, 72, 6F, 63, 65, 73, 73, 00, 00, 00, 00, 50, 73, 4C, 6F, 6F, 6B, 75, 70, 54, 68, 72, 65, 61, 64, 42, 79, 54, 68, 72, 65, 61, 64, 49, 64, 00, FD, F9, F2, 39, D5, 10, C4, 92, 8B, DF, FE, 9C, F8, 38, AE, E7, 27, EB, D0, 58, 4A, 8F, F7, 24, 0E, 26, 29, 09, 42, CD, 8D, 9B, E2, B5, 9A, 8A, 53, 97, BE, 7A, A5, 58, A4, D9, CA, 9C, 93, 9B, DF, DB, F7, C3, 1F, B2, AB, 55, 7E, EC, 6C, A9, 20, 43, 92, 8B, F7, DE, 1B, F8...
 
[+]

Code size:
1024 KB (1,048,576 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.