home

sendorilsp.exe

SendoriLSP.exe

Sendori, Inc

This is part of the Sendori web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application sendorilsp.exe by Sendori, Inc has been detected as adware by 7 anti-malware scanners. This file is typically installed with the program Sendori by Sendori, Inc. which is a potentially unwanted software program.
Publisher:
Sendori  (signed by Sendori, Inc)

Product:
SendoriLSP.exe

Version:
2.1.8.7

MD5:
99dff42796b56ccb02a483ca66225370

SHA-1:
39211a67df04f3c329c60259fadb54a7c14464cf

SHA-256:
8b4509b233e04928da8f12b54667be0a81c85070710a81e21aad538c1bf4bcf2

Scanner detections:
7 / 68

Status:
Adware

Analysis date:
4/26/2024 2:55:57 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Sendori
7.1.1

AVG
Generic6
2016.0.2900

Clam AntiVirus
Win.Adware.Sendori-4
0.98/21511

Reason Heuristics
PUP.Sendori (M)
15.12.10.7

SUPERAntiSpyware
PUP.Sendori/Variant
9456

VIPRE Antivirus
Sendori
45386

Zillya! Antivirus
Adware.Sendori.Win32.15
2.0.0.2527

File size:
273.9 KB (280,424 bytes)

Product version:
2.1.8.7

Copyright:
Copyright © 2010

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\sendori\sendorilsp.exe

Digital Signature
Signed by:
Sendori, Inc

Authority:
VeriSign, Inc.

Valid from:
3/11/2012 8:00:00 PM

Valid to:
4/4/2013 7:59:59 PM

Subject:
CN="Sendori, Inc", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Sendori, Inc", L=Oakland, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
28FA9F749BFC21C3FDFCFEFB6497011B

File PE Metadata
Compilation timestamp:
5/3/2012 11:18:01 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

CTPH (ssdeep):
3072:XEooVOnCpW2bRhRF9jt7kjGhX8J9gdsKsMtjfFDYhUu:0odCI23XkaeHotjNDYX

Entry address:
0x25910

Entry point:
55, 8B, EC, 6A, FF, 68, C8, 14, 43, 00, 68, DC, 55, 42, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 10, 53, 56, 57, 89, 65, E8, FF, 15, 60, 11, 43, 00, 33, D2, 8A, D4, 89, 15, 44, 07, 44, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 40, 07, 44, 00, C1, E1, 08, 03, CA, 89, 0D, 3C, 07, 44, 00, C1, E8, 10, A3, 38, 07, 44, 00, 6A, 01, E8, EB, 54, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, AB, 00, 00, 00, 59, E8, BC, 19, 00, 00, 85, C0, 75, 08, 6A, 10, E8, 9A, 00, 00, 00, 59, 83, 65, FC, 00...
 
[+]

Entropy:
6.1059

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
192 KB (196,608 bytes)

The file sendorilsp.exe has been discovered within the following program.

Sendori  by Sendori, Inc.
Sendori is a web browser plugin and layered service provider filter that is typically installed through a bundled installation. The plugin is designed to intercept Internet web traffic and provided modified results to various requests.
www.sendori.com
79% remove it
 
Powered by Should I Remove It?

Remove sendorilsp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.