× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ac93edd48050510aa400b3346a32e807aa00926782bcbba46629ced6c059d9b6
File name: jqs_plugin.dll
Detection ratio: 0 / 42
Analysis date: 2010-04-01 04:34:48 UTC ( 4 years ago ) View latest
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
AVG 20100331
AhnLab-V3 20100331
AntiVir 20100331
Antiy-AVL 20100331
Authentium 20100401
Avast 20100331
Avast5 20100331
BitDefender 20100401
CAT-QuickHeal 20100331
ClamAV 20100401
Comodo 20100401
DrWeb 20100401
F-Prot 20100401
F-Secure 20100401
Fortinet 20100330
GData 20100401
Ikarus 20100401
Jiangmin 20100331
K7AntiVirus 20100322
Kaspersky 20100401
McAfee 20100331
McAfee+Artemis 20100331
McAfee-GW-Edition 20100331
Microsoft 20100331
NOD32 20100331
Norman 20100331
PCTools 20100401
Panda 20100331
Prevx 20100401
Rising 20100401
Sophos 20100401
Sunbelt 20100401
Symantec 20100401
TheHacker 20100331
TrendMicro 20100331
VBA32 20100331
ViRobot 20100331
VirusBuster 20100331
a-squared 20100401
eSafe 20100331
eTrust-Vet 20100331
nProtect 20100331
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright © 2004

Publisher Sun Microsystems, Inc.
Product Java(TM) Platform SE 6 U13
Original name JQSIEStartDetector.dll
Internal name JQSIEStartDetector
File version 6.0.130.3
Description Java(TM) Quick Starter binary
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-03-09 13:18:52
Link date 2:18 PM 3/9/2009
Entry Point 0x000083C8
Number of sections 5
PE sections
PE imports
GetTokenInformation
RegDeleteKeyA
ReportEventA
RegCloseKey
OpenProcessToken
DeregisterEventSource
FreeSid
AllocateAndInitializeSid
OpenThreadToken
RegSetValueExA
RegisterEventSourceA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
EqualSid
RegEnumKeyExA
RegQueryInfoKeyA
GetLastError
EnterCriticalSection
GetSystemInfo
lstrlenA
lstrcmpiA
WaitForSingleObject
FreeLibrary
QueryPerformanceCounter
GetTickCount
DisableThreadLibraryCalls
GetVersionExA
LoadLibraryA
lstrlenW
DeleteCriticalSection
GetCurrentProcess
LoadLibraryExA
SizeofResource
GetThreadLocale
GetLocaleInfoA
GetCurrentProcessId
lstrcatA
IsDBCSLeadByte
SetErrorMode
MultiByteToWideChar
GetLogicalDrives
GetProcAddress
GetCurrentThread
GetLongPathNameA
RaiseException
WideCharToMultiByte
GetModuleHandleA
InterlockedExchange
lstrcpyA
InterlockedIncrement
CloseHandle
GetSystemTimeAsFileTime
lstrcpynA
GetACP
GetFullPathNameA
QueryDosDeviceA
GetModuleFileNameA
InitializeCriticalSection
LoadResource
InterlockedDecrement
CreateFileA
ExitProcess
GetCurrentThreadId
FindResourceA
LeaveCriticalSection
_purecall
malloc
??0exception@@QAE@ABV0@@Z
setlocale
realloc
memset
fclose
__dllonexit
_CxxThrowException
fprintf
fgets
fflush
fopen
_endthreadex
_except_handler3
?terminate@@YAXXZ
_errno
??2@YAPAXI@Z
_onexit
exit
??_V@YAXPAX@Z
??1type_info@@UAE@XZ
_resetstkoflw
_adjust_fdiv
localtime
__CxxFrameHandler
??_U@YAPAXI@Z
tolower
??1exception@@UAE@XZ
wcsncpy
__CppXcptFilter
??3@YAXPAX@Z
free
__security_error_handler
_vsnprintf
memmove
strerror
_beginthreadex
memchr
??0exception@@QAE@XZ
time
_strnicmp
_initterm
strftime
_iob
LoadRegTypeLib
SysStringLen
UnRegisterTypeLib
RegisterTypeLib
SysAllocString
LoadTypeLib
SysFreeString
VarUI4FromStr
PathFindExtensionA
CharNextA
listen
WSAWaitForMultipleEvents
htonl
getsockname
WSACreateEvent
WSAResetEvent
closesocket
WSACloseEvent
send
WSACleanup
WSAStartup
select
socket
accept
WSAEventSelect
bind
WSASetEvent
htons
recv
WSAGetLastError
connect
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
PE exports
Number of PE resources by type
REGISTRY 2
TYPELIB 1
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 5
ExifTool file metadata
SubsystemVersion
4.0

FileDescription
Java(TM) Quick Starter binary

InitializedDataSize
36864

ImageVersion
0.0

ProductName
Java(TM) Platform SE 6 U13

FileVersionNumber
6.0.130.3

LanguageCode
Neutral

FileFlagsMask
0x003f

FullVersion
1.6.0_13-b03

CharacterSet
Unicode

LinkerVersion
7.1

OriginalFilename
JQSIEStartDetector.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.0.130.3

TimeStamp
2009:03:09 14:18:52+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
JQSIEStartDetector

FileAccessDate
2014:04:24 04:55:32+01:00

ProductVersion
6.0.130.3

UninitializedDataSize
0

OSVersion
4.0

FileCreateDate
2014:04:24 04:55:32+01:00

FileOS
Win32

LegalCopyright
Copyright 2004

MachineType
Intel 386 or later, and compatibles

CompanyName
Sun Microsystems, Inc.

CodeSize
32768

FileSubtype
0

ProductVersionNumber
6.0.130.3

EntryPoint
0x83c8

ObjectFileType
Dynamic link library

File identification
MD5 53f8b53918c839f76367b7e612b742b1
SHA1 8440aebacb244ca0b161a89d4d78a6bdf39648df
SHA256 ac93edd48050510aa400b3346a32e807aa00926782bcbba46629ced6c059d9b6
ssdeep
1536:AFGi2XSKMTDNWzW7dsduyAwHh0qHWD3rFg:HiqSfNWEdsduyjHhXHWD3rW

imphash 820267477cd10c583410189d99a222b9
File size 72.0 KB ( 73728 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DirectShow filter (55.3%)
Windows ActiveX control (31.9%)
Win32 Executable MS Visual C++ (generic) (8.5%)
Win32 Dynamic Link Library (generic) (1.8%)
Win32 Executable (generic) (1.2%)
Tags
pedll

VirusTotal metadata
First submission 2009-03-25 03:38:44 UTC ( 5 years, 1 month ago )
Last submission 2013-09-25 11:33:51 UTC ( 7 months ago )
File names 53F8B53918C839F76367B7E612B742B1
JQS_PLUGIN.DLL
jqs_plugin.dll
JQSIEStartDetector.dll
53f8b53918c839f76367b7e612b742b1
51B5E68F007E2D29200C01FA89A25F00A6E93EC5.dll
jqs_plugin.dll
XPGIGXLCLU3LGL6O
file-3792776_dll
jqs_plugin.dl_
JQSIEStartDetector
jqs_plugin.dll
8440aebacb244ca0b161a89d4d78a6bdf39648df
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!