QuiknowledgeClientIE.dll

Quiknowledge Client BHO x86

QUIKNOWLEDGE

The module QuiknowledgeClientIE.dll by QUIKNOWLEDGE has been detected as adware by 13 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Quiknowledge’. This file is typically installed with the program Quiknowledge by InfoAtoms, Inc. which is a potentially unwanted software program.
Publisher:
QUIKNOWLEDGE  (signed and verified)

Product:
Quiknowledge Client BHO x86

Version:
1.9.0.1

MD5:
e9c263e2175fa66b6bba0721866668ff

SHA-1:
04e46ba60ac25be021b09ea867ca74312fb36db6

SHA-256:
66bf0c8e7ab5f5218b3041f122f77a828b1f792e37d178c72ba49e8d45ed5fa9

Scanner detections:
13 / 68

Status:
Adware

Analysis date:
3/2/2014 2:48:41 PM UTC  (eight months ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.AdPage.A
858

Avira AntiVirus
TR/Trash.Gen
7.11.142.34

Bitdefender
Adware.AdPage.A
1.0.20.1360

Dr.Web
Trojan.Damaged.1
9.0.1.0272

Emsisoft Anti-Malware
Android.Trojan.Agent.XFH
8.14.02.17.08

F-Secure
Adware.AdPage.A
11.2014-29-09_2

G Data
Adware.AdPage
14.9.24

Kaspersky
Packed.Win32.Krap
14.0.0.3176

MicroWorld eScan
Adware.AdPage.A
15.0.0.816

nProtect
Adware.AdPage.A
14.04.08.01

Reason Heuristics
PUP.BHO.QUIKNOWLEDGE.U
14.3.2.9

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10330

VIPRE Antivirus
Backdoor.Win32.Bifrose.fsi
28148

File size:
144.1 KB (147,560 bytes)

Product version:
1.9.0.1

Copyright:
Copyright (C) 2014

Original file name:
QuiknowledgeClientIE.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\quiknowledge\ie\quiknowledgeclientie.dll

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
8/9/2013 7:08:06 AM

Valid to:
8/10/2014 7:08:06 AM

Subject:
E=support@quiknowledge.com, CN=QUIKNOWLEDGE, OU=QUIKNOWLEDGE, O=QUIKNOWLEDGE, L=La Jolla, S=CA, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121DF7C70666AA82F10CCD4461A39593E7F

Registration
CLSID:
{323C6E6D-1621-470F-8A52-4FDEC4E75E40}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
2/5/2014 6:12:49 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:ZnU0vdCwclrxvl+7pvVvo5rh1K4+MAHhtMmrR6MjNN4:ZU0vdCwGrxvl+7pvVv0/K4MdB4

Entry address:
0xE03E

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 3A, 43, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, F8, D8, 01, 10, E8, 43, 03, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 88, 0A, 02, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 70, 7A, 01, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.3227

Code size:
83 KB (84,992 bytes)

Internet Explorer BHO
Display name:
Quiknowledge

CLSID:
{323C6E6D-1621-470F-8A52-4FDEC4E75E40}


The file QuiknowledgeClientIE.dll has been discovered within the following program.

Quiknowledge  by InfoAtoms, Inc.
Quiknowledge is a web browser extension that will integrate itself into Chrome, Firefox and Internet Explorer. This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.
www.quiknowledge.com
84% remove it
 
Powered by Should I Remove It?

16 / 68    (Adware)
QuiknowledgeClientIE.dll  1.9.0.3  (47380fcd5d26dc44e682a512522bc7488f2248b2)

2 / 68      (Adware)
quiknowledge-setup-1.9.0.1.exe  (1eedd1043b2d40f193768aeaa38ac5ebe861af89)

1 / 68      (Adware)
qksvc.exe  (d23c233ac085785e81c5077217118c58a1a8817c)

1 / 68      (Adware)
qknfd.sys  (90b7af4fc5dfdf34aa79cf60a169b7ee8e5b7d42)

15 / 68    (Adware)
quiknowledge-setup-1.9.0.3.exe  (6a381f6d246a85fc310ba96e0741a33b14eca3c4)

Detection Incidence by Country