home

rlxk.dll

Relevant-Knowledge

TMRG, Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The module rlxk.dll by TMRG has been detected as adware by 15 anti-malware scanners. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
TMRG, Inc.  (signed by TMRG, Inc.)

Product:
Relevant-Knowledge

Version:
1, 3, 331, 1

MD5:
e9ec9f3248b85d556ac2303809d5ef22

SHA-1:
27c64d4c36cc51c6e7589faa73438698cb9bbe7c

Scanner detections:
15 / 68

Status:
Adware

Analysis date:
4/26/2024 3:34:27 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Trojan/Win32.ADH
2012.04.03

avast!
Win32:PUP-gen [PUP]
2014.9-160213

AVG
RelevantKnowledge
2017.0.2835

Baidu Antivirus
Adware.Win32.RK
4.0.3.16213

Clam AntiVirus
PUA.RelevantKnowledge-1
0.98/18155

Comodo Security
UnclassifiedMalware
20252

ESET NOD32
Win32/Adware.RK.AT application
10.7.0.302.0

F-Prot
W32/Relevant.B.gen
v6.4.6.5.141

K7 AntiVirus
Adware
13.186.14198

Malwarebytes
PUP.Optional.RelevantKnowledge
v2016.02.13.02

Norman
RelevantKnowledge.A
11.20160213

nProtect
Trojan/W32.Agent.160784.B
14.12.01.01

Reason Heuristics
PUP.TMRG (M)
16.2.13.2

SUPERAntiSpyware
PUP.RelevantKnowledge
9327

VIPRE Antivirus
Adware.Win32.RelevantKnowledge.a
11743

File size:
157 KB (160,784 bytes)

Product version:
1, 3, 331, 1

Copyright:
Copyright (C) 2011

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\relevantknowledge\components\rlxk.dll

Digital Signature
Signed by:
TMRG, Inc.

Authority:
Thawte, Inc.

Valid from:
7/21/2011 7:00:00 AM

Valid to:
1/12/2013 6:59:59 AM

Subject:
CN="TMRG, Inc.", O="TMRG, Inc.", L=Reston, S=Virginia, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3E610C00C4D725B9689279CC88EEA594

File PE Metadata
Compilation timestamp:
9/29/2011 9:56:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:+leHiDCIrR09cT11/FBxpLTOWtPG0M3LfSQ:+tCIrRbHPOY4bd

Entry address:
0xCB94

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, B0, 50, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9...
 
[+]

Entropy:
6.1767

Code size:
100 KB (102,400 bytes)

Remove rlxk.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.