× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ac93edd48050510aa400b3346a32e807aa00926782bcbba46629ced6c059d9b6
File name: jqs_plugin.dll
Detection ratio: 0 / 42
Analysis date: 2010-04-01 04:34:48 UTC ( 5 years, 2 months ago ) View latest
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
AVG 20100331
AhnLab-V3 20100331
AntiVir 20100331
Antiy-AVL 20100331
Authentium 20100401
Avast 20100331
Avast5 20100331
BitDefender 20100401
CAT-QuickHeal 20100331
ClamAV 20100401
Comodo 20100401
DrWeb 20100401
F-Prot 20100401
F-Secure 20100401
Fortinet 20100330
GData 20100401
Ikarus 20100401
Jiangmin 20100331
K7AntiVirus 20100322
Kaspersky 20100401
McAfee 20100331
McAfee+Artemis 20100331
McAfee-GW-Edition 20100331
Microsoft 20100331
NOD32 20100331
Norman 20100331
PCTools 20100401
Panda 20100331
Prevx 20100401
Rising 20100401
Sophos 20100401
Sunbelt 20100401
Symantec 20100401
TheHacker 20100331
TrendMicro 20100331
VBA32 20100331
ViRobot 20100331
VirusBuster 20100331
a-squared 20100401
eSafe 20100331
eTrust-Vet 20100331
nProtect 20100331
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Developer metadata
Copyright
Copyright © 2004

Publisher Sun Microsystems, Inc.
Product Java(TM) Platform SE 6 U13
Original name JQSIEStartDetector.dll
Internal name JQSIEStartDetector
File version 6.0.130.3
Description Java(TM) Quick Starter binary
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-03-09 13:18:52
Link date 2:18 PM 3/9/2009
Entry Point 0x000083C8
Number of sections 5
PE sections
PE imports
GetTokenInformation
RegDeleteKeyA
ReportEventA
RegCloseKey
OpenProcessToken
DeregisterEventSource
FreeSid
AllocateAndInitializeSid
OpenThreadToken
RegSetValueExA
RegisterEventSourceA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
EqualSid
RegEnumKeyExA
RegQueryInfoKeyA
GetLastError
EnterCriticalSection
GetSystemInfo
lstrlenA
lstrcmpiA
WaitForSingleObject
FreeLibrary
QueryPerformanceCounter
GetTickCount
DisableThreadLibraryCalls
GetVersionExA
LoadLibraryA
lstrlenW
DeleteCriticalSection
GetCurrentProcess
LoadLibraryExA
SizeofResource
GetThreadLocale
GetLocaleInfoA
GetCurrentProcessId
lstrcatA
IsDBCSLeadByte
SetErrorMode
MultiByteToWideChar
GetLogicalDrives
GetProcAddress
GetCurrentThread
GetLongPathNameA
RaiseException
WideCharToMultiByte
GetModuleHandleA
InterlockedExchange
lstrcpyA
InterlockedIncrement
CloseHandle
GetSystemTimeAsFileTime
lstrcpynA
GetACP
GetFullPathNameA
QueryDosDeviceA
GetModuleFileNameA
InitializeCriticalSection
LoadResource
InterlockedDecrement
CreateFileA
ExitProcess
GetCurrentThreadId
FindResourceA
LeaveCriticalSection
_purecall
malloc
??0exception@@QAE@ABV0@@Z
setlocale
realloc
memset
fclose
__dllonexit
_CxxThrowException
fprintf
fgets
fflush
fopen
_endthreadex
_except_handler3
?terminate@@YAXXZ
_errno
??2@YAPAXI@Z
_onexit
exit
??_V@YAXPAX@Z
??1type_info@@UAE@XZ
_resetstkoflw
_adjust_fdiv
localtime
__CxxFrameHandler
??_U@YAPAXI@Z
tolower
??1exception@@UAE@XZ
wcsncpy
__CppXcptFilter
??3@YAXPAX@Z
free
__security_error_handler
_vsnprintf
memmove
strerror
_beginthreadex
memchr
??0exception@@QAE@XZ
time
_strnicmp
_initterm
strftime
_iob
LoadRegTypeLib
SysStringLen
UnRegisterTypeLib
RegisterTypeLib
SysAllocString
LoadTypeLib
SysFreeString
VarUI4FromStr
PathFindExtensionA
CharNextA
listen
WSAWaitForMultipleEvents
htonl
getsockname
WSACreateEvent
WSAResetEvent
closesocket
WSACloseEvent
send
WSACleanup
WSAStartup
select
socket
accept
WSAEventSelect
bind
WSASetEvent
htons
recv
WSAGetLastError
connect
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
PE exports
Number of PE resources by type
REGISTRY 2
TYPELIB 1
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 5
ExifTool file metadata
SubsystemVersion
4.0

