home

SpyShelterKb.sys

Datpol

It runs as a Windows kernel mode device driver named “SpyshelterKb”.
Publisher:
SpyShelter  (signed by Datpol)

Product:
SpyShelter

Description:
SpyShelter Additional Driver

Version:
10.2.0.0 built by: WinDDK

MD5:
98fe3f695f582fb1ad4ffa3503658bcd

SHA-1:
16262979208cec7bc64c3bc4d8d23c03ed49ea43

SHA-256:
eaeabedfa8f74ee08f04c7bc898aaa8af59ec4a66e9ee497a1df19ac9bbc78f5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2025 9:00:21 AM UTC  (today)

File size:
124 KB (126,928 bytes)

Product version:
10.2

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterKb.sys

File type:
Driver (Win32 SYS)

Language:
English (United States d'America)

Common path:
C:\Program Files\spyshelter free anti-keylogger\spyshelterkb.sys

Digital Signature
Signed by:
Datpol

Authority:
GlobalSign nv-sa

Valid from:
9/10/2015 2:45:39 PM

Valid to:
9/9/2016 5:37:53 PM

Subject:
CN=Datpol, O=Datpol, L=Olkusz, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121773958921AADBD140FA20DCFF3EE2E49

File PE Metadata
Compilation timestamp:
9/18/2015 10:31:01 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:O6ICPNIkZ9ByhvWna353/m3Vj98WAUlw4nULV20:OAPNIkbByhvWE9Or8WXNUY0

Entry address:
0x31333

Entry point:
E9, 68, 1C, 00, 00, 68, EA, 58, A3, DF, E8, 9C, 10, 00, 00, 00, 00, 73, 74, 72, 72, 63, 68, 72, 00, 16, B6, 59, 79, A6, CE, 96, 14, 16, 51, C0, 58, D6, 4F, 7D, 56, 16, 8A, FA, CF, 99, 8D, 2C, 79, 5E, 64, 59, 76, 7F, 76, CD, 79, 31, B7, 19, FD, 8D, FB, 11, 99, C9, 01, 0B, 46, 75, 4A, 7C, 03, 57, 42, 59, 16, 38, FA, 1A, 03, F6, 5E, F6, FE, 7B, 2C, 59, 13, C5, 95, 30, 3B, 1A, 3B, BA, C6, D6, 18, 5D, 8E, 33, 09, 7E, 22, D6, DE, F4, 30, 6C, 03, 85, 8E, DA, 02, BA, 61, C5, 25, D4, F6, 56, CD, 32, BF, F8, A8, E2...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
45 KB (46,080 bytes)

Driver
Display name:
SpyshelterKb

Type:
Kernel device driver (KernelDriver)

Depends on:
SpyShelter


Scan SpyShelterKb.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.