shell32.dll
Archivo DLL común del shell de Windows by Microsoft
| Version: | 6.1.7601.17514 (win7sp1_rtm.101119-1850) |
| MD5: | ad662b34b161198b9d66a564edda7d43 |
| SHA1: | 9e5e7cb698167e7e739ff8feeac73953fa308790 |
| SHA256: | 335807aa4e88234bf2c639781e92d0dbc41d973754d61ab1da6c8ba4e108aebd |
This is a Windows system installed file with Windows File Protection (WFP) enabled.
Overview
shell32.dll executes as a process with the local user's privileges typically within the context of its parent
svchost.exe (Host Process for Windows Services by Microsoft Corporation). It configures an autoplay handler withing explorer.exe named MSCDBurningOnArrival that will launch the program automatically. This version is designed to run on Windows 7 and is compiled as a 64 bit program.
Details
| File name: | shell32.dll |
| Publisher: | Microsoft Corporation |
| Product name: | Archivo DLL común del shell de Windows |
| Description: | Sistema operativo Microsoft® Windows® |
| Typical file path: | shell32.dll |
| Original name: | SHELL32.DLL.MUI |
| File version: | 6.1.7601.17514 (win7sp1_rtm.101119-1850) |
| Product version: | 6.1.7601.17514 |
| Size: | 13.52 MB (14,172,672 bytes) |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Behaviors
Shell open commands
Context menu handlers
Located in '*\shellex\ContextMenuHandlers'
- Name: 'Move To'
- Name: 'Copy To'
- Name: 'New'
- CLSID: {a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
- CLSID: {90AA3A4E-1CBA-4233-B8BB-535773D48449}
- Name: 'Open With EncryptionMenu'
- Name: 'Open With'
Search handlers
Autoplay handlers
Runs under the registry key 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers'
- Handler name 'MSCDBurningOnArrival'
Copy hook handlers
Approved shell extensions
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
- 'BandProxy' with CLSID {F61FFEC1-754F-11d0-80CA-00AA005B4383}
- 'User Assist' with CLSID {DD313E04-FEFF-11d1-8ECD-0000F87A470C}
- 'Registry Tree Options Utility' with CLSID {AF4F6510-F982-11d0-8595-00AA004CD6D8}
- 'Summary Info Thumbnail handler (DOCFILES)' with CLSID {9DBD2C50-62AD-11d0-B806-00C04FD706EC}
- 'Programs Folder and Fast Items' with CLSID {865e5e76-ad83-4dca-a109-50dc2113ce9a}
- 'Explorer Browser' with CLSID {71f96385-ddd6-48d3-a0c1-ae06e8b055fb}
- 'Custom MRU AutoCompleted List' with CLSID {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}
- 'MRU AutoComplete List' with CLSID {6756A641-DE71-11d0-831B-00AA005B4383}
- '.cpl, .dll, .exe, .ocx, .rll or .sys files' with CLSID {66742402-F9B9-11D1-A202-0000F81FEDEE}
- 'Command Folder' with CLSID {437ff9c0-a07f-4fa0-af80-84b6c6440a16}
- 'Alphabetical Categorizer' with CLSID {3c2654c6-7372-4f6b-b310-55d6128f49d2}
- 'Layout Folder' with CLSID {328B0346-7EAF-4BBE-A479-7CB88A095F5B}
- 'Client application shell extension' with CLSID {25585dc7-4da0-438d-ad04-e42c8d2d64b9}
- 'Control Panel' with CLSID {21ec2020-3aea-1069-a2dd-08002b30309d}
- 'In-pane search' with CLSID {169A0691-8DF9-11d1-A1C4-00C04FD75D13}
- '.fon, .otf, .ttc or .ttf files' with CLSID {0AFCCBA6-BF90-4A4E-8482-0AC960981F5B}
- 'Microsoft Shell Folder AutoComplete List' with CLSID {03C036F1-A186-11D0-824A-00AA005B4383}
- 'Microsoft Multiple AutoComplete List Container' with CLSID {00BB2765-6A77-11D0-A535-00C04FD7D062}
- 'Microsoft History AutoComplete List' with CLSID {00BB2764-6A77-11D0-A535-00C04FD7D062}
- 'Microsoft AutoComplete' with CLSID {00BB2763-6A77-11D0-A535-00C04FD7D062}
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.00014901% | |
| Kernel CPU: | 0.00009609% | |
| User CPU: | 0.00005293% | |
| Kernel CPU time: | 346,363 ms/min | |
| CPU cycles: | 451,072/sec | |
| Context switches: | 8/sec | |
| Memory |
| Private memory: | 4.09 MB | |
| Private (maximum): | 7.24 MB | |
| Private (minimum): | 4.87 MB | |
| Non-paged memory: | 4.09 MB | |
| Virtual memory: | 70.98 MB | |
| Virtual memory (peak): | 75.36 MB | |
| Working set: | 5.23 MB | |
| Working set (peak): | 8.8 MB | |
| Page faults: | 7,245/min | |
| I/O |
| I/O read transfer: | 114 Bytes/sec | |
| I/O read operations: | 1/sec | |
| I/O other transfer: | 39.1 KB/sec | |
| I/O other operations: | 99/sec | |
| Resource allocations |
| Threads: | 4 | |
| Handles: | 97 | |
| GUI GDI count: | 18 | |
| GUI GDI peak: | 21 | |
| GUI USER count: | 9 | |
| GUI USER peak: | 18 | |
Process properties
| Integrety level: | Medium |
| Platform: | 64-bit |
| Command lines: |
- C:\Windows\System32\rundll32.exe shell32.dll,shcreatelocalserverrundll {995c996e-d918-4a8c-a302-45719a6f4ea7} -embedding
- "C:\Windows\System32\rundll32.exe" shell32.dll,control_rundll mmsys.cpl
- C:\Windows\System32\rundll32.exe shell32.dll,shcreatelocalserverrundll {3eef301f-b596-4c0b-bd92-013beafce793} -embedding
- "C:\Windows\System32\rundll32.exe" shell32.dll,control_rundll desk.cpl,screensaver,@screensaver
|
| Owner: | User |
| Parent processes: |
|
Threads
Averages
| ntdll.dll |
| Total CPU: | 0.00427700% | |
| Kernel CPU: | 0.00000000% | |
| User CPU: | 0.00427700% | |
| CPU cycles: | 361,813/sec | |
| Context switches: | 2/sec | |
| Memory: | 1.66 MB | |
| rundll32.exe (Windows host process (Rundll32) by Microsoft) |
| Total CPU: | 0.00271798% | |
| Kernel CPU: | 0.00087790% | |
| User CPU: | 0.00184007% | |
| CPU cycles: | 454,113/sec | |
| Context switches: | 2/sec | |
| Memory: | 60 KB | |
| MMDevApi.dll |
| Total CPU: | 0.00002491% | |
| Kernel CPU: | 0.00000000% | |
| User CPU: | 0.00002491% | |
| CPU cycles: | 218/sec | |
| Memory: | 300 KB | |
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
46.50% |
|
| Windows 7 Professional |
29.00% |
|
| Windows 7 Ultimate |
24.50% |
|
Distribution by country
United States installs about 41.00% of Archivo DLL común del shell de Windows.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Acer |
28.16% |
|
| ASUS |
27.59% |
|
| Hewlett-Packard |
25.29% |
|
| GIGABYTE |
18.97% |
|
