| Author |
Topic: Trend Question for Wiz |
Richard Sinkler
From:
aka: Rusty Strings -- Missoula, Montana
|
Posted 13 Feb 2010 4:17 pm |
|
The last few days, I have been getting a notice that Trend has blocked a suspicious program. While I still let it block it, the program doesn't do anything to get rid of it. I'm suspecting a virus. I have the Pro version and update and scan every day.
The Message is:
program: rlvknig.exe
Publisher: TMRG, Inc
Activity: System File Modification
Risk: High
Have you heard anything about this file? I guess I could search for it one my hard drive a try to delete it.
_________________
Carter D10 8p/8k, Dekley S10 3p/4k C6 setup,Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112,Ibanez Gio guitar, Epiphone SG Special (open D slide guitar) . Playing for 55 years and still counting. |
|
|
 |
Greg Cutshaw
From:
Corry, PA, USA
|
Posted 13 Feb 2010 4:24 pm
|
|
Read this:
http://www.tmrginc.com/About.aspx
Looks like you're a "panelist" hehe!
Google shows a ton of hits ont this such as:
http://www.techmynd.com/remove-rlvknlg-exe-spyware/
Wiz pry knows best but there's a lot of solutions for getting rid of this if you check the Google hits.
Many read like this: (C:windowssystem32rlvknlg.exe should read C:/WINDOWS/system32/rlvknlg.exe)
************************************************
This file will be found at: C:windowssystem32rlvknlg.exe
OR
In 'Program Files' folder there will be a folder named as 'RelevantKnowledge'. Delete contents of this folder.
Run msconfig command and select Startup tab.
Uncheck rlvknlg from it.
Restart the system.
Read more: http://www.techmynd.com/remove-rlvknlg-exe-spyware/#ixzz0fSxbG1CG
*******************************
Greg |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 13 Feb 2010 10:32 pm
|
|
Richard;
The reason that Trend is not deleting this program is because it is classified as a PUP (Potentially Unwanted Program). Some people want PUPs, others don't. Often they are shareware, or are bundled with Shareware or freeware apps, as a way for the software writers to make a buck.
Try to uninstall the unwanted PUP via Control Panel. If that fails, try using MBAM, or Spybot S&D.
If it's any consolation, most security apps leave PUPS alone, pending your decision.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Richard Sinkler
From:
aka: Rusty Strings -- Missoula, Montana
|
Posted 14 Feb 2010 9:48 am
|
|
Thanks guys. I did a hard drive search for the file and came up with nothing. Then I did a complete systen scan and it found and found 443 instances of Trend blocking this file. It showed the directory as C:/program files/relevant knowledge as Greg noted. I will try to delete the program.
_________________
Carter D10 8p/8k, Dekley S10 3p/4k C6 setup,Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112,Ibanez Gio guitar, Epiphone SG Special (open D slide guitar) . Playing for 55 years and still counting. |
|
|
|
Richard Sinkler
From:
aka: Rusty Strings -- Missoula, Montana
|
Posted 14 Feb 2010 10:11 am
|
|
I keep getting "Access denied" when I try to delete the files and folder. Even changing the file attributes to "read only" let's me delete some, but not all. When I use task manager to stop the process, it also closes windows explorer. There is no uninstall program and it doesn't show up in control panel/programs. I'm at a loss on how it got there and how to get rid of it. Greg's 2 "Techmynd"links show up as blank pages with just the Techmynd logo.
_________________
Carter D10 8p/8k, Dekley S10 3p/4k C6 setup,Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112,Ibanez Gio guitar, Epiphone SG Special (open D slide guitar) . Playing for 55 years and still counting. |
|
|
|
Richard Sinkler
From:
aka: Rusty Strings -- Missoula, Montana
|
Posted 14 Feb 2010 10:36 am
|
|
| Quote: |
Run msconfig command and select Startup tab.
Uncheck rlvknlg from it.
Restart the system.
|
Could not find that file.
Is there a program I can buy that will take care of this?
_________________
Carter D10 8p/8k, Dekley S10 3p/4k C6 setup,Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112,Ibanez Gio guitar, Epiphone SG Special (open D slide guitar) . Playing for 55 years and still counting. |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 14 Feb 2010 12:31 pm
|
|
| Richard Sinkler wrote: |
Is there a program I can buy that will take care of this? |
Richard;
Please download MBAM, install and update it, then run a full scan. You may need to do this from a Safe Mode with Networking reboot.
