home

spyshelter.sys

Datpol

It runs as a Windows kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.8.4.0 built by: Windows

MD5:
b0796e86cd338fc0fc0290ddedef23a4

SHA-1:
cd661df6e9cee9df0bb6453aa020edce8016f09b

SHA-256:
efa20cfedcc9b12a775ea41cb6ed008e36c224a802dbe0e9c5c9632b11169c80

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
2/25/2025 12:51:54 AM UTC  (today)

File size:
953.5 KB (976,424 bytes)

Product version:
10.8.4

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter free anti-keylogger\spyshelter.sys

Digital Signature
Signed by:
Datpol

Authority:
GlobalSign nv-sa

Valid from:
9/9/2015 6:37:53 PM

Valid to:
9/9/2016 6:37:53 PM

Subject:
CN=Datpol, O=Datpol, L=Olkusz, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121C3B40F5627D2C5927A0D3740680419CC

File PE Metadata
Compilation timestamp:
8/5/2016 5:03:37 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
24576:CrRoBVw36eVN21skDiqKwBNpSNqiiaDaiRAF:6Royv41pewBNpeqii+7uF

Entry address:
0x21AFAF

Entry point:
68, 38, 14, 41, 07, E8, 5A, 83, F2, FF, 00, 00, 00, 44, 62, 67, 42, 72, 65, 61, 6B, 50, 6F, 69, 6E, 74, 57, 69, 74, 68, 53, 74, 61, 74, 75, 73, 00, 0F, 85, AE, EE, FF, FF, E9, 3F, 95, FE, FF, DE, 2F, 23, 0A, E6, 2D, 96, C0, C1, CF, 02, 5E, AB, 36, DA, 1F, 47, 57, DD, 81, 77, 11, 39, F9, BE, 61, 40, 88, 04, 6D, AD, 97, 3A, 19, 19, C9, B5, A0, 25, A7, 6F, 7C, AD, 39, 6F, BD, FC, 6A, 2B, FC, 09, 5D, 6C, CB, FB, 21, 67, 81, EC, DE, A3, CE, 53, EC, EC, E6, 3E, 09, C9, 55, 94, 24, BB, 7B, 9B, 7D, 24, EB, 32, 4B...
 
[+]

Entropy:
7.9613  (probably packed)

Code size:
129.5 KB (132,608 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.