home

Qwiklinx.dll

Qwiklinx

Quiklinx, Inc

The module Qwiklinx.dll by Quiklinx, Inc has been detected as adware by 3 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Qwiklinx’. The file has been seen being downloaded from download.qwiklinx.net.
Publisher:
Qwiklinx, Inc.  (signed by Quiklinx, Inc)

Product:
Qwiklinx

Version:
1.5.0.1754

MD5:
7162af58a279f4759a82edd16dfbcec9

SHA-1:
f21a71437d7a5a35b965be24c60ffc32919e641a

SHA-256:
ed14c707cb4f5d744b6c6e7bea10f4c3cb52a968471cd3c87b7dd98c217766be

Scanner detections:
3 / 68

Status:
Adware

Analysis date:
12/26/2024 5:38:23 AM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.BHO.Quiklinx
188838

Reason Heuristics
PUP.Quiklinx.Qwiklinx (M)
16.2.4.0

VIPRE Antivirus
Quiklinx
24466

File size:
1.9 MB (1,977,256 bytes)

Product version:
1.5.0.1754

Copyright:
2011 (c) Qwiklinx, Inc. All rights reserved.

Original file name:
Qwiklinx.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\qwiklinx\qwiklinx.dll

Digital Signature
Signed by:
Quiklinx, Inc

Authority:
Thawte, Inc.

Valid from:
12/21/2011 4:00:00 PM

Valid to:
12/21/2013 3:59:59 PM

Subject:
CN="Quiklinx, Inc", O="Quiklinx, Inc", L=Waltham, S=Massachusetts, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
0B1D774C76A82461AAEA3BBB3E52D63A

Registration
CLSID:
{3E7C8B5A-96AB-438F-BF9B-782400655440}

ProgID:
QwiklinxBHO.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
3/15/2013 12:00:02 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:GEsyJNZXw73J9FFrDOO9n4lmA4tLfZEpfK91kx7mTJnffmug7LCWJope/MRlV9:RNZXqJZrD59n4lmA4tLfCFK91kyffmu7

Entry address:
0x12E71D

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 13, 1C, 01, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 5C, 99, 1B, 10, 00, 75, 18, E8, E3, 10, 01, 00, 6A, 1E, E8, 2D, 0F, 01, 00, 68, FF, 00, 00, 00, E8, 07, 32, 00, 00, 59, 59, 85, DB, 74, 04, 8B, C3, EB, 03, 33, C0, 40, 50, 6A, 00, FF, 35, 5C, 99, 1B, 10, FF, 15, A0, E4, 15, 10, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5E, 39, 05, D4, A2, 1B, 10, 74, 0D, 53...
 
[+]

Entropy:
6.5416

Code size:
1.4 MB (1,429,504 bytes)

Internet Explorer BHO
Display name:
Qwiklinx

CLSID:
{3E7C8B5A-96AB-438F-BF9B-782400655440}


The file Qwiklinx.dll has been seen being distributed by the following URL.

http://download.qwiklinx.net/.../Qwiklinx_v1_5.dll

Remove Qwiklinx.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.