home

SendoriTray.exe

Sendori

Sendori, LLC

This is part of the Sendori web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application SendoriTray.exe, “Sendori Notification Icon” by Sendori has been detected as adware by 12 anti-malware scanners. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Sendori Tray’. This file is typically installed with the program Sendori by Sendori, Inc. which is a potentially unwanted software program.
Publisher:
Sendori, Inc.  (signed by Sendori, LLC)

Product:
Sendori

Description:
Sendori Notification Icon

Version:
2.0.18

MD5:
974bbc57e73e6babc96cd2093c45dc17

SHA-1:
80bf80ff4816d105d8e02e40768dc9e2b8c6c80f

SHA-256:
74e10b262207b98fe22c99675566d7ae1809e9ab0efff669f650bf3103d39606

Scanner detections:
12 / 68

Status:
Adware

Analysis date:
4/27/2024 3:24:34 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Sendori.E
474

avast!
Win32:Adware-gen [Adw]
2014.9-151018

Bitdefender
Adware.Sendori.E
1.0.20.1455

Emsisoft Anti-Malware
Adware.Sendori
8.15.10.18.04

ESET NOD32
Win32/AdWare.Sendori (variant)
9.10013

F-Secure
Adware.Sendori.E
11.2015-18-10_1

G Data
Adware.Sendori
15.10.24

MicroWorld eScan
Adware.Sendori.E
16.0.0.873

nProtect
Adware.Sendori.E
14.06.27.01

Reason Heuristics
PUP.Sendori (M)
15.10.18.16

Sophos
Generic PUA IA
4.98

VIPRE Antivirus
Sendori
30738

File size:
81.3 KB (83,232 bytes)

Product version:
2.0.18

Copyright:
© Dynamic Network Services, Inc.

Trademarks:
Dyn (sm)

Original file name:
SendoriTray.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\sendori\sendoritray.exe

Digital Signature
Signed by:
Sendori, LLC

Authority:
VeriSign, Inc.

Valid from:
12/10/2013 3:30:00 AM

Valid to:
12/11/2014 3:29:59 AM

Subject:
CN="Sendori, LLC", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Sendori, LLC", L=Oakland, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
310642A25A6D9FB4A7E88E32D87A345F

File PE Metadata
Compilation timestamp:
6/25/2014 10:32:56 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:RWqBMY0L7wMcDEWbs/wHazaRXk7yVpnv77bIbLdaNX:tiwY/zarVVHbIbpaF

Entry address:
0x40FB

Entry point:
E8, 21, 23, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 10, 1A, 41, 00, FF, 15, 1C, C1, 40, 00, 85, C0, 75, 18, 56, E8, BD, 03, 00, 00, 8B, F0, FF, 15, CC, C0, 40, 00, 50, E8, 6D, 03, 00, 00, 59, 89, 06, 5E, 5D, C3, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, 58, 31, 41, 00, 00, 74, 05, E9, 50, 23, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C...
 
[+]

Entropy:
6.2530

Code size:
44 KB (45,056 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Sendori Tray

Command:
"C:\Program Files\sendori\sendoritray.exe"


The file SendoriTray.exe has been discovered within the following program.

Sendori  by Sendori, Inc.
Sendori is a web browser plugin and layered service provider filter that is typically installed through a bundled installation. The plugin is designed to intercept Internet web traffic and provided modified results to various requests.
www.sendori.com
79% remove it
 
Powered by Should I Remove It?

Remove SendoriTray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.