You may be able to delete that directory from Safe Mode/Administrator account. Or, try to take Ownership of the Relevant Knowledge directory. Access denied could be due to files running in memory, or because the ownership has been assigned to another account name (Admin, System).
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Richard Sinkler
From:
aka: Rusty Strings -- Missoula, Montana
|
Posted 14 Feb 2010 1:32 pm
|
|
Will do. Also, in earlier versions of Windows, you used to be able to go to the DOS shell and use regular DOS commands. Can you do this in XP and Vista? I used to be able to clear files out that windows wouldn't give me access to through DOS.
_________________
Carter D10 8p/8k, Dekley S10 3p/4k C6 setup,Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112,Ibanez Gio guitar, Epiphone SG Special (open D slide guitar) . Playing for 55 years and still counting. |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 14 Feb 2010 2:13 pm
|
|
| Richard Sinkler wrote: |
| Will do. Also, in earlier versions of Windows, you used to be able to go to the DOS shell and use regular DOS commands. Can you do this in XP and Vista? I used to be able to clear files out that windows wouldn't give me access to through DOS. |
Richard;
I don't have a Vista computer handy, but XP will allow you to run DOS batch files and commands - from a DOS Window. It also has a text based Recovery Console that you can install and boot into. If you set the wildcards for allowing traversing of directories, you can indeed delete an entire directory from the Recovery Console at boot time.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Richard Sinkler
From:
aka: Rusty Strings -- Missoula, Montana
|
Posted 16 Feb 2010 10:43 pm
|
|
Looks like I beat it (hopefully).
Funny thing...Today it showed up in the control panel add/remove programs as "relevant knowledge". I selected to remove the program. It disappeared from the listing, but all the files were still in the relevant knowledge directory and I was still getting the message. I was able to delete all but one dll file. I renamed the file and renamed the directory so it can't be found if some hidden program or registry entry tries to load it.
_________________
Carter D10 8p/8k, Dekley S10 3p/4k C6 setup,Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112,Ibanez Gio guitar, Epiphone SG Special (open D slide guitar) . Playing for 55 years and still counting. |
|
|
|
John Cipriano
From:
San Francisco
|
Posted 17 Feb 2010 10:32 pm
|
|
| That's odd (but it does happen). You should be able to delete it in Safe Mode though if you want to be rid of the files. |
|
|
|
Richard Sinkler
From:
aka: Rusty Strings -- Missoula, Montana
|
Posted 19 Feb 2010 6:29 pm
|
|
How do you get into safe mode? I used to know, but it's been a bunch of years now, and was on Win 98.
On a different note, I started to buy a registry cleaner off the net, and it did a free scan, but required me to buy before it would repair anything. It said I had several hundred errors. Before I buy some software, I would like to get recommendations first.
_________________
Carter D10 8p/8k, Dekley S10 3p/4k C6 setup,Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112,Ibanez Gio guitar, Epiphone SG Special (open D slide guitar) . Playing for 55 years and still counting. |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 19 Feb 2010 11:36 pm
|
|
| Richard Sinkler wrote: |
| How do you get into safe mode? I used to know, but it's been a bunch of years now, and was on Win 98. |
Restart the computer and tap repeatedly on the F8 key until a white text boot menu appears on screen. The top two options listed are Safe Mode and Safe Mode With Networking. Choose the second option to use your network adapter for online updates in Safe Mode. Otherwise, just choose Safe Mode to delete a directory.
| Quote: |
On a different note, I started to buy a registry cleaner off the net, and it did a free scan, but required me to buy before it would repair anything. It said I had several hundred errors. Before I buy some software, I would like to get recommendations first. |
Stay away from those Registry Cleaners unless you know what you are doing. Most that you find in a search result are rogue cleaners, created by software criminals in the former Soviet Union. If you want a free one to experiment with, try CCleaner, from Piriform.com.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Richard Sinkler
From:
aka: Rusty Strings -- Missoula, Montana
|
Posted 21 Feb 2010 8:50 am
|
|
Thanks Wiz.
Is there any problem with leaving registry errors in the registry if they aren't causing any noticible errors or problems?
_________________
Carter D10 8p/8k, Dekley S10 3p/4k C6 setup,Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112,Ibanez Gio guitar, Epiphone SG Special (open D slide guitar) . Playing for 55 years and still counting. |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 21 Feb 2010 9:37 am
|
|
| Richard Sinkler wrote: |
Thanks Wiz.
Is there any problem with leaving registry errors in the registry if they aren't causing any noticible errors or problems? |
No problem Richard. If the errors were serious they would cause Windows or applications to crash. Otherwise, if it ain't broke, don't fix it!
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
