DatamngrCoordinator.exe
Datamngr Coordinator by Bandoo Media (Signed)
Warning 10 antivirus scanners has detected malware in various versions of DatamngrCoordinator.exe.
Overview
There are 16 versions of datamngrcoordinator.exe in the wild, the latest version being 5.0.0.12712. It is started as a Windows Service called 'Datamngr Coordinator2' with the name 'DatamngrCoordinator2' and described as “Coordinates Datamngr modules functionality”. . In addition, it is run under the context of the SYSTEM account with extensive privileges (the administrator accounts have the same privileges). The average file size is about 3.24 MB. The file is a digitally signed and issued to Bandoo Media by Thawte. During the process's lifecycle, the typical CPU resource utilization is about 0.0071% including both foreground and background operations, the average private memory consumption is about 5.17 MB with the maximum memory reaching around 11.51 MB. Addionally, typically read and write I/O disk operations is about 1.83 KB per minute for reads and 10.68 KB per minute for writes.
 Details
|
| File name: | datamngrcoordinator.exe |
| Publisher: | Bandoo Media Inc. |
| Product name: | Datamngr Coordinator |
| Typical file path: | C:\Program Files\search results toolbar\datamngr\datamngrcoordinator.exe |
| Certificate |
| Issued to: | Bandoo Media |
| Authority (CA): | Thawte |
| Effective date: | Tuesday, September 18, 2012 |
| Expiration date: | Sunday, November 2, 2014 |
| Windows Service |
| Service name: | DatamngrCoordinator2 |
| Display name: | Datamngr Coordinator2 |
| Description: | “Coordinates Datamngr modules functionality” |
| Type: | Win32OwnProcess, InteractiveProcess |
Behaviors
(Note, the behaviors below are for all versions of datamngrcoordinator.exe, select a unique version for details.)
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
- 'DatamngrCoordinator2' (Datamngr Coordinator2)
- DatamngrCoordinator
- 'DatamngrCoordinator' (Datamngr Coordinator)
Malware detections
Based on 40+ industry antivirus scanners, 10 of them detected the following malware.
| Antivirus engine | Engine version | Detection | File version |
| Comodo Internet Security |
17331 |
Application.Win32.Bandoo.ga |
5.0.0.9396 |
| ESET NOD32 |
7.8816 |
a variant of Win32/Toolbar.SearchSuite.D |
5.0.0.5848 |
| ESET NOD32 |
7.8751 |
a variant of Win32/Toolbar.SearchSuite.D |
5.0.0.8109 |
| ESET NOD32 |
7.8772 |
Win32/Toolbar.SearchSuite.B |
5.0.0.8483 |
| ESET NOD32 |
7.9089 |
a variant of Win32/Toolbar.SearchSuite.D |
5.0.0.9396 |
| Kingsoft |
2013.4.9.267 |
Win32.Troj.Generic.a.(kcloud) |
5.0.0.9396 |
| Malwarebytes |
1.75.0.1 |
PUP.Optional.Bandoo.A |
5.0.0.9396 |
| Sophos |
4.95.0 |
Generic PUA AA |
5.0.0.9396 |
| SUPERAntiSpyware |
5.6.0.1008 |
PUP.SearchResultsToolbar |
5.0.0.6254 |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.F47V0924 |
5.0.0.9396 |
All file variations of datamngrcoordinator.exe
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Ultimate |
34.78% |
|
| Windows 8 Pro |
15.22% |
|
| Windows 7 Home Premium |
13.04% |
|
| Microsoft Windows XP |
10.87% |
|
| Windows 8 Enterprise |
6.52% |
|
| Windows Seven Black Edition |
4.35% |
|
| Windows 7 Professional |
4.35% |
|
| Windows 8 Single Language |
4.35% |
|
| Windows 8 |
4.35% |
|
| Windows 8.1 Single Language |
2.17% |
|
Distribution by country
United States installs about 13.64% of Datamngr Coordinator.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Dell |
24.00% |
|
| Acer |
22.00% |
|
| ASUS |
20.00% |
|
| Hewlett-Packard |
10.00% |
|
| Toshiba |
8.00% |
|
| GIGABYTE |
6.00% |
|
| Sony |
4.00% |
|
| American Megatrends |
4.00% |
|
| Alienware |
2.00% |
|
