home

altonavControl.exe

altonav

This is part of the Sendori web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application altonavControl.exe, “altonav Elevated Service Controller” by altonav has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
altonav  (signed and verified)

Product:
altonav

Description:
altonav Elevated Service Controller

Version:
3.0.1

MD5:
5d89c09423f01fb1aecdfa6490f62c2d

SHA-1:
c3be45f059dc7d680a985caac22d00d6f79f20bb

SHA-256:
63cbecc5ec1b3fac9ca3ec9ea7095c6b93a20c91a6cc4f0eadd6cb294ef60c9f

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
5/19/2024 7:11:34 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Sendori.altonav (M)
16.4.24.5

File size:
3.2 MB (3,397,864 bytes)

Product version:
3.0.1

Copyright:
© Dynamic Network Services, Inc.

Trademarks:
Dyn (sm)

Original file name:
altonavControl.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\altonav\altonavcontrol.exe

Digital Signature
Signed by:
altonav

Authority:
VeriSign, Inc.

Valid from:
8/18/2014 5:30:00 AM

Valid to:
8/18/2017 5:29:59 AM

Subject:
CN=altonav, O=altonav, L=San Leandro, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
10E276E0F710E2E93163C74E8E2FD691

File PE Metadata
Compilation timestamp:
2/6/2015 11:11:33 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
768:pgJa0lSWFtAhV/vow1gDcpEDmXnOm8yclHDo:pj0L+V3v1hjQ

Entry address:
0x129B

Entry point:
E8, FF, 18, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 58, 9C, 40, 00, 89, 0D, 54, 9C, 40, 00, 89, 15, 50, 9C, 40, 00, 89, 1D, 4C, 9C, 40, 00, 89, 35, 48, 9C, 40, 00, 89, 3D, 44, 9C, 40, 00, 66, 8C, 15, 70, 9C, 40, 00, 66, 8C, 0D, 64, 9C, 40, 00, 66, 8C, 1D, 40, 9C, 40, 00, 66, 8C, 05, 3C, 9C, 40, 00, 66, 8C, 25, 38, 9C, 40, 00, 66, 8C, 2D, 34, 9C, 40, 00, 9C, 8F, 05, 68, 9C, 40, 00, 8B, 45, 00, A3, 5C, 9C, 40, 00, 8B, 45, 04, A3, 60, 9C, 40, 00, 8D, 45, 08, A3, 6C, 9C, 40...
 
[+]

Entropy:
0.1459

Code size:
19.5 KB (19,968 bytes)

Remove altonavControl.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.