home

shellex_101.dll

ShellEx

Free Time

It is registered as a context menu handler (displays a menu when right-clicked in Explorer) named “FormatFactoryShell”.
Publisher:
Free Time

Product:
ShellEx

Description:
FormatFactory Shell Menu Module

Version:
1.0.0.1

MD5:
62663225f7f2762355fa2a1b00c134b7

SHA-1:
4691a1f0453a67e4df9a611a6e717922218960a2

SHA-256:
fe0e4c50c8cf3767837e012305edfd12b1679cd7947b0439f220f97ce7b90d4c

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/1/2025 8:33:49 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Trojan.Ramnit-1847
0.98/23207

File size:
174.9 KB (179,073 bytes)

Product version:
1.0.0.1

Copyright:
Copyright (C) 2011

Original file name:
ShellEx.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\freetime\formatfactory\shellex_101.dll

Registration
CLSID:
{A3777921-CFD3-4A6B-89BF-08E6B95716E8}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
1/20/2012 9:21:04 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x13000

Entry point:
60, E8, 00, 00, 00, 00, 5D, 8B, C5, 81, ED, CE, B2, 01, 20, 2B, 85, 35, BA, 01, 20, 89, 85, 31, BA, 01, 20, B0, 00, 86, 85, 66, BC, 01, 20, 3C, 01, 0F, 85, BC, 01, 00, 00, 83, BD, 61, BB, 01, 20, 00, 74, 33, 83, BD, 65, BB, 01, 20, 00, 74, 2A, 8B, 85, 31, BA, 01, 20, 2B, 85, 61, BB, 01, 20, 8B, 00, 89, 85, 9E, BB, 01, 20, 8B, 85, 31, BA, 01, 20, 2B, 85, 65, BB, 01, 20, 8B, 00, 89, 85, A2, BB, 01, 20, EB, 61, 83, BD, 69, BB, 01, 20, 00, 74, 58, 8B, 85, 31, BA, 01, 20, 2B, 85, 69, BB, 01, 20, FF, 30, 8D, 85...
 
[+]

Entropy:
7.5169

Packer / compiler:
ASPack v1.08.04

Code size:
48 KB (49,152 bytes)

Context Menu Handler
Display name:
FormatFactoryShell

CLSID:
{A3777921-CFD3-4A6B-89BF-08E6B95716E8}

CLSID name:
FormatFactoryShell


Scan shellex_101.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.