home

SpyShelterKb.sys

Datpol

It runs as a Windows 64-bit kernel mode device driver named “SpyshelterKb”.
Publisher:
SpyShelter  (signed by Datpol)

Product:
SpyShelter

Description:
SpyShelter Additional Driver

Version:
10.2.0.0 built by: WinDDK

MD5:
45b29479633419d7cba0ccbfab70c4e9

SHA-1:
3e77d659d44bf5886e28d7beff220c0955dcc555

SHA-256:
35613a80ae20878dc3973f16c04762cd83f5daf45f0e2efcafae089779b647a9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2025 9:00:19 AM UTC  (today)

File size:
172 KB (176,080 bytes)

Product version:
10.2

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterKb.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter free anti-keylogger\spyshelterkb.sys

Digital Signature
Signed by:
Datpol

Authority:
GlobalSign nv-sa

Valid from:
9/10/2015 2:45:39 PM

Valid to:
9/9/2016 5:37:53 PM

Subject:
CN=Datpol, O=Datpol, L=Olkusz, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121773958921AADBD140FA20DCFF3EE2E49

File PE Metadata
Compilation timestamp:
9/18/2015 10:31:03 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:CtIJzm/D/mHUEPHHcNYdaR/FSszuMNSM0GOD5X+GGik23dUY4j8V7ul39PjkuAbw:5dmrO0EfwYUvRZY7GODc7ikoUY4l39PF

Entry address:
0x6AFE9

Entry point:
E9, C8, E6, FE, FF, 0F, 82, 8E, 04, FE, FF, 85, D1, F8, 80, FF, C1, 83, C1, FF, E9, 14, FC, FE, FF, 0F, 84, 99, D0, FE, FF, 80, DD, C4, 66, 0F, BE, C2, 1C, 74, 80, C1, 81, 48, 29, DB, 66, 89, F1, 48, FF, C1, 66, F7, D9, 89, 5D, FC, C0, E0, 02, 66, 0F, BE, C0, 66, D1, C8, 66, 0F, AD, F9, 89, D0, 28, D1, C1, E8, 10, F6, DD, D2, D5, 66, 0F, BC, CE, 0F, BD, CD, 8B, 4E, 04, 85, FB, F6, C5, 0A, 09, C9, E9, 97, 1C, 00, 00, 8A, 70, 88, 7C, D1, B1, DE, 2F, 28, 1E, A3, 16, C1, 49, DF, C9, CE, 81, 54, A6, 6D, 03, 05...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
59 KB (60,416 bytes)

Driver
Display name:
SpyshelterKb

Type:
Kernel device driver (KernelDriver)

Depends on:
SpyShelter


Scan SpyShelterKb.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.