home

rlxg.dll

Relevant-Knowledge

TMRG Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The module rlxg.dll by TMRG has been detected as adware by 32 anti-malware scanners. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
TMRG, Inc.  (signed by TMRG Inc.)

Product:
Relevant-Knowledge

Version:
1, 3, 334, 2

MD5:
b36c3272816d1ec0ac35e2b3e92ae169

SHA-1:
91baf43a5d5905ae5c621e0dd515838834359582

SHA-256:
535d0bb2a11c951a0ca3bb31b80f71a8d2173acde723642963e9cba953bca9c4

Scanner detections:
32 / 68

Status:
Adware

Explanation:
Bundled via 3rd-party installers and monitors the user's behavior.

Analysis date:
4/23/2024 5:16:56 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.RelevantKnowledge.B
804

Agnitum Outpost
Adware.Relevant
7.1.1

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

avast!
Win32:Relevant-W [PUP]
2014.9-141123

AVG
Skodna.Generic_r
2015.0.3282

Baidu Antivirus
Adware.Win32.RK
4.0.3.141123

Bitdefender
Adware.RelevantKnowledge.B
1.0.20.1635

Bkav FE
W32.Clod8f1.Trojan
1.3.0.4959

Clam AntiVirus
Win.Adware.Relevantknowledge-24
0.98/21411

Comodo Security
ApplicUnwnt
20147

Emsisoft Anti-Malware
Adware.RelevantKnowledge
8.14.11.23.08

ESET NOD32
Win32/Adware.RK.AM (variant)
8.10758

Fortinet FortiGate
Riskware/RK
11/23/2014

F-Prot
W32/Relevant.B.gen
v6.4.7.1.166

F-Secure
Adware.RelevantKnowledge.B
11.2014-23-11_1

G Data
Adware.RelevantKnowledge
14.11.24

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.6.1.0

K7 AntiVirus
Adware
13.185.14085

Malwarebytes
PUP.Optional.RelevantKnowledge
v2014.11.23.08

McAfee
Artemis!EABF50A02DF9
5600.6938

MicroWorld eScan
Adware.RelevantKnowledge.B
15.0.0.981

NANO AntiVirus
Trojan.Win32.RK.crhqpp
0.28.6.63474

nProtect
Adware.RelevantKnowledge.B
14.11.20.01

Panda Antivirus
Trj/Chgt.B
14.11.23.08

Reason Heuristics
PUP.TMRG.E
14.11.23.8

Rising Antivirus
PE:Trojan.Win32.Generic.17608F27!392204071
23.00.65.141121

Sophos
Generic PUA JB
4.98

SUPERAntiSpyware
PUP.RelevantKnowledge
10220

Trend Micro House Call
TROJ_GEN.F47V1126
7.2.327

VIPRE Antivirus
Marketscore.RelevantKnowledge
34984

ViRobot
Adware.Agent.223512
2011.4.7.4223

Zillya! Antivirus
Adware.RK.Win32.221
2.0.0.1988

File size:
218.3 KB (223,512 bytes)

Product version:
1, 3, 334, 2

Copyright:
Copyright (C) 2001-2008

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\rlxg.dll

Digital Signature
Signed by:
TMRG Inc.

Authority:
VeriSign, Inc.

Valid from:
12/1/2013 6:00:00 PM

Valid to:
1/31/2016 5:59:59 PM

Subject:
CN=TMRG Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TMRG Inc., L=Reston, S=Virginia, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
51FEA1E74EDC6FFFF4BD5F65BD540362

File PE Metadata
Compilation timestamp:
3/22/2012 3:48:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:XeBsmvaugQ4GzGCn4WN6qS+/v7R1ORYXBLU4+mx5tfQ3J1ABw:YBgQ4Gd4M6A/TcclU4RQMBw

Entry address:
0x10254

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 5D, 90, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9...
 
[+]

Entropy:
6.3645

Code size:
144 KB (147,456 bytes)

Remove rlxg.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.