home

folderbackgroundshellext.dll

Shell Tools

Moon Software

It is registered as a context menu handler (displays a menu when right-clicked in Explorer) named “ShellToolsFolderBackground”.
Publisher:
Moon Software  (signed and verified)

Product:
Shell Tools

Description:
FolderBackground shell context menu extension

Version:
1.1.0.69

MD5:
e093f1740fdda27d1bf85dab5518a7de

SHA-1:
caf0a7e57b86462e205d8b3bb8319dc9e28552bb

SHA-256:
129ac6c3a95102ddc0fcc47796fa0ee80a83b4cd91641530c045ba1c697d5597

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/8/2024 12:54:21 PM UTC  (today)

File size:
205.8 KB (210,744 bytes)

Product version:
1.0.0.0

Copyright:
Copyright 2007-2008 Moon Software. All rights reserved.

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Windows\System32\folderbackgroundshellext.dll

Digital Signature
Signed by:
Moon Software

Authority:
VeriSign, Inc.

Valid from:
9/23/2009 3:00:00 AM

Valid to:
9/24/2010 2:59:59 AM

Subject:
CN=Moon Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Moon Software, L=Paide, S=Jarvamaa, C=EE

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5E79DF636B8BF608F81665E16A2BA0D2

Registration
CLSID:
{024CFC5C-4391-4EDD-86BA-5316B041A1D1}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
10/29/2009 1:41:17 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:YDFylG1tYzfvfswBP888888888888W88888888888YJ:YolMGfXBB888888888888W888888888g

Entry address:
0x234D8

Entry point:
55, 8B, EC, 83, C4, C0, B8, 64, 23, 42, 00, E8, F8, 3F, FE, FF, E8, 93, 15, FE, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
135 KB (138,240 bytes)

Context Menu Handler
Display name:
ShellToolsFolderBackground

CLSID:
{024CFC5C-4391-4EDD-86BA-5316B041A1D1}

CLSID name:
FolderBackground shell context menu extension


Scan folderbackgroundshellext.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.