home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.1.0.0 built by: Windows

MD5:
ac4e84d040ce6e63568946c83ae88d7d

SHA-1:
238f61551b8e6acbf1dcb299c6db3a08b4ad0229

SHA-256:
eedbb437c2b66fe3a63f946717f8ad3975b52b311f544b08c3510b18227bc785

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 11:13:25 AM UTC  (today)

File size:
461.3 KB (472,328 bytes)

Product version:
10.1

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter free anti-keylogger\spyshelter.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
11/5/2014 9:08:03 PM

Valid to:
1/8/2016 7:09:30 PM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D2FCC60F24553FA9E8F529B814703D51

File PE Metadata
Compilation timestamp:
8/28/2015 2:45:26 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:6WzBKgj/WaAEysyz6yLp87r5ODyHvmVLbasnThLeLxMxlUz2WS2jMp2ZKquwkGCY:6UWF3z6ylc9O2PmlPOzvjjyhSkrEEv1E

Entry address:
0x1016C6

Entry point:
68, 52, B6, D4, 23, C6, 04, 24, 17, C7, 04, 24, F8, FF, AD, A2, 9C, C7, 04, 24, 71, 24, 7A, 29, 60, C6, 04, 24, CD, 8D, 64, 24, 20, E9, 96, 28, 00, 00, F7, CA, 1A, D5, A3, 0E, AC, 69, 79, 4C, 56, 77, CA, B4, AE, BF, A5, AC, B6, BB, 93, FA, E0, D1, CB, E2, F8, F9, 13, 0C, 16, 2F, 92, DC, DC, 8E, 5E, D9, 28, 74, 5B, B1, A1, BC, A6, BB, 6E, 73, 73, 25, 02, DD, 60, 07, 1E, D2, FE, 9F, 1D, AB, 80, 90, A5, BF, 92, BA, F3, 62, 80, 37, 42, 9C, 80, 26, 78, E9, 0B, 05, 8C, 94, 78, A4, 6F, D8, CF, 5E, 7B, 9A, 3C, 25...
 
[+]

Entropy:
7.9229  (probably packed)

Code size:
159.5 KB (163,328 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.