home

gshell.dll

Gizmo Shell Module

Arainia Solutions, LLC

It is registered as a context menu handler (displays a menu when right-clicked in Explorer) named “GizmoShellMenuExt”.
Publisher:
Arainia Solutions, LLC  (signed and verified)

Product:
Gizmo Shell Module

Version:
v2.6.0

MD5:
3012cc28067fd5615d297c6633dd957a

SHA-1:
5f2ae554144462ecc6631d51682a4b1248830b80

SHA-256:
6cd0689551904b21c3ddf28ae9c382849211e4e8f587fe47dfe0325207c8032b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
7/8/2025 7:33:37 PM UTC  (today)

File size:
55.1 KB (56,432 bytes)

Product version:
v2.6

Copyright:
© 2004-2008 Arainia Solutions LLC

Original file name:
gshell.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\gizmo\gshell.dll

Digital Signature
Signed by:
Arainia Solutions, LLC

Authority:
VeriSign, Inc.

Valid from:
5/11/2008 8:00:00 PM

Valid to:
5/12/2011 7:59:59 PM

Subject:
CN="Arainia Solutions, LLC", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Arainia Solutions, LLC", L=Kirkland, S=Washington, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0CD8FB52589DC56B5FBE12B314E0E018

Registration
CLSID:
{AF859436-B9BD-4154-B594-2B8D1F4295A6}

ProgID:
Gshell.GizmoShellMenuExt.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
5/26/2008 9:16:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:lxe/F3iaQezNrgQz7jb/6WJE1IWjmCmgDRxBw3b:/k3wQg4Pb/6WG1IWjmCmMnwL

Entry address:
0x4C87

Entry point:
55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, 14, 9A, 00, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, 74, 87, 00, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, 15, FF, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, 5C, FB, FF, FF, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, F1, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, E0, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00...
 
[+]

Entropy:
4.9943

Developed / compiled with:
Microsoft Visual C++ 6.0

Code size:
20 KB (20,480 bytes)

Context Menu Handler
Display name:
GizmoShellMenuExt

CLSID:
{AF859436-B9BD-4154-B594-2B8D1F4295A6}

CLSID name:
GizmoShellMenuExt Class


Scan gshell.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.