home

rlls64.dll

Relevant-Knowledge

TMRG, Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The module rlls64.dll by TMRG has been detected as adware by 18 anti-malware scanners. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
TMRG, Inc.  (signed by TMRG, Inc.)

Product:
Relevant-Knowledge

Version:
1.0.4.1 (Build 4.1)

MD5:
dd8985503508b68f986e2e3187799640

SHA-1:
4c3f785bde910f7adda0b283dd9e86146f0fb7ab

Scanner detections:
18 / 68

Status:
Adware

Analysis date:
4/19/2024 2:32:18 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Relevant-W [PUP]
2014.9-160215

AVG
RelevantKnowledge
2017.0.2833

Bkav FE
W32.Clod2a8.Trojan
1.3.0.4613

Comodo Security
UnclassifiedMalware
12967

Dr.Web
Adware.Relevant.84
9.0.1.046

Emsisoft Anti-Malware
Adware.Win32.AMN!A2
8.16.02.15.08

ESET NOD32
Win32/AdWare.RK.AR (variant)
10.9888

F-Prot
W64/Relevant.A.gen
v6.4.6.5.141

K7 AntiVirus
Adware
13.153.7745

Malwarebytes
PUP.Adware.RelevantKnowledge
v2016.02.15.08

McAfee
Artemis!B1018629DE94
5600.6489

Norman
RelevantKnowledge.ATV
11.20160215

Reason Heuristics
PUP.TMRG (M)
16.2.15.8

Rising Antivirus
PE:PUF.Injector!1.9F0F
23.00.65.16213

Sophos
RelevantKnowledge
4.98

SUPERAntiSpyware
PUP.RelevantKnowledge
9322

Trend Micro House Call
TROJ_GEN.RCBH1J1
7.2.46

VIPRE Antivirus
Adware.Win32.RelevantKnowledge.a
13652

File size:
726 KB (743,440 bytes)

Product version:
1.0.4.1 (Build 4.1)

Copyright:
Copyright © 2001-2004

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\relevantknowledge\rlls64.dll

Digital Signature
Signed by:
TMRG, Inc.

Authority:
Thawte, Inc.

Valid from:
7/21/2011 2:00:00 AM

Valid to:
1/12/2013 12:59:59 AM

Subject:
CN="TMRG, Inc.", O="TMRG, Inc.", L=Reston, S=Virginia, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3E610C00C4D725B9689279CC88EEA594

File PE Metadata
Compilation timestamp:
9/21/2011 4:42:17 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:EwN6jUD5kAcNUBfMrPOpfu7U9JAVg8sMKsgniKoEEK37fI1:EwN6jUlkAcNUZMrPO/6VgfMKsgn7L3rG

Entry address:
0x6265C

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, DB, 8A, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, AB, FE, FF, FF, CC, CC, CC, 40, 53, 48, 83, EC, 20, 45, 8B, 18, 48, 8B, DA, 4C, 8B, C9, 41, 83, E3, F8, 41, F6, 00, 04, 4C, 8B, D1, 74, 13, 41, 8B, 40, 08, 4D, 63, 50, 04, F7, D8, 4C, 03, D1, 48, 63, C8, 4C, 23, D1, 49, 63, C3, 4A, 8B, 14, 10, 48, 8B, 43, 10, 8B, 48, 08, 48, 03, 4B...
 
[+]

Code size:
508.5 KB (520,704 bytes)

Remove rlls64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.