home

rlph.dll

RelevantKnowledge

TMRG, Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The module rlph.dll by TMRG has been detected as adware by 28 anti-malware scanners. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
TMRG, Inc.  (signed and verified)

Product:
RelevantKnowledge

Version:
1.0.1.7

MD5:
e6b3a4156cf20a0bd4ab08559e791472

SHA-1:
0ab7ac57fb745bc1a070bcb76d98bb7eda87af2d

SHA-256:
e5561c7b1b8086aa5352108c1fd81a5864bb9bfda36c2a5813e2dab7272b0746

Scanner detections:
28 / 68

Status:
Adware

Analysis date:
4/23/2024 2:58:41 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Adware.Heur.Wu9@R8lXQdli
362

Avira AntiVirus
TR/Spy.799360
7.11.215.236

avast!
Win32:Relevant-G [PUP]
2014.9-160207

AVG
RelevantKnowledge
2017.0.2840

Baidu Antivirus
Adware.Win32.RK
4.0.3.1627

Bitdefender
Gen:Adware.Heur.Wu9@R8lXQdli
1.0.20.190

Comodo Security
UnclassifiedMalware
18315

Dr.Web
Adware.Relevant.69
9.0.1.038

Emsisoft Anti-Malware
Gen:Adware.Heur.Wu9@R8lXQdli
8.16.02.07.01

Fortinet FortiGate
Riskware/OSS
2/7/2016

F-Secure
Gen:Adware.Heur.Wu9@R8lXQdli
11.2016-07-02_1

G Data
Gen:Adware.Heur.Wu9@R8lXQdli
16.2.25

IKARUS anti.virus
Gen.AdWare
t3scan.1.8.6.0

Malwarebytes
PUP.Optional.RelevantKnowledge
v2016.02.07.01

McAfee
Artemis!4889E6FBA2CB
5600.6496

MicroWorld eScan
Gen:Adware.Heur.Wu9@R8lXQdli
17.0.0.114

NANO AntiVirus
Riskware.Win32.Relevant.cxdfkd
0.30.0.296

Norman
RelevantKnowledge.A
11.20160207

Qihoo 360 Security
Win32/Trojan.Spy.a62
1.0.0.1015

Reason Heuristics
PUP.TMRG (M)
16.2.7.13

Rising Antivirus
PE:Trojan.Win32.Generic.12465632!306599474
23.00.65.16205

Sophos
Generic Proxy-OSS Application
4.98

SUPERAntiSpyware
Spyware.RelevantKnowledge
9338

Trend Micro House Call
ADW_RELEVANT
7.2.38

Trend Micro
ADW_RELEVANT
10.465.07

Vba32 AntiVirus
Signed-AdWare.Win32.Relevant
3.12.26.3

VIPRE Antivirus
Adware.Win32.RelevantKnowledge.a
38314

ViRobot
Adware.Relevant.717440[h]
2014.3.20.0

File size:
796.6 KB (815,744 bytes)

Product version:
1.0.1.7

Copyright:
Copyright (C) 2007-2011

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\relevantknowledge\rlph.dll

Digital Signature
Signed by:
TMRG, Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
9/1/2009 7:00:00 PM

Valid to:
9/27/2011 6:59:59 PM

Subject:
CN="TMRG, Inc.", OU=SECURE APPLICATION DEVELOPMENT, O="TMRG, Inc.", L=Reston, S=Virginia, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
0C22D897C820001A2C4C01D3AEBB98E8

File PE Metadata
Compilation timestamp:
1/6/2011 3:40:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:OgVl+l09hdq7uQcuoVlFyOcIetOWHD6/rEdy0t:1Vl+l0vd2oAPIetFq0t

Entry address:
0x5BF6C

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 4D, E0, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, 8B, 44, 24, 04, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 36, B8, FF, FF, 59, C3, 55, 8B, EC, 83, EC, 14, A1, C0, 6D, 0B, 10, 33, C5, 89, 45, FC, 53, 56, 33, DB, 39, 1D, 2C, 8B, 0B, 10, 57, 8B, F1, 75, 38, 53, 53, 33, FF, 47, 57, 68, CC, 6C, 08, 10, 68, 00, 01, 00, 00, 53, FF, 15, 8C, A0, 07, 10, 85, C0, 74, 08, 89, 3D, 2C, 8B, 0B, 10, EB, 15, FF, 15...
 
[+]

Entropy:
6.4251

Code size:
484 KB (495,616 bytes)

Remove rlph.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.