FileDescription
Java(TM) Quick Starter binary

InitializedDataSize
36864

ImageVersion
0.0

ProductName
Java(TM) Platform SE 6 U13

FileVersionNumber
6.0.130.3

LanguageCode
Neutral

FileFlagsMask
0x003f

FullVersion
1.6.0_13-b03

CharacterSet
Unicode

LinkerVersion
7.1

OriginalFilename
JQSIEStartDetector.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.0.130.3

TimeStamp
2009:03:09 14:18:52+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
JQSIEStartDetector

FileAccessDate
2014:11:27 17:39:13+01:00

ProductVersion
6.0.130.3

UninitializedDataSize
0

OSVersion
4.0

FileCreateDate
2014:11:27 17:39:13+01:00

FileOS
Win32

LegalCopyright
Copyright 2004

MachineType
Intel 386 or later, and compatibles

CompanyName
Sun Microsystems, Inc.

CodeSize
32768

FileSubtype
0

ProductVersionNumber
6.0.130.3

EntryPoint
0x83c8

ObjectFileType
Dynamic link library

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Compressed bundles
File identification
MD5 53f8b53918c839f76367b7e612b742b1
SHA1 8440aebacb244ca0b161a89d4d78a6bdf39648df
SHA256 ac93edd48050510aa400b3346a32e807aa00926782bcbba46629ced6c059d9b6
ssdeep
1536:AFGi2XSKMTDNWzW7dsduyAwHh0qHWD3rFg:HiqSfNWEdsduyjHhXHWD3rW

authentihash c2e413db29bb0675b0092daecaf1792a7f76031d1ec07aad9d7ca1e71c2de131
imphash 820267477cd10c583410189d99a222b9
File size 72.0 KB ( 73728 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DirectShow filter (55.3%)
Windows ActiveX control (31.9%)
Win32 Executable MS Visual C++ (generic) (8.5%)
Win32 Dynamic Link Library (generic) (1.8%)
Win32 Executable (generic) (1.2%)
Tags
pedll

VirusTotal metadata
First submission 2009-03-25 03:38:44 UTC ( 6 years, 2 months ago )
Last submission 2014-06-21 17:55:01 UTC ( 11 months, 2 weeks ago )
File names 030220150025064537_jqs_plugin.dll
sbs_ve_ambr_20150411134151.772_ 1394
53f8b53918c839f76367b7e612b742b1
sbs_ve_ambr_20150116091521.933_ 1391
sbs_ve_ambr_20141116085628.554_ 1376
sbs_ve_ambr_20150212020530.875_ 123
i4j779207943998051174.tmp
i4j6739920491087615630.tmp
121620140832432383_jqs_plugin.dll
jqs_plugin.dl_
sbs_ve_ambr_20150212110754.589_ 225
sbs_ve_ambr_20150407133128.268_ 1392
sbs_ve_ambr_20150116091528.641_ 2043
sbs_ve_ambr_20150124092930.620_ 2062
sbs_ve_ambr_20150202120211.167_ 1380
jqs_plugin.dll
sbs_ve_ambr_20150209120304.253_ 72
8440aebacb244ca0b161a89d4d78a6bdf39648df
jqs_plugin.dll
sbs_ve_ambr_20150429200139.947_ 133
51B5E68F007E2D29200C01FA89A25F00A6E93EC5.dll
XPGIGXLCLU3LGL6O
sbs_ve_ambr_20150108085845.731_ 2043
JQSIEStartDetector
53F8B53918C839F76367B7E612B742B1
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!