» datamngr.dll
Overview
Analysis
File Details
Programs (1)

datamngr.dll

Bandoo Media, Inc.

The module datamngr.dll by Bandoo Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Windows iLivid Toolbar by Bandoo Media Inc which is a potentially unwanted software program.

File name:

datamngr.dll

Publisher:

Bandoo Media, Inc. (signed and verified)

MD5:

8beb4351793a6ec0f5007eb6645748fb

SHA-1:

7cea2623d53194e1d7145271fbff1667e79ff13a

SHA-256:

d196a3835b51292367e1180c5c97e008eee79487c96d71f3bcd2b4bd1b90a96a

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/19/2024 9:09:58 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.BandooToolbar.BandooMedia (M)

16.1.25.1

File size:

1.7 MB (1,779,096 bytes)

File type:

Dynamic link library (Win64 DLL)

Language:

English (United States)

Common path:

C:\Program Files\windows ilivid toolbar\datamngr\x64\datamngr.dll

Digital Signature

Signed by:

Bandoo Media, Inc.

Authority:

Thawte, Inc.

Valid from:

2/24/2011 1:00:00 AM

Valid to:

2/24/2013 12:59:59 AM

Subject:

CN="Bandoo Media, Inc.", O="Bandoo Media, Inc.", L=Panama City, S=Panama, C=PA

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

2C1E0DFD5207FCBA6225F6AE61587068

File PE Metadata

Compilation timestamp:

8/9/2011 8:05:48 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:XLukS6SePabseHGI39xN1pFkci/okkJe+FnAhFCszq9P6wEGkB6Ub:XLukS1Ia5GwxNDRi/9sx6CsiywEGc

Entry address:

0x126954

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, AF, 87, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, AB, FE, FF, FF, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 08, 48, 89, 68, 18, 48, 89, 70, 20, 48, 89, 50, 10, 57, 41, 54, 41, 55, 41, 56, 41, 57, 48, 83, EC, 40, 4D, 8B, 79, 08, 4D, 8B, 21, 49, 8B, 71, 38, 4D, 2B, E7, F6, 41, 04, 66, 4D, 8B, F1, 48, 8B, EA, 4C, 8B, E9, 0F, 85, DC, 00, 00... 
[+]

Code size:

1.3 MB (1,364,480 bytes)

The file datamngr.dll has been discovered within the following program.

Windows iLivid Toolbar by Bandoo Media Inc

This toolbar is typiclaly bundled with the installation of the free iLivid software. Windows iLivid Toolbar by Bandoo for Intenet Explorer collects and stores information about your web browsing habits in order to suggest services or provide advertising via the toolbar.

www.ilivid.com

79% remove it

Remove datamngr.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.