This information isn't about any latest release. But I want to share my experience with you. It will help you to be safe from this threat and have a safe internet surf. If you never faced to this malware or your computer still affected with this malware, then this information will be very useful to you.
At the very first I want to tell you this malware act as a normal software with it's name Relevant Knowledge. Some Anti-Virus Software developers such as Symantec, McAfee, BitDefender, F-Secure and some others classify this malware as a spyware or a adware. Those Anti-Virus softwares, Malware removers detect this as Spyware.Marketscore, Proxy-OSS, Adware.Relevant.0961. This malware may install on your computer by direct installing with your permission or indirect installing with your permission.(Bundle with another freeware or commercial software. When you install that software, the setup file asks from you to install this survey based malware program called Relevant Knowledge.)How to identify it
When your computer affected by this malware it was located on your system tray as a normal application.
Sometimes it may not display in the system tray. But it runs as a background process and it sucks your computer's memory and system resources. You can clearly identify it from your task manager. Just open task manager and take the processes tab. If you see a process by rlvknlg.exe , then that is the malware. I was unable to post more blog posts as I wished because of this threat. I couldn't post even 2 little posts in a single day when it affected my compuetr. Sometimes it may give you some surveys or pop-up windows telling you to complete and submit that completed surveys to their servers using the program.
If your computer affected with it, you will feel it by two ways.
1. Your computer runs more and more slowly. You can't get the performance that your computer is able. And you can't use your system's resources to have a better computing because the resources are using by this malware. Sometimes your computer stuck for several minutes. (I experienced this when my computer was affected by this. Sometimes I had to wait nearly 30 minutes to do anything, because it stucks my computer for 25 or 30 minutes.)
2. Your internet connection may become very slow. And you will feel it is not a normal situation or a connection failure. You will not be able to load 5 or more tabs at once to your browser. (When my computer was affected with it, I can't even load 5 tabs to my browser. It stuck computer when I load a new tab.) It does not matter which browser you are using. It can use your system resources and create a slow connection for you.
How it works & other details about this malware
This malware monitors browsing habits and purchasing activities and then collect all information related with those things and send to the creator of this malware or third-parties. It displays some surveys in a pop-up window. And sometimes you may see system tray icon of it on your system tray like I mentioned above. Relevant Knowledge uses Internet connection in the background without user's permission. In most times it may even affect your Internet connection speed. Because when this malware works on your computer, your Internet connections will go through its own proxy. Sometimes this malware bundled in many freewares and some commercial applications. When you start to install them you may be asked to install this Relevant Knowledge in your computer. It is advisable to read user agreement carefully before installing such applications. Otherwise it may install Relevant Knowledge or another similar spyware/adware in your computer without your permission, without your knowledge. If you recently noticed it's circle icon shown above or if you see it's process in taskmanager(If you see rlvknlg.exe file in your task manaager processes,) be ready to remove it as soon as possible. Even your computer in a good condition, even you got the full performance of your computer, It is advisable to remove it as soon as possible. Otherwise you'll have to suffer with an always stucking, computer. The other thing you'll have to face is very slow internet connection. So remove it as soon as possible. If you are not sure about this and you need a more proof on this case, just visit these 2 links after this paragraph, and read those information carefully. And also you can take a look at this with a google search.
http://deletemalware.blogspot.com/2011/04/remove-relevant-knowledge-uninstall.html
http://www.neuber.com/taskmanager/process/rlvknlg.exe.html
http://deletemalware.blogspot.com/2011/04/remove-relevant-knowledge-uninstall.html
http://www.neuber.com/taskmanager/process/rlvknlg.exe.html
How to remove this malware
1. If your Anti-Virus detect Relevant Knowledge as spyware/adware or even as a harmful program, you can use you Anti-Virus to remove it. But sometimes it will remove only the rlvknlg.exe file. If it remove only the rlvknlg.exe file, you have to remove other files and registry keys using Add/Remove Programs or other third party application like IObit Uninstaller 2.
2. If your Anti-Virus doesn't detect it you can use Add/Remove Programs on Windows to remove it as a normal application. If you need any help for that, visit this link.
http://deletemalware.blogspot.com/2011/04/remove-relevant-knowledge-uninstall.html
3. If you couldn't able to find out it in Add/Remove Programs (It happened to me, It is not located in Add/Remove Programs of mine. ) Then you can use IObit Uninstaller 2 to remove this malware. Go to this link, download it and install.
http://www.iobit.com/advanceduninstaller.html
After install it, load the program(IObit Uninstaller 2) and you'll see a window like this.
(Click on the pictures to see them more clearly.)
4. You can locate Relevant Knowledge in this list. Then click on Uninstall button and it will create a system restore point and loads uninstallation file to uninstall it in normal method. (If it is not located in your All Programs list, just go to step 5 .) Use it and uninstall it. After you will be asked to do a powerful scan. Accept to do that with a click on the button Powerful scan .
It will search other files, registry settings related with Relevant Knowledge. After the search completes it will provide you a list of files and registry settings related with Relevant Knowledge. Click on the Select All button. And then click on Delete button to delete all of them.
5. If you can't find it on your IObit Uninstaller's All Programs list, click on Forced Uninstall button next to Uninstall button.
You will see this window.
Click on the Browse button and open
C:\Program Files\RelevantKnowledge\rlvknlg.exe file
If you are using a 64-bit system, open
C:\Program Files\RelevantKnowledge\rlvknlg64.exe
(Normally it is located in C:\Program Files\RelevantKnowledge folder. But sometimes it may choose a different place with your knowledge. And sometimes rlvknlg.exe file creates a copy of itself in C:\WINDOWS\system32 . It is better to look in C:\WINDOWS\system32 folder for rlvknlg.exe file. If this file exists in that folder you can delete it after you complete step 5. )
Click Next>, you will be given a window like this.
It will search other files, registry settings related with Relevant Knowledge. After the search completes it will provide you a list of files and registry settings. Click on the Select All button. And then click on Delete button to delete all of them.
5. After all these ends just take a look at system registry. And try to find these keys. If they were all gone, you have removed the threat successfully. If they are still in your registry just delete them.
Here those registry values.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\RelevantKnowledge
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "RelevantKnowledge"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "OSSProxy" rlvknlg.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache Data "RelevantKnowledge"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List "c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
Leave a comment bellow if you have any questions or additional information about Relevant Knowledge. And you can share your experience related with this malware if you faced it in the past. Good luck and be safe online. Feel free to leave a comment. We invite you to make a comment and say what you feel with these information.
