Home Malware Programs Adware Adware.Quiknowledge

Adware.Quiknowledge

Posted: February 18, 2014

Threat Metric

Ranking: 9,630
Threat Level: 2/10
Infected PCs: 42,338
First Seen: February 18, 2014
Last Seen: September 13, 2023
OS(es) Affected: Windows


Quiknowledge is adware that may show annoying pop-up ads and messages in a Web browser related to the computer user's browsing activity when the PC user is visiting a variety of possibly suspicious websites. The Quiknowledge advertisements and messages may signify that the computer system is affected by adware or a potentially unwanted application. Quiknowledge may be distributed and install itself onto the computer system packaged with numerous freeware, which computer users can download and install from the Internet. Freeware may often include numerous other programs, which may be unnecessary for the computer user. Therefore, when the PC user installs any free application, he should carefully follow what he is going to install together with the desired tool that he has selected. Once installed, the Quiknowledge may highlight words on the websites that are visited by computer users replacing them with hyperlinks. The Quiknowledge links may be embedded within the text, and may come with a double underline to make them different from common links.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



C:\Program Files (x86)\Quiknowledge\Service\qksvc.exe File name: qksvc.exe
Size: 273 KB (273000 bytes)
MD5: 08b702d44fce09ef0de391b2dfab4f2f
Detection count: 12,509
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\Quiknowledge\Service\qksvc.exe
Group: Malware file
Last Updated: February 24, 2023
%SYSTEMDRIVE%\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP977\A1233664.exe File name: A1233664.exe
Size: 273 KB (273000 bytes)
MD5: 1039a5d44d065220c79b7aa1d6da48e0
Detection count: 10,949
File type: Executable File
Mime Type: unknown/exe
Path: %SYSTEMDRIVE%\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP977\A1233664.exe
Group: Malware file
Last Updated: December 13, 2022
%WINDIR%\System32\drivers\qknfd.sys File name: qknfd.sys
Size: 58.25 KB (58256 bytes)
MD5: b2adf96776be79671832b74883280dc1
Detection count: 8,757
File type: System file
Mime Type: unknown/sys
Path: %WINDIR%\System32\drivers\qknfd.sys
Group: Malware file
Last Updated: September 27, 2022
C:\Program Files (x86)\Quiknowledge\IE\QuiknowledgeClientIE.dll File name: QuiknowledgeClientIE.dll
Size: 147.56 KB (147560 bytes)
MD5: 948a4fb0e51644c760f8846188c2e5a2
Detection count: 1,213
File type: Dynamic link library
Mime Type: unknown/dll
Path: C:\Program Files (x86)\Quiknowledge\IE\QuiknowledgeClientIE.dll
Group: Malware file
Last Updated: August 11, 2022
C:\Program Files\Quiknowledge\IE\QuiknowledgeClientIE.dll File name: QuiknowledgeClientIE.dll
Size: 180.84 KB (180840 bytes)
MD5: a2adf897fa36536427583d050f13026a
Detection count: 782
File type: Dynamic link library
Mime Type: unknown/dll
Path: C:\Program Files\Quiknowledge\IE\QuiknowledgeClientIE.dll
Group: Malware file
Last Updated: August 11, 2022
C:\Users\<username>\Desktop\Logs\backups\backup-20140313-122136-517.dll File name: backup-20140313-122136-517.dll
Size: 147.56 KB (147560 bytes)
MD5: e9c263e2175fa66b6bba0721866668ff
Detection count: 42
File type: Dynamic link library
Mime Type: unknown/dll
Path: C:\Users\<username>\Desktop\Logs\backups\backup-20140313-122136-517.dll
Group: Malware file
Last Updated: December 13, 2022
c:\windows\system32\drivers\qknfd.sys File name: qknfd.sys
Size: 58.25 KB (58256 bytes)
MD5: f8ebfbf971c1ea7c81b1069b7c548551
Detection count: 28
File type: System file
Mime Type: unknown/sys
Path: c:\windows\system32\drivers\qknfd.sys
Group: Malware file
Last Updated: November 14, 2021

Registry Modifications

The following newly produced Registry Values are:

CLSID{323C6E6D-1621-470F-8A52-4FDEC4E75E40}{CE4B58AF-E4FD-4C27-8627-AE9324C11F3F}{F213853A-D221-4C97-8A4B-7E0AC63F31A1}Regexp file mask%WinDir%\System32\drivers\qknfd.sysHKEY..\..\..\..{RegistryKeys}Software\Microsoft\Internet Explorer\Approved Extensions\{323C6E6D-1621-470F-8A52-4FDEC4E75E40}SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{323C6E6D-1621-470F-8A52-4FDEC4E75E40}SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{323C6E6D-1621-470F-8A52-4FDEC4E75E40}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{323C6E6D-1621-470F-8A52-4FDEC4E75E40}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{323C6E6D-1621-470F-8A52-4FDEC4E75E40}SOFTWARE\QuiknowledgeSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{323C6E6D-1621-470F-8A52-4FDEC4E75E40}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{323C6E6D-1621-470F-8A52-4FDEC4E75E40}SOFTWARE\Wow6432Node\QuiknowledgeSYSTEM\ControlSet001\Enum\Root\LEGACY_QKNFDSYSTEM\ControlSet001\services\qknfdSYSTEM\ControlSet001\services\qksvcSYSTEM\ControlSet002\Enum\Root\LEGACY_QKNFDSYSTEM\ControlSet002\services\qknfdSYSTEM\ControlSet002\services\qksvcSYSTEM\CurrentControlSet\Enum\Root\LEGACY_QKNFDSYSTEM\CurrentControlSet\services\qknfdSYSTEM\CurrentControlSet\services\qksvcHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Quiknowledge

Additional Information

The following directories were created:
%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\dfgikfbdnbkcddjkkcfjchpbgoeiecaj%PROGRAMFILES%\Quiknowledge%PROGRAMFILES(X86)%\Quiknowledge
The following URL's were detected:
Quiknowledge
Loading...