home

SpyShelterKb.sys

Datpol Janusz Siemienowicz

It runs as a Windows kernel mode device driver named “SpyshelterKb”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Additional Driver

Version:
10.1.0.0 built by: WinDDK

MD5:
7dd387400f33a010932dda650920a4f7

SHA-1:
3b8860aed0862895a88413e32f5ba9a98499f5e3

SHA-256:
09aa315ddea36a5045df5e024ab7f005cfdd14857e512c1b14d9812ac4161dcc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 7:44:38 AM UTC  (today)

File size:
118.4 KB (121,264 bytes)

Product version:
10.1

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterKb.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter firewall\spyshelterkb.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
11/5/2014 7:08:03 PM

Valid to:
1/8/2016 5:09:30 PM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D2FCC60F24553FA9E8F529B814703D51

File PE Metadata
Compilation timestamp:
8/28/2015 1:32:32 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:B3VQ/gNzixxHaAEAswikFQkeMLjPfO9i2rs2G:B3q/VBaH/wi/8rftyG

Entry address:
0x3E712

Entry point:
E9, 39, 35, 00, 00, 31, 8F, 70, 31, 72, 9F, 71, 85, CF, FE, 26, AE, 0A, E9, 92, A0, 11, 51, F3, 9E, F2, D0, D9, 58, 37, D8, C6, AD, DD, B7, B9, 5B, 92, 72, 7E, 6A, 81, 26, 8E, AA, F5, 4E, 89, D4, 5B, 9E, 51, 88, 50, 8C, 43, 62, AD, 2C, F4, FC, 24, D4, 1B, C6, 09, AC, 63, A2, 96, 9A, CE, E2, 4C, F9, 73, A4, 3F, 08, 70, B3, D9, 1E, B3, DB, D2, 39, 81, 83, 22, 4E, 8F, 0C, 01, 0D, 6B, 4D, 39, 38, DA, 11, DB, E9, 23, C1, B7, E3, A3, C1, 88, 31, FD, 1F, CE, 54, A4, 53, F1, D4, 34, 8C, B3, 2F, D9, 94, 2C, 72, 13...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
43.5 KB (44,544 bytes)

Driver
Display name:
SpyshelterKb

Type:
Kernel device driver (KernelDriver)

Depends on:
SpyShelter


Scan SpyShelterKb.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.