home

SpyShelterKb.sys

Datpol Janusz Siemienowicz

It runs as a Windows kernel mode device driver named “SpyshelterKb”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Additional Driver

Version:
9.3.00.00 built by: WinDDK

MD5:
318fa3920f8048fa9b84ba36cca020ba

SHA-1:
9c91088a3c83453979783559c7bf40b182258cfd

SHA-256:
881a9627d24d73998c51ab56bfd3b1c1862eaaf18063e41f726fb5b9d160ae75

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 9:46:00 AM UTC  (today)

File size:
111.8 KB (114,528 bytes)

Product version:
9.3

Original file name:
SpyShelterKb.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter premium\spyshelterkb.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
8/26/2014 1:14:04 PM

Valid to:
12/8/2014 5:09:30 PM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121B2A7BEEB0FC74F69CC135D6161C7095F

File PE Metadata
Compilation timestamp:
10/2/2014 2:14:50 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:K+xdu62I8cJpiDJ2oC1XovmnIaRfpQgM+I84:rxg698cj0J2oYXoURpRMQ4

Entry address:
0x3CA5E

Entry point:
60, E8, E6, 4B, 00, 00, 65, 05, 66, 06, 05, 9D, D5, 67, 65, 1E, B3, 4B, A5, 20, EA, 25, 65, D9, 69, A0, 26, DA, 7F, 06, 51, 9D, 15, 66, 9D, F0, 8D, 9A, 7E, B5, 08, 6A, DA, E3, 6C, B9, 26, 6E, 5C, DC, 35, C7, 09, 74, 28, 31, E6, 66, 4E, 7B, 83, 1F, E1, FD, 7A, 77, 6F, 4D, 46, A5, 80, 35, 26, 89, CB, 74, 21, 26, E8, 6D, 10, 3D, 37, 2E, 36, F0, AA, 25, 75, 46, 68, C5, 5D, 5E, EF, B2, 67, 0D, CD, 7D, FF, A2, 5F, 37, C5, 97, 08, 44, E8, 52, 43, 81, 74, 9E, 27, F4, 01, 05, 38, 4D, CD, 6C, 20, 95, 75, 71, 77, EE...
 
[+]

Packer / compiler:
ASPack v1.08.04

Code size:
40.5 KB (41,472 bytes)

Driver
Display name:
SpyshelterKb

Type:
Kernel device driver (KernelDriver)

Depends on:
SpyShelter


Scan SpyShelterKb.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.