home

rlph.dll

RelevantKnowledge

TMRG, Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The module rlph.dll by TMRG has been detected as adware by 28 anti-malware scanners. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
TMRG, Inc.  (signed and verified)

Product:
RelevantKnowledge

Version:
1.0.1.6

MD5:
37d568c326d28036499b70686ac84aee

SHA-1:
80bbc0b880efb351c1e897f7cfda9f4e4220685f

Scanner detections:
28 / 68

Status:
Adware

Analysis date:
4/27/2024 3:30:41 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Adware.Heur.Wu9@R8lXQdli
369

Avira AntiVirus
TR/Spy.799360
7.11.215.236

avast!
Win32:Relevant-G [PUP]
2014.9-160201

AVG
RelevantKnowledge
2017.0.2847

Baidu Antivirus
Adware.Win32.RK
4.0.3.1621

Bitdefender
Gen:Adware.Heur.Wu9@R8lXQdli
1.0.20.160

Comodo Security
UnclassifiedMalware
18315

Dr.Web
Adware.Relevant.69
9.0.1.032

Emsisoft Anti-Malware
Gen:Adware.Heur.Wu9@R8lXQdli
8.16.02.01.01

Fortinet FortiGate
Riskware/OSS
2/1/2016

F-Secure
Gen:Adware.Heur.Wu9@R8lXQdli
11.2016-01-02_2

G Data
Gen:Adware.Heur.Wu9@R8lXQdli
16.2.25

IKARUS anti.virus
Gen.AdWare
t3scan.1.8.6.0

Malwarebytes
PUP.Optional.RelevantKnowledge
v2016.02.01.01

McAfee
Artemis!4889E6FBA2CB
5600.6503

MicroWorld eScan
Gen:Adware.Heur.Wu9@R8lXQdli
17.0.0.96

NANO AntiVirus
Riskware.Win32.Relevant.cxdfkd
0.30.0.296

Norman
RelevantKnowledge.A
11.20160201

Qihoo 360 Security
Win32/Trojan.Spy.a62
1.0.0.1015

Reason Heuristics
PUP.TMRG (M)
16.2.1.1

Rising Antivirus
PE:Trojan.Win32.Generic.12465632!306599474
23.00.65.16130

Sophos
Generic Proxy-OSS Application
4.98

SUPERAntiSpyware
Spyware.RelevantKnowledge
9351

Trend Micro House Call
ADW_RELEVANT
7.2.32

Trend Micro
ADW_RELEVANT
10.465.01

Vba32 AntiVirus
Signed-AdWare.Win32.Relevant
3.12.26.3

VIPRE Antivirus
Adware.Win32.RelevantKnowledge.a
38314

ViRobot
Adware.Relevant.717440[h]
2014.3.20.0

File size:
780.6 KB (799,360 bytes)

Product version:
1.0.1.6

Copyright:
Copyright (C) 2007-2009

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\relevantknowledge\rlph.dll

Digital Signature
Signed by:
TMRG, Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
9/1/2009 7:00:00 PM

Valid to:
9/27/2011 6:59:59 PM

Subject:
CN="TMRG, Inc.", OU=SECURE APPLICATION DEVELOPMENT, O="TMRG, Inc.", L=Reston, S=Virginia, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
0C22D897C820001A2C4C01D3AEBB98E8

File PE Metadata
Compilation timestamp:
5/12/2010 10:54:34 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:9JJlVVy+vLvqjhs0Hi7mukXHnsDHAN1o7h7AcfE/Fe6N7Ex:XXVVyLjqPNDfE9xEx

Entry address:
0x58CFC

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 5D, E0, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, 8B, 44, 24, 04, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 60, B4, FF, FF, 59, C3, 55, 8B, EC, 83, EC, 14, A1, DC, 3D, 0B, 10, 33, C5, 89, 45, FC, 53, 56, 33, DB, 39, 1D, 2C, 5B, 0B, 10, 57, 8B, F1, 75, 38, 53, 53, 33, FF, 47, 57, 68, 9C, 3A, 08, 10, 68, 00, 01, 00, 00, 53, FF, 15, 88, 70, 07, 10, 85, C0, 74, 08, 89, 3D, 2C, 5B, 0B, 10, EB, 15, FF, 15...
 
[+]

Entropy:
6.3985

Code size:
472 KB (483,328 bytes)

Remove rlph.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.