» Interop.PCProxyLib.dll
Overview
Analysis
File Details
Programs (1)

Interop.PCProxyLib.dll

Assembly imported from type library 'PCProxyLib'.

Sendori, LLC

This is part of the Sendori web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The file Interop.PCProxyLib.dll, re-signed by Sendori, LLC, is an Interop assembly that has been intergated by a 3rd-party into a .Net application, even though the assembly itself is most likely safe, it has been recompiled by a potentially unwanted program. This file is typically installed with the program PureLeads by Sendori, LLC which is a potentially unwanted software program.

File name:

Publisher:

Sendori, LLC (signed and verified)

Product:

Assembly imported from type library 'PCProxyLib'.

Version:

1.0.0.0

MD5:

a1b78b9b67816ebb02d7ad41c45227ba

SHA-1:

ca220f59b476902169f59f28396a02f6f1e37bdb

SHA-256:

00f0d02d5020aad96d9cd4e4381251a517a87e1a99fc01c38a373ab4aeb2488e

Scanner detections:

11 / 68

Status:

Adware

Analysis date:

4/25/2024 10:27:39 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Sendori.E

939

Avira AntiVirus

Adware/Sendori.E.26

7.11.157.204

Bitdefender

Adware.Sendori.E

1.0.20.960

Emsisoft Anti-Malware

Adware.Sendori

8.14.07.11.06

ESET NOD32

Win32/AdWare.Sendori (variant)

8.10023

F-Secure

Adware.Sendori.E

11.2014-11-07_6

G Data

Adware.Sendori

14.7.24

MicroWorld eScan

Adware.Sendori.E

15.0.0.576

nProtect

Adware.Sendori.E

14.06.30.01

Reason Heuristics

PUP.ResignedInterop.Sendori.R

14.8.7.19

VIPRE Antivirus

Trojan.Win32.Generic

30820

File size:

40.3 KB (41,248 bytes)

Product version:

1.0.0.0

Original file name:

Interop.PCProxyLib.dll

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\pureleads\interop.pcproxylib.dll

Digital Signature

Signed by:

Sendori, LLC

Authority:

VeriSign, Inc.

Valid from:

12/9/2013 7:00:00 PM

Valid to:

12/10/2014 6:59:59 PM

Subject:

CN="Sendori, LLC", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Sendori, LLC", L=Oakland, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

310642A25A6D9FB4A7E88E32D87A345F

File PE Metadata

Compilation timestamp:

6/27/2014 2:04:43 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

768:tGbmya24u1l3Mjo3MjxROqqreYjGnEucylCv9PPvWcVx9Llo:tF2v1ORzwedTlCvb3k

Entry address:

0x9E9E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.0113

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

32 KB (32,768 bytes)

The file Interop.PCProxyLib.dll has been discovered within the following program.

PureLeads by Sendori, LLC

This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.

pureleads.com

72% remove it

Remove Interop.PCProxyLib.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.