home

sendori32.sys

Sendori Watchdog

Sendori, Inc

This is part of the Sendori web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The file sendori32.sys by Sendori, Inc has been detected as adware by 2 anti-malware scanners.
Publisher:
Sendori  (signed by Sendori, Inc)

Product:
Sendori Watchdog

Description:
Watchdog Driver

Version:
2.1.8.7

MD5:
6667412d0acfca73cfa75c2edfa06645

SHA-1:
9d45c22c21a935615c29af265b6ee164da488b29

SHA-256:
21ed85672f0bdf7155159bdb72c55b021d948df5ad09cd70ffa93b70d3bd736c

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
4/18/2024 6:12:31 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Sendori (M)
15.12.10.7

VIPRE Antivirus
Sendori
32744

File size:
25.2 KB (25,832 bytes)

Product version:
2.1.8.7

Copyright:
© Sendori. All rights reserved.

Original file name:
sendori32.sys

File type:
Driver (Win32 SYS)

Language:
Language Neutral

Common path:
C:\Program Files\sendori\sendori32.sys

Digital Signature
Signed by:
Sendori, Inc

Authority:
VeriSign, Inc.

Valid from:
3/11/2012 8:00:00 PM

Valid to:
4/4/2013 7:59:59 PM

Subject:
CN="Sendori, Inc", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Sendori, Inc", L=Oakland, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
28FA9F749BFC21C3FDFCFEFB6497011B

File PE Metadata
Compilation timestamp:
5/3/2012 11:18:36 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:4QGEjquIX1DzwXjoLztZNQmWJ4EuXcOKTy+bvKvex6WBGyRTdl6tHz3mirILoDf+:D6XdfQ4VXcOn+bSvZATXWHaIILw2

Entry address:
0x40A6

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 50, FF, FF, FF, CC, CC, E0, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D2, 45, 00, 00, 80, 3B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B8, 41, 00, 00, D2, 41, 00, 00, E4, 41, 00, 00, FC, 41, 00, 00, 0C, 42, 00, 00, 24, 42, 00, 00, 36, 42, 00, 00, 40, 42, 00, 00, 4A, 42, 00, 00, 62, 42, 00, 00, 70, 42, 00, 00, 84, 42, 00, 00, 9C, 42, 00, 00, A6, 42, 00, 00, BA, 42, 00, 00, DA, 42, 00, 00, EE, 42, 00, 00, 06, 43...
 
[+]

Entropy:
6.7532

Code size:
15.3 KB (15,616 bytes)

Remove sendori32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.