home

STShell64.dll

Spyware Terminator 2015

Crawler Group, LLC

The module STShell64.dll, “Spyware Terminator 2015 Shell Menu Extension” by Crawler Group has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Spyware Terminator 2015 by Crawler Group, LLC which is a potentially unwanted software program.
Publisher:
Crawler Group  (signed by Crawler Group, LLC)

Product:
Spyware Terminator 2015

Description:
Spyware Terminator 2015 Shell Menu Extension

Version:
3.0.0.101

MD5:
c32a2de13fda421e1d96a6ee2d56c02c

SHA-1:
9c402301b17ac42c58ea3ef74473b9b80e8e77df

SHA-256:
40ed9c0e8425372e637a70233cd867336e723d48f476b744710198dee991786f

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
2/24/2025 1:07:45 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Crawler (M)
17.3.16.10

File size:
1.4 MB (1,437,960 bytes)

Product version:
3.0.0.0

Copyright:
© SpywareTerminator.com

Original file name:
STShell64.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\spyware terminator\stshell64.dll

Digital Signature
Signed by:
Crawler Group, LLC

Authority:
Symantec Corporation

Valid from:
4/5/2016 2:00:00 AM

Valid to:
8/21/2017 1:59:59 AM

Subject:
CN="Crawler Group, LLC", O="Crawler Group, LLC", L=Wilmington, S=Delaware, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
533225A4195C349EB2DE67B04D02A0C4

Registration
CLSID:
{F32C83B9-DF1D-42AD-9741-C52909703957}

ProgID:
STShell64.STShellMenu

COM registered:
Yes

File PE Metadata
Compilation timestamp:
1/13/2015 9:08:43 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x10B190

Entry point:
55, 48, 81, EC, 90, 00, 00, 00, 48, 8B, EC, 48, 89, 4D, 30, 89, 55, 3C, 4C, 89, 45, 40, 90, 48, 8D, 4D, 48, 48, 8D, 15, C6, 59, FF, FF, 4C, 8B, 45, 30, 44, 8B, 4D, 3C, 48, 8B, 45, 40, 48, 89, 44, 24, 20, E8, B8, 55, F0, FF, E8, 93, F5, EF, FF, C7, 85, 8C, 00, 00, 00, 01, 00, 00, 00, EB, 17, 90, 90, E8, C0, F7, EF, FF, 85, C0, 0F, 94, C0, 48, 0F, B6, C0, 89, 85, 8C, 00, 00, 00, 90, 8B, 85, 8C, 00, 00, 00, 48, 8D, A5, 90, 00, 00, 00, 5D, C3, 90, 48, 83, EC, 28, E8, 27, EB, EF, FF, 48, 83, C4, 28, C3, CC, CC...
 
[+]

Code size:
1 MB (1,090,560 bytes)

Approved Shell Extension
Name:
STShellMenuHandler

CLSID:
{F32C83B9-DF1D-42AD-9741-C52909703957}


The file STShell64.dll has been discovered within the following program.

Spyware Terminator 2015  by Crawler Group, LLC
Publisher's description - “Free real-time protection that effectively detects, removes and prevents spyware, adware, trojans, keyloggers, home page hijackers and other malware threats that may harm your computer.”
www.spywareterminator.com
61% remove it
 
Powered by Should I Remove It?

Remove STShell64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.