Sendori

By Domesticus in Adware

Threat Scorecard

Popularity Rank:	19,967
Threat Level:	20 % (Normal)
Infected Computers:	4,124

First Seen:	September 21, 2012
Last Seen:	February 22, 2026
OS(es) Affected:	Windows

Sendori is a potentially unwanted program, which claims to enhance web browsing activity by correcting misspelled web addresses. However, there are many web users who state that Sendori is damaging and call it a virus because it may be downloaded without the computer user's awareness packaged with other applications, mainly free programs. Sendori may also start performing annoying activities on the corrupted PC, such as result in irritating Internet browser diversions and disable JavaScript. Sendori may also result in slow downs of the affected PC and show commercial pop-up ads on the desktop of the attacked PC. Symptoms like disturbing Internet browser diversions and similar problems may cause more computer problems. PC users can download Sendori either from its official website or packaged with other programs, mainly free tools. If computer users want not to install Sendori on their PCs unknowingly, they should carefully follow the installation process when downloading software products on the PC from the web.

Table of Contents

Aliases

1 security vendors flagged this file as malicious.

Antivirus Vendor	Detection
AVG	Sendori.D5D

SpyHunter Detects & Remove Sendori

File System Details

Sendori may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	SendoriSvc.exe#2EFC4C0BCD7430E6	0d351368204f4302a5420276c1605983	151
Name: SendoriSvc.exe#2EFC4C0BCD7430E6 MD5: 0d351368204f4302a5420276c1605983 Size: 98.16 KB (98168 bytes) Detections: 151 Path: C:\7279455e49c9f264afd96f\AdwCleaner\Quarantine\v1\20180728.193923\182\Sendori\SendoriSvc.exe#2EFC4C0BCD7430E6 Group: Malware file Last Updated: December 16, 2021
2.	SendoriTray.exe#47BE666000C3B187	6cfdf39d074540a069b0f90c706e5eb4	125
Name: SendoriTray.exe#47BE666000C3B187 MD5: 6cfdf39d074540a069b0f90c706e5eb4 Size: 74.61 KB (74616 bytes) Detections: 125 Path: C:\7279455e49c9f264afd96f\AdwCleaner\Quarantine\v1\20180728.193923\182\Sendori\SendoriTray.exe#47BE666000C3B187 Group: Malware file Last Updated: December 16, 2021
3.	Uninstall.exe	b6d85c45f5a38668bd16b12d1fd8280e	15
Name: Uninstall.exe MD5: b6d85c45f5a38668bd16b12d1fd8280e Size: 503.8 KB (503808 bytes) Detections: 15 Type: Executable File Path: %PROGRAMFILES(x86)%\Sendori Group: Malware file Last Updated: March 10, 2014
4.	Sendori.Service.exe	94b9c94cff09a36a53e5e43b5243c34a	15
Name: Sendori.Service.exe MD5: 94b9c94cff09a36a53e5e43b5243c34a Size: 19.74 KB (19744 bytes) Detections: 15 Type: Executable File Path: %PROGRAMFILES(x86)%\Sendori Group: Malware file Last Updated: March 10, 2014
5.	sndappv2.exe	7cf00506ab20f82d588ed5d16e9efab2	15
Name: sndappv2.exe MD5: 7cf00506ab20f82d588ed5d16e9efab2 Size: 3.62 MB (3623200 bytes) Detections: 15 Type: Executable File Path: %PROGRAMFILES(x86)%\Sendori Group: Malware file Last Updated: March 10, 2014
6.	SendoriTray.exe	1c33446d9b2f10ade8eb010c49adfb86	4
Name: SendoriTray.exe MD5: 1c33446d9b2f10ade8eb010c49adfb86 Size: 83.23 KB (83232 bytes) Detections: 4 Type: Executable File Path: %PROGRAMFILES%\Sendori Group: Malware file Last Updated: March 10, 2014

More files

Registry Details

Sendori may create the following registry entry or registry entries:

Regexp file mask

%WINDIR%\System32\Sendori[NUMBERS].dll

%WINDIR%\SysWOW64\Sendori[NUMBERS].dll

HKEY..\..\..\..{RegistryKeys}

SOFTWARE\Dyn\Installed\Sendori

SOFTWARE\Microsoft\Tracing\Sendori_RASAPI32

SOFTWARE\Microsoft\Tracing\Sendori_RASMANCS

SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Sendori Tray

Software\Sendori

SOFTWARE\Wow6432Node\Dyn\Installed\Sendori

SOFTWARE\Wow6432Node\Microsoft\Tracing\Sendori_RASAPI32

SOFTWARE\Wow6432Node\Microsoft\Tracing\Sendori_RASMANCS

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\Sendori Tray

SOFTWARE\Wow6432Node\Sendori

SYSTEM\ControlSet001\services\Application Sendori

SYSTEM\ControlSet001\services\eventlog\Application\SendoriService

SYSTEM\ControlSet001\services\eventlog\SendoriLogs

SYSTEM\ControlSet001\services\Service Sendori

SYSTEM\CurrentControlSet\services\Application Sendori

SYSTEM\CurrentControlSet\services\eventlog\Application\SendoriService

SYSTEM\CurrentControlSet\services\eventlog\SendoriLogs

SYSTEM\CurrentControlSet\services\Service Sendori

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

Sendori

Directories

Sendori may create the following directory or directories:

%ALLUSERSPROFILE%\Sendori

%PROGRAMFILES%\Sendori

%PROGRAMFILES(X86)%\Sendori

Analysis Report

General information

Family Name:	Adware.Sendori
Signature status:	Self Signed

Known Samples

MD5: 5cc56828d759a95560f7ea17d0439533

SHA1: 63572bdf62e4fefd147e60816ac793efdb3dc8cd

SHA256: D712784B5B6927DBDE2EC848F5EEDD416E4C4A512ABFF79F0D185ED0A4FC0D34

File Size: 718.74 KB, 718736 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)

IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Company Name	Sendori, Inc.
File Description	Sendori
File Version	1.1.7.0
Internal Name	SendoriSetup.exe
Legal Copyright	© Sendori, Inc. All rights reserved.
Legal Trademark	Sendori
Product Name	Sendori

Digital Signatures

Signer	Root	Status
Sendori, Inc	VeriSign Class 3 Code Signing 2010 CA	Self Signed

Files Modified

File	Attributes
\device\namedpipe\gmdasllogger	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsha6cb.tmp\inetc.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsha6cb.tmp\installoptions.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsha6cb.tmp\iospecial.ini	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\nsha6cb.tmp\iospecial.ini	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsha6cb.tmp\modern-header.bmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsha6cb.tmp\modern-wizard.bmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsha6cb.tmp\system.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsha6cb.tmp\version.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\telemetry.txt	Generic Write,Read Attributes

Registry Modifications

Key::Value	Data	API Name
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\content::cacheprefix		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\cookies::cacheprefix	Cookie:	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\history::cacheprefix	Visited:	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet		RegNtPreCreateKey

HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect

RegNtPreCreateKey

Windows API Usage

Category	API
Other Suspicious	AdjustTokenPrivileges
Network Wininet	HttpOpenRequest HttpQueryInfo HttpSendRequest InternetConnect InternetOpen InternetQueryOption InternetSetOption

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Sendori

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove Sendori

File System Details

Registry Details

Directories

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

Digital Signatures

Digital Signatures

Files Modified

Files Modified

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Submit Comment

Trending

C-germany.com

Suinalel.co.in

Antivirat.com

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

How to Fix 'macOS cannot verify that this app is...

Discord Shows Black Screen when Sharing Screen