» rkverify.exe
Overview
Analysis
File Details
Programs (1)
Downloads (1)

rkverify.exe

rkverify

TMRG, Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The application rkverify.exe by TMRG has been detected as adware by 23 anti-malware scanners. This is a setup program which is used to install the application. This file is typically installed with the program Open Downloader Manager by Installer Technology Co which is a potentially unwanted software program. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.

File name:

rkverify.exe

Publisher:

T M R G , INC. (signed by TMRG, Inc.)

Product:

rkverify

Version:

0, 2, 3, 17

MD5:

11033fe49e144984b82ae16ce1221cd0

SHA-1:

5cafb0702e89b7a0982e33e8a5c5d52d0e17a1c2

SHA-256:

1fb9cb60b11165df3298dee55b59517e3ed15957b820b19b4ca0d8f9f2e20173

Scanner detections:

23 / 68

Status:

Adware

Analysis date:

1/15/2025 2:45:45 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Relevant.BH

1142

Agnitum Outpost

Adware.MarketScore

7.1.1

AhnLab V3 Security

Win-Adware/Relevant.381968

2013.12.20

Avira AntiVirus

ADSPY/NaviPromo.J

7.11.120.204

avast!

Win32:PUP-gen [PUP]

2014.9-131219

AVG

RelevantKnowledge

2014.0.3620

Baidu Antivirus

Trojan.Win32.Agent

4.0.3.131219

Bitdefender

Adware.Relevant.BH

1.0.20.1765

Boost by Reason

Optional.TMRG.I

188838

Comodo Security

ApplicUnwnt.Win32.AdWare.RK.~E

17469

Dr.Web

Adware.Relevant.81

9.0.1.0353

Emsisoft Anti-Malware

Adware.Relevant.BH

8.13.12.19.09

ESET NOD32

Win32/Adware.MarketScore.A application

6.3

F-Secure

Adware.Relevant.BH

11.2013-19-12_5

G Data

Adware.Relevant.BH

13.12.22

Malwarebytes

PUP.Adware.RelevantKnowledge

v2013.12.19.09

MicroWorld eScan

Adware.Relevant.BH

14.0.0.1059

NANO AntiVirus

Trojan.Win32.Relevant.cbpeni

0.28.0.57029

Reason Heuristics

PUP.TMRG (M)

16.8.20.6

Sophos

RelevantKnowledge

4.96

SUPERAntiSpyware

Adware.RelevantKnowledge

10897

VIPRE Antivirus

Adware.Win32.RelevantKnowledge.a

24538

XVirus List

Win32.Detected

2.8.7

File size:

373 KB (381,968 bytes)

Product version:

0, 2, 3, 17

Original file name:

rkverify.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Digital Signature

Signed by:

TMRG, Inc.

Authority:

Thawte, Inc.

Valid from:

7/21/2011 2:00:00 AM

Valid to:

1/12/2013 12:59:59 AM

Subject:

CN="TMRG, Inc.", O="TMRG, Inc.", L=Reston, S=Virginia, C=US

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

3E610C00C4D725B9689279CC88EEA594

File PE Metadata

Compilation timestamp:

8/23/2011 7:16:04 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

6144:4vDfx5VSvd4vsG5eAFtU2K+Z+E1FgOMgEChTBqOhdKr0Y1445vbrr6zAHFf:4vDJ5VSviLtUDE/QChTsOYM4dr+zAx

Entry address:

0x1A567

Entry point:

E8, 4B, C1, 00, 00, E9, 16, FE, FF, FF, 3B, 0D, 84, 0E, 44, 00, 75, 02, F3, C3, E9, CB, C1, 00, 00, 83, EC, 14, 53, 8B, 5C, 24, 20, 55, 56, 8B, 73, 08, 33, 35, 84, 0E, 44, 00, 57, 8B, 06, 83, F8, FE, C6, 44, 24, 13, 00, C7, 44, 24, 18, 01, 00, 00, 00, 8D, 7B, 10, 74, 0D, 8B, 4E, 04, 03, CF, 33, 0C, 38, E8, B9, FF, FF, FF, 8B, 4E, 0C, 8B, 46, 08, 03, CF, 33, 0C, 38, E8, A9, FF, FF, FF, 8B, 44, 24, 28, F6, 40, 04, 66, 0F, 85, 1F, 01, 00, 00, 8B, 6B, 0C, 83, FD, FE, 8B, 4C, 24, 30, 8D, 54, 24, 1C, 89, 44, 24... 
[+]

Code size:

200 KB (204,800 bytes)

The file rkverify.exe has been discovered within the following program.

Open Downloader Manager by Installer Technology Co

ODM is a download manager that plugs into various web browsers (IE, Chrome and Firefox). The installer is designed to bundle and offer various additional offers including toolbars and other potentially harmful programs.

opendownloadmanager.com

73% remove it

The file rkverify.exe has been seen being distributed by the following URL.

http://softwareprovisioning.com/.../rkverify.exe

Remove rkverify.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.