Cinema-DPlus2

Cinema-DPlus2

Known Adware

by Bright circle investments Ltd.

What is Cinema-DPlus2?

Cinema-DPlus2 is software application developed by Bright circle investments Ltd.. It is most commonly found on computers running Windows 10 with nearly 66.67% of installations running this operating system. Cinema-DPlus2's installer is typically 11.00 MB in size and installs around 33 files. The most common release is 1.34.7.1 with 66.67% of all installations currently using this version.

Cinema-DPlus2 is most popular in the United States with 100.00% of installations residing in this country.

About Cinema-DPlus2?

Cinema-DPlus is a web browser extension supported by advertising, which may be bundled with potentially unwanted software offers by third-party download managers to generate revenue through installations. Upon installation, this program serves a variety of advertisements, including banners, text hyperlinks, inline text ads, and transitional formats, within the user's web browser, without affiliation or endorsement from the visited websites. Moreover, the software interacts with remote servers to track the user's browsing activities, including URLs and domains visited, to customize its ad content. Furthermore, the End User License Agreement (EULA) states that the advertisements may be tailored based on the user's browsing queries, information processed by the software, or other data collected during its usage. It is important to note that the program's uninstaller may not remove all elements of the software, resulting in persistent ads post-removal in some instances.

Multiple virus scanners have detected malware in Cinema-DPlus2.

d3b8531c-0be0-4228-8a58-264f0b468dc4-5.exe (MD5: afaa26d03b47fc1e6e5144562410ae4f) has been flagged by 12 scanners:
Scanner Software Result
AhnLab-V3 PUP/Win32.CrossRider
Avira AntiVir ADWARE/CrossRider.Gen2
AVG Generic.332
Baidu-International Adware.Win32.CrossRider.bAH
ESET-NOD32 a variant of Win32/Toolbar.CrossRider.AH
Jiangmin Adware/Adload.ayo
NANO AntiVirus Riskware.Win32.AdLoad.dbdtou
Panda Antivirus Trj/Genetic.gen
VIPRE Antivirus Crossrider (fs)
F-Prot W32/A-eb9ef301!Eldorado
Sophos AppRider
Vba32 AntiVirus AdWare.AdLoad
d3b8531c-0be0-4228-8a58-264f0b468dc4-2.exe (MD5: e256d530ffaad458a7c45988481ef2fa) has been flagged by 13 scanners:
Scanner Software Result
Avira AntiVir Adware/CrossRider.A.20191
AVG Generic_r.OG
Baidu-International Adware.Win32.CrossRider.BAJ
ESET-NOD32 a variant of Win32/Toolbar.CrossRider.AJ
F-Prot W32/A-eb9ef301!Eldorado
Jiangmin Adware/Adload.ayl
NANO AntiVirus Riskware.Win32.AdLoad.dbdtnp
Sophos AppRider
Vba32 AntiVirus AdWare.AdLoad
VIPRE Antivirus Crossrider (fs)
Agnitum Outpost PUA.AdLoad!
AhnLab-V3 PUP/Win32.Toolbar
Panda Antivirus Trj/Genetic.gen
Cinema-DPlus2-nova.exe (MD5: 3319e55cf6aae225666cfe321156daa2) has been flagged by 13 scanners:
Scanner Software Result
Agnitum Outpost PUA.AdLoad!
AhnLab-V3 PUP/Win32.Toolbar
AVG Generic_r.PD
ESET-NOD32 a variant of Win32/Toolbar.CrossRider.AE
Jiangmin Adware/Adload.aym
NANO AntiVirus Riskware.Win32.AdLoad.dbdtmc
Panda Antivirus Trj/Genetic.gen
Vba32 AntiVirus AdWare.AdLoad
VIPRE Antivirus Crossrider (fs)
Avira AntiVir ADWARE/CrossRider.Gen2
Baidu-International Adware.Win32.CrossRider.bAH
F-Prot W32/A-eb9ef301!Eldorado
Sophos AppRider
Cinema-DPlus2-codedownloader.exe (MD5: d1f90dfeaffb5b2c93ba562009d28d36) has been flagged by 24 scanners:
Scanner Software Result
AhnLab-V3 PUP/Win32.PlusHD
Avira AntiVir Adware/CrossRider.A.19981
AVG Generic_r.OE
Baidu-International Adware.Win32.CrossRider.bAJ
Clam AntiVirus Win.Adware.Agent-7332
ESET-NOD32 a variant of Win32/Toolbar.CrossRider.AJ
F-Prot W32/A-eb9ef301!Eldorado
Jiangmin Adware/Adload.ayq
Kingsoft AntiVirus Win32.Troj.Generic.a.(kcloud)
Malwarebytes PUP.Optional.CinemaHD.A
NANO AntiVirus Riskware.Win32.AdLoad.dbdvli
Panda Antivirus Trj/Genetic.gen
Sophos AppRider
Symantec Trojan.ADH.2
Vba32 AntiVirus AdWare.AdLoad
VIPRE Antivirus Crossrider (fs)
Fortinet FortiGate Riskware/Toolbar_CrossRider
McAfee Artemis!707A540634CB
McAfee-GW-Edition Artemis!707A540634CB
Qihoo-360 HEUR/Malware.QVM10.Gen
TrendMicro-HouseCall Suspicious_GEN.F47V0716
K7 AntiVirus Trojan ( 0049bfb71 )
K7GW Trojan ( 0049bfb71 )
Agnitum Outpost PUA.AdLoad!
488083f6-732e-4e87-8010-06572f9544e2-4.exe (MD5: 6ed9ef2f7797adc8a822ddb1c2bd8aec) has been flagged by 25 scanners:
Scanner Software Result
Avira AntiVir Adware/CrossRider.A.20267
AVG Brightcircle
Comodo Security ApplicUnwnt
ESET-NOD32 a variant of Win32/Toolbar.CrossRider.AK
Fortinet FortiGate Riskware/Toolbar_CrossRider
Jiangmin Adware/Adload.ayn
K7 AntiVirus Trojan
K7GW Trojan ( 0049c2a41 )
Kingsoft AntiVirus Win32.Troj.Generic.a.(kcloud)
Malwarebytes PUP.Optional.CinemaHD.A
McAfee Artemis!6ED9EF2F7797
McAfee-GW-Edition Artemis!6ED9EF2F7797
NANO AntiVirus Riskware.Win32.AdLoad.dbdtnn
Panda Antivirus Trj/Genetic.gen
Qihoo-360 HEUR/Malware.QVM10.Gen
Sophos Generic PUA PG
TrendMicro-HouseCall Suspicious_GEN.F47V0716
VIPRE Antivirus Crossrider (fs)
AhnLab-V3 PUP/Win32.PlusHD
Baidu-International Adware.Win32.CrossRider.bAJ
Clam AntiVirus Win.Adware.Agent-7332
F-Prot W32/A-eb9ef301!Eldorado
Symantec Trojan.ADH.2
Vba32 AntiVirus AdWare.AdLoad
Agnitum Outpost PUA.AdLoad!

