rlxg.dll

RelevantKnowledge

TMRG, Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The module rlxg.dll by TMRG has been detected as adware by 16 anti-malware scanners. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
TMRG, Inc.  (signed and verified)

Product:
RelevantKnowledge

Version:
1, 3, 323, 1

MD5:
c59661e9c984bc95af0f5a0713e34063

SHA-1:
510882a5c1ed0fe44d22b663bb700e746aa8f39f

SHA-256:
ad83fe16d59fceef6ba74ba76a80a74d3290ebd1181bbd21aa9079ef74e36c11

Scanner detections:
16 / 68

Status:
Adware

Analysis date:
11/22/2024 4:44:37 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADSPY/AdSpy.Gen
7.11.215.140

avast!
Win32:Relevant-G [PUP]
2014.9-141002

AVG
RelevantKnowledge
2015.0.3334

Bitdefender
Gen:Adware.Heur.hu9@Rmj@BXki
1.0.20.1375

F-Prot
W32/MalwareF.ADWDP
v6.4.6.2.117

F-Secure
Gen:Adware.Heur.hu9@Rmj@BXki
11.2014-02-10_5

G Data
Gen:Adware.Heur.hu9@Rmj@BXki
14.10.22

IKARUS anti.virus
Gen.AdWare
t3scan.1.1.104.0

K7 AntiVirus
Riskware
13.108.4937

Malwarebytes
PUP.Optional.RelevantKnowledge
v2015.06.29.05

McAfee
Artemis!C59661E9C984
5600.6990

Norman
W32/Adware.A!genr
11.20141002

Reason Heuristics
PUP.TMRG.E
14.10.2.1

Sophos
Generic Proxy-OSS Application
4.67

SUPERAntiSpyware
Spyware.RelevantKnowledge
10325

VIPRE Antivirus
GenAdware
9938

File size:
116.6 KB (119,424 bytes)

Product version:
1, 3, 323, 1

Copyright:
Copyright (C) 2001-2008

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\windows\temp\{random}.tmp\rlxg.dll

Digital Signature
Signed by:

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
7/16/2007 6:00:00 PM

Valid to:
9/27/2009 5:59:59 PM

Subject:
CN="TMRG, Inc.", OU=SECURE APPLICATION DEVELOPMENT, O="TMRG, Inc.", L=Reston, S=Virginia, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
02491544000D8C9D63F061B1EBAE8466

File PE Metadata
Compilation timestamp:
3/31/2009 8:55:04 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
1536:vOExwi34FuLdtNdm2CUZSHEiA7Suk6e9yGzc6iltguGwNTsUGAx2O7iGHSqCRKCP:T3PMlZqtgpwFmAx2O7iGyVRXP

Entry address:
0xF623

Entry point:
6A, 0C, 68, 50, 2E, 01, 10, E8, 81, 02, 00, 00, 33, C0, 40, 89, 45, E4, 33, FF, 89, 7D, FC, 8B, 75, 0C, 3B, F7, 75, 0C, 39, 3D, 2C, 72, 01, 10, 0F, 84, AC, 00, 00, 00, 3B, F0, 74, 05, 83, FE, 02, 75, 31, A1, 54, 72, 01, 10, 3B, C7, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D0, 89, 45, E4, 39, 7D, E4, 0F, 84, 85, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, E5, FE, FF, FF, 89, 45, E4, 3B, C7, 74, 72, 8B, 5D, 10, 53, 56, FF, 75, 08, E8, FC, 01, 00, 00, 89, 45, E4, 83, FE, 01, 75, 0E, 3B, C7, 75, 0A, 53, 57, FF...
 
[+]

Entropy:
5.6304

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
68 KB (69,632 bytes)

Remove rlxg.dll - Powered by Reason Core Security