Should I block it?

90%
90% of PCs block this file from running.
Possible reason:
Multiple malware detections

VersionsAdditional versions

d1a5e 6.45%
4a483 6.45%
c9847 3.23%
701de 3.23%
3a94a 6.45%
9e734 3.23%
f3610 9.68%
51bf8 9.68%
3808a 3.23%
65601 6.45%
e192b 3.23%
b144d 6.45%
24573 16.13%
5932e 3.23%
8ecad 3.23%
3eb9e 3.23%
21b1f 3.23%
344ad 3.23%
(Note, Bandoo Media publishes each variation of this file with the same version, but the hashes are unique.)

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegSetValueExW, LookupAccountNameW, ConvertSidToStringSidW, RegCreateKeyExW, IsValidSid, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegSetValueExA, RegEnumKeyExW, RegQueryInfoKeyW, RegCloseKey, RegQueryValueExA, RegQueryValueExW, RegOpenKeyExW
dbghelp.dll
ImageNtHeader
kernel32.dll
IsBadWritePtr, TlsGetValue, TlsSetValue, GetCurrentThreadId, TlsAlloc, GetCurrentThread, GetCommandLineW, CreateEventW, CreateSemaphoreA, GetSystemTimeAsFileTime, ReleaseSemaphore, OpenMutexW, PulseEvent, GetCurrentProcessId, WaitForMultipleObjects, GetProcessHeap, HeapFree, LocalFree, HeapAlloc, LoadLibraryA, DuplicateHandle, GetCurrentProcess, lstrlenW, CopyFileW, DeleteFileW, FreeLibrary, VirtualQuery, SetLastError, GetModuleHandleA, VirtualAlloc, InterlockedCompareExchange, ResumeThread, FlushInstructionCache, GetThreadContext, SetThreadContext, SuspendThread, WideCharToMultiByte, OpenEventW, lstrlenA, GetModuleFileNameW, Sleep, InitializeCriticalSection, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, GetVersionExW, AreFileApisANSI, SetFilePointer, SetEndOfFile, FlushFileBuffers, UnlockFile, LockFile, GetFileAttributesA, DeleteFileA, GetFileAttributesW, LoadLibraryW, QueryPerformanceCounter, GetTickCount, GetSystemTime, LockFileEx, GetTempPathA, GetTempPathW, FormatMessageA, FormatMessageW, GetFullPathNameA, GetFullPathNameW, GetDiskFreeSpaceA, GetDiskFreeSpaceW, CreateFileA, DeviceIoControl, WriteFile, ReadFile, GetLastError, GetFileSize, GetDateFormatA, CreateFileW, GetProcAddress, GetModuleHandleW, RemoveVectoredExceptionHandler, InterlockedExchange, VirtualProtect, IsBadReadPtr, AddVectoredExceptionHandler, SetEvent, CreateEventA, CloseHandle, WaitForSingleObject, GetTimeFormatA, MultiByteToWideChar, SetEnvironmentVariableA, InterlockedIncrement, InterlockedDecrement, GetStringTypeW, EncodePointer, DecodePointer, HeapDestroy, HeapReAlloc, HeapSize, TlsFree, OpenEventA, ResetEvent, SystemTimeToFileTime, SetWaitableTimer, CreateWaitableTimerA, GetUserDefaultLCID, GetStringTypeExA, LCMapStringA, LCMapStringW, GetCommandLineA, RaiseException, RtlUnwind, GetCPInfo, ExitThread, CreateThread, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, ExitProcess, GetStdHandle, GetLocaleInfoW, IsProcessorFeaturePresent, HeapCreate, GetACP, GetOEMCP, IsValidCodePage, SetHandleCount, InitializeCriticalSectionAndSpinCount, GetFileType, GetStartupInfoW, GetModuleFileNameA, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetTimeZoneInformation, GetLocaleInfoA, EnumSystemLocalesA, IsValidLocale, GetConsoleCP, GetConsoleMode, SetStdHandle, WriteConsoleW, CompareStringW, FindClose, FindFirstFileW, lstrcpyW, lstrcatW, FindNextFileW, LocalAlloc
ntdll.dll
ZwClose, RtlCreateUserThread, NtQueryInformationProcess, NtAllocateVirtualMemory, NtFreeVirtualMemory
user32.dll
LoadStringA, GetWindowThreadProcessId, FindWindowExW
version.dll
GetFileVersionInfoW, GetFileVersionInfoSizeW, VerQueryValueW
wtsapi32.dll
WTSQuerySessionInformationW, WTSFreeMemory

datamngr.dll

By Bandoo Media (Signed)

Remove datamngr.dll
MD5:   344adc6927408c5b60165e20fbb8ce3f
SHA1:   d2f71452c2f8f09645f4ba269e7c503aede6f5a5
SHA256:   f64bc54926bb2816e0c16bdbf751deca2e58e42d3acdeb1200109b88db2d08a7
Warning 3 antivirus scanners has detected malware.

What is datamngr.dll?

Searchqu Toolbar is a browser add-on which adds various shortcuts and other buttons to your Internet browsers such as Internet Explorer, FireFox, Google Chrome. Some PC users may find such shortcuts useful but Searchqu Toolbar can be categorized as an unwanted program because it's deceptive ways of installation and not full uninstall procedures. When installed on your PC this toolbar by default will change your homepage to searchnu.com.

About datamngr.dll (from Bandoo Media)

Windows Searchqu Toolbar is an Internet browser toolbar that offers helpful search suggestions as the user types keywords into the search box. Additionally, it catches misspelled words and suggests a

DetailsDetails

File name:datamngr.dll
Typical file path:C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngr.dll
Size:1.47 MB (1,540,096 bytes)
Certificate
Issued to:Bandoo Media
Authority (CA):Thawte
Expiration date:Friday, November 2, 2012
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

MalwareMalware detections

Based on 40+ industry antivirus scanners, 3 of them detected the following malware.
Antivirus engineEngine versionDetection
Dr.Web 8.13.9.29 Adware.BGuard.14
ESET NOD32 7.8670 a variant of Win32/Toolbar.SearchSuite.C
VIPRE Antivirus 20352 Search-Results

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate N 29.03%
Microsoft Windows XP 19.35%
Windows 7 Home Premium 16.13%
Windows 7 Ultimate 16.13%
Windows 8 Pro 6.45%
Windows Vista Home Basic 6.45%
Windows 7 Home Basic 3.23%
Windows 7 Professional 3.23%

Distribution by countryDistribution by country

United States installs about 37.93% of datamngr.dll.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Toshiba 15.38%
Gateway 15.38%
ASUS 15.38%
Hewlett-Packard 15.38%
Dell 15.38%
Sahara 7.69%
GIGABYTE 7.69%
American Megatrends 7.69%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE