What is Cinema-DPlus2?

Cinema-DPlus2 is software application developed by Bright circle investments Ltd.. It is most commonly found on computers running Windows 10 with nearly 66.67% of installations running this operating system. Cinema-DPlus2's installer is typically 11.00 MB in size and installs around 33 files. The most common release is 1.34.7.1 with 66.67% of all installations currently using this version.

Cinema-DPlus2 is most popular in the United States with 100.00% of installations residing in this country.

About Cinema-DPlus2?

Cinema-DPlus is a web browser extension supported by advertising, which may be bundled with potentially unwanted software offers by third-party download managers to generate revenue through installations. Upon installation, this program serves a variety of advertisements, including banners, text hyperlinks, inline text ads, and transitional formats, within the user's web browser, without affiliation or endorsement from the visited websites. Moreover, the software interacts with remote servers to track the user's browsing activities, including URLs and domains visited, to customize its ad content. Furthermore, the End User License Agreement (EULA) states that the advertisements may be tailored based on the user's browsing queries, information processed by the software, or other data collected during its usage. It is important to note that the program's uninstaller may not remove all elements of the software, resulting in persistent ads post-removal in some instances.

Multiple virus scanners have detected malware in Cinema-DPlus2.

d3b8531c-0be0-4228-8a58-264f0b468dc4-5.exe (MD5: afaa26d03b47fc1e6e5144562410ae4f) has been flagged by 12 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.07.18.00	PUP/Win32.CrossRider
Avira AntiVir	7.11.162.94	ADWARE/CrossRider.Gen2
AVG	14.0.0.3986	Generic.332
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.bAH
ESET-NOD32	10113	a variant of Win32/Toolbar.CrossRider.AH
Jiangmin	16.0.100	Adware/Adload.ayo
NANO AntiVirus	0.28.2.60881	Riskware.Win32.AdLoad.dbdtou
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
VIPRE Antivirus	31352	Crossrider (fs)
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
Sophos	4.98.0	AppRider
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad

d3b8531c-0be0-4228-8a58-264f0b468dc4-2.exe (MD5: e256d530ffaad458a7c45988481ef2fa) has been flagged by 13 scanners:

Scanner Software	Version	Result
Avira AntiVir	7.11.162.94	Adware/CrossRider.A.20191
AVG	14.0.0.3986	Generic_r.OG
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.BAJ
ESET-NOD32	10114	a variant of Win32/Toolbar.CrossRider.AJ
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
Jiangmin	16.0.100	Adware/Adload.ayl
NANO AntiVirus	0.28.2.60881	Riskware.Win32.AdLoad.dbdtnp
Sophos	4.98.0	AppRider
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad
VIPRE Antivirus	31356	Crossrider (fs)
Agnitum Outpost	5.5.1.3	PUA.AdLoad!
AhnLab-V3	2014.07.16.00	PUP/Win32.Toolbar
Panda Antivirus	10.0.3.5	Trj/Genetic.gen

Cinema-DPlus2-nova.exe (MD5: 3319e55cf6aae225666cfe321156daa2) has been flagged by 13 scanners:

Scanner Software	Version	Result
Agnitum Outpost	5.5.1.3	PUA.AdLoad!
AhnLab-V3	2014.07.16.00	PUP/Win32.Toolbar
AVG	14.0.0.3986	Generic_r.PD
ESET-NOD32	10102	a variant of Win32/Toolbar.CrossRider.AE
Jiangmin	16.0.100	Adware/Adload.aym
NANO AntiVirus	0.28.2.60881	Riskware.Win32.AdLoad.dbdtmc
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad
VIPRE Antivirus	31306	Crossrider (fs)
Avira AntiVir	7.11.162.94	ADWARE/CrossRider.Gen2
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.bAH
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
Sophos	4.98.0	AppRider

Cinema-DPlus2-codedownloader.exe (MD5: d1f90dfeaffb5b2c93ba562009d28d36) has been flagged by 24 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.07.21.03	PUP/Win32.PlusHD
Avira AntiVir	7.11.163.68	Adware/CrossRider.A.19981
AVG	14.0.0.3986	Generic_r.OE
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.bAJ
Clam AntiVirus	0.98.4.0	Win.Adware.Agent-7332
ESET-NOD32	10130	a variant of Win32/Toolbar.CrossRider.AJ
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
Jiangmin	16.0.100	Adware/Adload.ayq
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Generic.a.(kcloud)
Malwarebytes	1.75.0.1	PUP.Optional.CinemaHD.A
NANO AntiVirus	0.28.2.60881	Riskware.Win32.AdLoad.dbdvli
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Sophos	4.98.0	AppRider
Symantec	20131.1.5.61	Trojan.ADH.2
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad
VIPRE Antivirus	31466	Crossrider (fs)
Fortinet FortiGate	5.1.152.0	Riskware/Toolbar_CrossRider
McAfee	6.0.4.564	Artemis!707A540634CB
McAfee-GW-Edition	2013	Artemis!707A540634CB
Qihoo-360	1.0.0.1015	HEUR/Malware.QVM10.Gen
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0716
K7 AntiVirus	9.181.12806	Trojan ( 0049bfb71 )
K7GW	9.181.12806	Trojan ( 0049bfb71 )
Agnitum Outpost	5.5.1.3	PUA.AdLoad!

488083f6-732e-4e87-8010-06572f9544e2-4.exe (MD5: 6ed9ef2f7797adc8a822ddb1c2bd8aec) has been flagged by 25 scanners:

Scanner Software	Version	Result
Avira AntiVir	7.11.163.116	Adware/CrossRider.A.20267
AVG	2015.0.3390	Brightcircle
Comodo Security	18939	ApplicUnwnt
ESET-NOD32	8.10138	a variant of Win32/Toolbar.CrossRider.AK
Fortinet FortiGate	8/7/2014	Riskware/Toolbar_CrossRider
Jiangmin	KV140807	Adware/Adload.ayn
K7 AntiVirus	13.181.12806	Trojan
K7GW	13.181.12806	Trojan ( 0049c2a41 )
Kingsoft AntiVirus	331020.49267	Win32.Troj.Generic.a.(kcloud)
Malwarebytes	v2014.08.07.09	PUP.Optional.CinemaHD.A
McAfee	5600.7046	Artemis!6ED9EF2F7797
McAfee-GW-Edition	7.7046	Artemis!6ED9EF2F7797
NANO AntiVirus	0.28.2.60990	Riskware.Win32.AdLoad.dbdtnn
Panda Antivirus	14.08.07.09	Trj/Genetic.gen
Qihoo-360	1.0.0.1015	HEUR/Malware.QVM10.Gen
Sophos	4.98	Generic PUA PG
TrendMicro-HouseCall	7.2.219	Suspicious_GEN.F47V0716
VIPRE Antivirus	31510	Crossrider (fs)
AhnLab-V3	2014.07.21.03	PUP/Win32.PlusHD
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.bAJ
Clam AntiVirus	0.98.4.0	Win.Adware.Agent-7332
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
Symantec	20131.1.5.61	Trojan.ADH.2
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad
Agnitum Outpost	5.5.1.3	PUA.AdLoad!

Startup Entries

Startup tasks:

d3b8531c-0be0-4228-8a58-264f0b468dc4-5.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-5.
d3b8531c-0be0-4228-8a58-264f0b468dc4-4.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-4.
d3b8531c-0be0-4228-8a58-264f0b468dc4-11.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-3.
d3b8531c-0be0-4228-8a58-264f0b468dc4-2.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-2.
Cinema-DPlus2-codedownloader.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-1.
Cinema-DPlus2-nova.exe is automatically launched at startup through a scheduled task named 488083f6-732e-4e87-8010-06572f9544e2-7.

Software Details

URL:

https://crossrider.com/install/59568-plus-hd-v1-8

Support:

–

Installation path:

C:\Program Files\cinema-dplus2

Uninstaller:

C:\Program Files\Cinema-DPlus2\Uninstall.exe /fcp=1

Size:

11.00 MB

Language:

English

Cinema-DPlus2 Executable Details

Primary executable:

utils.exe

Name:

Cinema-DPlus2

Path:

C:\Program Files\cinema-dplus2\utils.exe

MD5:

–

SHA-1:

–

SHA-256:

–

File Type

Filename

MD5

DLL

newtonsoft.json.dll

0900b6c72905788aca613f89fe739bd3

EXE

uninstall.exe

9c36f379642e96e4cfe95d469999c7ca

DLL

Interop.IWshRuntimeLibrary.dll

9a186cc64d611d805919604d868ff373

DLL

WebSocket4Net.dll

2bacb91f06053bd43a8f34de42ace215

EXE

utils.exe

a0bdc8051a740904d9e5f24d697f6875

DLL

SuperSocket.ClientEngine.Protocol.dll

6e3e2abeddfcae4a4a4f55f5e82994f4

DLL

SuperSocket.ClientEngine.Core.dll

7dec11c8a007d247929533fa0013044e

DLL

SuperSocket.ClientEngine.Common.dll

86c137235d9538df10a9f1a9a11f7606

DLL

Cinema-DPlus2-nova.dll

444f13966810a2cd8c0ab3fd2bd153ef

EXE

d3b8531c-0be0-4228-8a58-264f0b468dc4-5.exe

Adware

afaa26d03b47fc1e6e5144562410ae4f