home

sendori32.sys

Sendori Watchdog

Sendori, Inc

This is part of the Sendori web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The file sendori32.sys by Sendori, Inc has been detected as adware by 2 anti-malware scanners.
Publisher:
Sendori  (signed by Sendori, Inc)

Product:
Sendori Watchdog

Description:
Watchdog Driver

Version:
2.2.1.5

MD5:
e445cb349332328579ee7b2088791cf3

SHA-1:
14e697d5f402d3cde0e93ca7b2998a0f10014c25

SHA-256:
9c2e5e763d7eebaf7ed2793abc82a05bac248c74d52ae31e545666b3f2cbe6b2

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
11/14/2024 9:20:28 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Sendori (M)
15.12.25.23

VIPRE Antivirus
Sendori
32744

File size:
25.7 KB (26,272 bytes)

Product version:
2.2.1.5

Copyright:
© Sendori. All rights reserved.

Original file name:
sendori32.sys

File type:
Driver (Win32 SYS)

Language:
Language Neutral

Common path:
C:\Program Files\sendori\sendori32.sys

Digital Signature
Signed by:
Sendori, Inc

Authority:
VeriSign, Inc.

Valid from:
3/11/2012 7:00:00 PM

Valid to:
4/4/2013 6:59:59 PM

Subject:
CN="Sendori, Inc", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Sendori, Inc", L=Oakland, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
28FA9F749BFC21C3FDFCFEFB6497011B

File PE Metadata
Compilation timestamp:
10/8/2012 6:40:45 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:2QGEjquIX1DzwXjoLztZNQmWJ4EuXcOKTy+bvKvex6gjGyRTdd6lHhnYPLEDfeMj:R6XdfQ4VXcOn+bSvFAT/uHh/R1

Entry address:
0x40A6

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 50, FF, FF, FF, CC, CC, E0, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D2, 45, 00, 00, 80, 3B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B8, 41, 00, 00, D2, 41, 00, 00, E4, 41, 00, 00, FC, 41, 00, 00, 0C, 42, 00, 00, 24, 42, 00, 00, 36, 42, 00, 00, 40, 42, 00, 00, 4A, 42, 00, 00, 62, 42, 00, 00, 70, 42, 00, 00, 84, 42, 00, 00, 9C, 42, 00, 00, A6, 42, 00, 00, BA, 42, 00, 00, DA, 42, 00, 00, EE, 42, 00, 00, 06, 43...
 
[+]

Entropy:
6.7762

Code size:
15.3 KB (15,616 bytes)

Remove sendori32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.