Startup Entries

Startup tasks:
  • d3b8531c-0be0-4228-8a58-264f0b468dc4-5.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-5.
  • d3b8531c-0be0-4228-8a58-264f0b468dc4-4.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-4.
  • d3b8531c-0be0-4228-8a58-264f0b468dc4-11.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-3.
  • d3b8531c-0be0-4228-8a58-264f0b468dc4-2.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-2.
  • Cinema-DPlus2-codedownloader.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-1.
  • Cinema-DPlus2-nova.exe is automatically launched at startup through a scheduled task named 488083f6-732e-4e87-8010-06572f9544e2-7.

Software Details

URL:
https://crossrider.com/install/59568-plus-hd-v1-8
Support:
–
Installation path:
C:\Program Files\cinema-dplus2
Uninstaller:
C:\Program Files\Cinema-DPlus2\Uninstall.exe /fcp=1
Size:
11.00 MB
Language:
English

Cinema-DPlus2 Executable Details

Primary executable:
utils.exe
Name:
Cinema-DPlus2
Path:
C:\Program Files\cinema-dplus2\utils.exe
MD5:
–
SHA-1:
–
SHA-256:
–
Files installed by Cinema-DPlus2
File Type Filename MD5
EXE
d3b8531c-0be0-4228-8a58-264f0b468dc4-4.exe
f8c2849352edda044cddc165cae82807
EXE
d3b8531c-0be0-4228-8a58-264f0b468dc4-2.exe
Malware
e256d530ffaad458a7c45988481ef2fa
EXE
d3b8531c-0be0-4228-8a58-264f0b468dc4-11.exe
a961abff631eff7547b61e8b91292eaf
EXE
Cinema-DPlus2-novainstaller.exe
cd0e907ff21a661e056df8beb93645e7
EXE
Cinema-DPlus2-nova.exe
Malware
3319e55cf6aae225666cfe321156daa2
EXE
Cinema-DPlus2-codedownloader.exe
Malware
d1f90dfeaffb5b2c93ba562009d28d36
DLL
Cinema-DPlus2-bho64.dll
5a2bdbac6a128f5912553cb2f9d3cf55
DLL
Cinema-DPlus2-bho.dll
930b61e8b379aca858e7ee7ab1abccd2
EXE
Cinema-DPlus2-bg.exe
1b51b6e7e96d81aa8cfb7bf50ee9a831
EXE
ae20f62a-d9b9-462a-9f4c-b3485437411c-5.exe
2d794c1518c47fddd2bfc93dfb103576