home

SpyShelterKb.sys

Datpol

It runs as a Windows 64-bit kernel mode device driver named “SpyshelterKb”.
Publisher:
SpyShelter  (signed by Datpol)

Product:
SpyShelter

Description:
SpyShelter Additional Driver

Version:
10.6.0.0 built by: WinDDK

MD5:
b4dd44f9451545f11e6f08e5a2c13673

SHA-1:
794e2baeabfb8579d8ad9132526cc9df824b3232

SHA-256:
6a2fde9d451dfde4f0ff24b492fe1db29ba5e9223f43fe2dcd62b830309058ac

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 10:06:41 AM UTC  (today)

File size:
976.4 KB (999,816 bytes)

Product version:
10.6

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterKb.sys

File type:
Driver (Win64 SYS)

Language:
Anglu (Amerikas Savienotas Valstis)

Common path:
C:\Program Files\spyshelter firewall\spyshelterkb.sys

Digital Signature
Signed by:
Datpol

Authority:
GlobalSign nv-sa

Valid from:
12/17/2015 2:54:53 PM

Valid to:
9/9/2016 6:37:53 PM

Subject:
CN=Datpol, O=Datpol, L=Olkusz, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121B855E0C0CC521D24E52FEBEB543ED512

File PE Metadata
Compilation timestamp:
12/17/2015 3:00:20 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
24576:TDGYvn1rgMAF9C+UpjczXi5Cv+X1mM/IwBhHtm:3GY9MMAF9VNzCP7Bttm

Entry address:
0x14BC81

Entry point:
68, 29, FA, EB, 02, E8, 50, 92, 0E, 00, 00, 00, 00, 4D, 6D, 55, 6E, 6C, 6F, 63, 6B, 50, 61, 67, 65, 73, 00, 51, 20, EE, FF, 49, 57, 00, 15, 00, 85, 93, 9C, EA, FF, BB, D5, 9A, 15, 00, 4F, B2, 9D, 16, 00, 4A, 58, 08, EA, FF, 99, 30, 7B, E8, FF, 27, BD, 6E, 10, 00, 2E, D3, FB, 14, 00, DB, 0D, 5E, EB, FF, F1, C8, E3, E9, FF, E7, 0E, 30, EA, FF, 01, 3F, BF, 14, 00, C5, E3, 23, EB, FF, 9B, 75, 25, 14, 00, 7F, E2, 22, 17, 00, 3A, E8, B7, EB, FF, 31, 08, C4, E9, FF, F7, BD, D1, 11, 00, 3E, EB, C0, 14, 00, 4E, 42...
 
[+]

Entropy:
7.8715  (probably packed)

Code size:
965.5 KB (988,672 bytes)

Driver
Display name:
SpyshelterKb

Type:
Kernel device driver (KernelDriver)

Depends on:
SpyShelter


Scan SpyShelterKb.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.