QuiknowledgeClientIE.dll

Quiknowledge Client BHO x86

QUIKNOWLEDGE

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The module QuiknowledgeClientIE.dll by QUIKNOWLEDGE has been detected as adware by 16 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Quiknowledge’. This file is typically installed with the program Quiknowledge by InfoAtoms, Inc. which is a potentially unwanted software program.
Publisher:
QUIKNOWLEDGE  (signed and verified)

Product:
Quiknowledge Client BHO x86

Version:
1.9.0.3

MD5:
948a4fb0e51644c760f8846188c2e5a2

SHA-1:
47380fcd5d26dc44e682a512522bc7488f2248b2

SHA-256:
5be12e08433c5bcbfa17082ccac7636bac976748432e9039a26bd52827293c76

Scanner detections:
16 / 68

Status:
Adware

Analysis date:
12/25/2024 12:44:28 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.AdPage.A
858

Avira AntiVirus
TR/Trash.Gen
7.11.142.34

Bitdefender
Adware.AdPage.A
1.0.20.1360

Dr.Web
Trojan.Damaged.1
9.0.1.0272

Emsisoft Anti-Malware
Adware.AdPage
8.14.09.29.05

F-Secure
Adware.AdPage.A
11.2014-29-09_2

G Data
Adware.AdPage
14.9.24

Kaspersky
Packed.Win32.Krap
14.0.0.3176

Malwarebytes
PUP.Optional.Quiknowledge.A
v2014.05.10.04

MicroWorld eScan
Adware.AdPage.A
15.0.0.816

NANO AntiVirus
Trojan.Win32.Plugin.cumlto
0.28.0.59608

nProtect
Adware.AdPage.A
14.04.08.01

Reason Heuristics
PUP.QUIKNOWLEDGE.U
14.5.10.4

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10330

Trend Micro House Call
TROJ_GEN.F47V0422
7.2.130

VIPRE Antivirus
Backdoor.Win32.Bifrose.fsi
28148

File size:
144.1 KB (147,560 bytes)

Product version:
1.9.0.3

Copyright:
Copyright (C) 2014

Original file name:
QuiknowledgeClientIE.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\quiknowledge\ie\quiknowledgeclientie.dll

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
8/9/2013 5:08:06 AM

Valid to:
8/10/2014 5:08:06 AM

Subject:
E=support@quiknowledge.com, CN=QUIKNOWLEDGE, OU=QUIKNOWLEDGE, O=QUIKNOWLEDGE, L=La Jolla, S=CA, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121DF7C70666AA82F10CCD4461A39593E7F

Registration
CLSID:
{323C6E6D-1621-470F-8A52-4FDEC4E75E40}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
4/1/2014 12:59:18 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:OnU0vdCwclrxvl+7pvVvo5re1K4+MANhtImrR6etNNd:OU0vdCwGrxvl+7pvVv0OK4CpRd

Entry address:
0xE03E

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 3A, 43, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, F8, D8, 01, 10, E8, 43, 03, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 88, 0A, 02, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 70, 7A, 01, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.3225

Developed / compiled with:
Microsoft Visual C++

Code size:
83 KB (84,992 bytes)

Internet Explorer BHO
Display name:
Quiknowledge

CLSID:
{323C6E6D-1621-470F-8A52-4FDEC4E75E40}


The file QuiknowledgeClientIE.dll has been discovered within the following program.

Quiknowledge  by InfoAtoms, Inc.
Quiknowledge is a web browser extension that will integrate itself into Chrome, Firefox and Internet Explorer. This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.
www.quiknowledge.com
84% remove it
 
Powered by Should I Remove It?

Remove QuiknowledgeClientIE.dll - Powered by Reason Core Security