What is Cinema-DPlus2?

Cinema-DPlus2 is software application developed by Bright circle investments Ltd.. It is most commonly found on computers running Windows 10 with nearly 66.67% of installations running this operating system. Cinema-DPlus2's installer is typically 11.00 MB in size and installs around 33 files. The most common release is 1.34.7.1 with 66.67% of all installations currently using this version.

Cinema-DPlus2 is most popular in the United States with 100.00% of installations residing in this country.

About Cinema-DPlus2?

Cinema-DPlus is a web browser extension supported by advertising, which may be bundled with potentially unwanted software offers by third-party download managers to generate revenue through installations. Upon installation, this program serves a variety of advertisements, including banners, text hyperlinks, inline text ads, and transitional formats, within the user's web browser, without affiliation or endorsement from the visited websites. Moreover, the software interacts with remote servers to track the user's browsing activities, including URLs and domains visited, to customize its ad content. Furthermore, the End User License Agreement (EULA) states that the advertisements may be tailored based on the user's browsing queries, information processed by the software, or other data collected during its usage. It is important to note that the program's uninstaller may not remove all elements of the software, resulting in persistent ads post-removal in some instances.

Multiple virus scanners have detected malware in Cinema-DPlus2.

d3b8531c-0be0-4228-8a58-264f0b468dc4-5.exe (MD5: afaa26d03b47fc1e6e5144562410ae4f) has been flagged by 12 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.07.18.00	PUP/Win32.CrossRider
Avira AntiVir	7.11.162.94	ADWARE/CrossRider.Gen2
AVG	14.0.0.3986	Generic.332
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.bAH
ESET-NOD32	10113	a variant of Win32/Toolbar.CrossRider.AH
Jiangmin	16.0.100	Adware/Adload.ayo
NANO AntiVirus	0.28.2.60881	Riskware.Win32.AdLoad.dbdtou
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
VIPRE Antivirus	31352	Crossrider (fs)
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
Sophos	4.98.0	AppRider
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad

d3b8531c-0be0-4228-8a58-264f0b468dc4-2.exe (MD5: e256d530ffaad458a7c45988481ef2fa) has been flagged by 13 scanners:

Scanner Software	Version	Result
Avira AntiVir	7.11.162.94	Adware/CrossRider.A.20191
AVG	14.0.0.3986	Generic_r.OG
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.BAJ
ESET-NOD32	10114	a variant of Win32/Toolbar.CrossRider.AJ
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
Jiangmin	16.0.100	Adware/Adload.ayl
NANO AntiVirus	0.28.2.60881	Riskware.Win32.AdLoad.dbdtnp
Sophos	4.98.0	AppRider
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad
VIPRE Antivirus	31356	Crossrider (fs)
Agnitum Outpost	5.5.1.3	PUA.AdLoad!
AhnLab-V3	2014.07.16.00	PUP/Win32.Toolbar
Panda Antivirus	10.0.3.5	Trj/Genetic.gen

Cinema-DPlus2-nova.exe (MD5: 3319e55cf6aae225666cfe321156daa2) has been flagged by 13 scanners:

Scanner Software	Version	Result
Agnitum Outpost	5.5.1.3	PUA.AdLoad!
AhnLab-V3	2014.07.16.00	PUP/Win32.Toolbar
AVG	14.0.0.3986	Generic_r.PD
ESET-NOD32	10102	a variant of Win32/Toolbar.CrossRider.AE
Jiangmin	16.0.100	Adware/Adload.aym
NANO AntiVirus	0.28.2.60881	Riskware.Win32.AdLoad.dbdtmc
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad
VIPRE Antivirus	31306	Crossrider (fs)
Avira AntiVir	7.11.162.94	ADWARE/CrossRider.Gen2
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.bAH
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
Sophos	4.98.0	AppRider

Cinema-DPlus2-codedownloader.exe (MD5: d1f90dfeaffb5b2c93ba562009d28d36) has been flagged by 24 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.07.21.03	PUP/Win32.PlusHD
Avira AntiVir	7.11.163.68	Adware/CrossRider.A.19981
AVG	14.0.0.3986	Generic_r.OE
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.bAJ
Clam AntiVirus	0.98.4.0	Win.Adware.Agent-7332
ESET-NOD32	10130	a variant of Win32/Toolbar.CrossRider.AJ
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
Jiangmin	16.0.100	Adware/Adload.ayq
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Generic.a.(kcloud)
Malwarebytes	1.75.0.1	PUP.Optional.CinemaHD.A
NANO AntiVirus	0.28.2.60881	Riskware.Win32.AdLoad.dbdvli
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Sophos	4.98.0	AppRider
Symantec	20131.1.5.61	Trojan.ADH.2
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad
VIPRE Antivirus	31466	Crossrider (fs)
Fortinet FortiGate	5.1.152.0	Riskware/Toolbar_CrossRider
McAfee	6.0.4.564	Artemis!707A540634CB
McAfee-GW-Edition	2013	Artemis!707A540634CB
Qihoo-360	1.0.0.1015	HEUR/Malware.QVM10.Gen
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0716
K7 AntiVirus	9.181.12806	Trojan ( 0049bfb71 )
K7GW	9.181.12806	Trojan ( 0049bfb71 )
Agnitum Outpost	5.5.1.3	PUA.AdLoad!

488083f6-732e-4e87-8010-06572f9544e2-4.exe (MD5: 6ed9ef2f7797adc8a822ddb1c2bd8aec) has been flagged by 25 scanners:

Scanner Software	Version	Result
Avira AntiVir	7.11.163.116	Adware/CrossRider.A.20267
AVG	2015.0.3390	Brightcircle
Comodo Security	18939	ApplicUnwnt
ESET-NOD32	8.10138	a variant of Win32/Toolbar.CrossRider.AK
Fortinet FortiGate	8/7/2014	Riskware/Toolbar_CrossRider
Jiangmin	KV140807	Adware/Adload.ayn
K7 AntiVirus	13.181.12806	Trojan
K7GW	13.181.12806	Trojan ( 0049c2a41 )
Kingsoft AntiVirus	331020.49267	Win32.Troj.Generic.a.(kcloud)
Malwarebytes	v2014.08.07.09	PUP.Optional.CinemaHD.A
McAfee	5600.7046	Artemis!6ED9EF2F7797
McAfee-GW-Edition	7.7046	Artemis!6ED9EF2F7797
NANO AntiVirus	0.28.2.60990	Riskware.Win32.AdLoad.dbdtnn
Panda Antivirus	14.08.07.09	Trj/Genetic.gen
Qihoo-360	1.0.0.1015	HEUR/Malware.QVM10.Gen
Sophos	4.98	Generic PUA PG
TrendMicro-HouseCall	7.2.219	Suspicious_GEN.F47V0716
VIPRE Antivirus	31510	Crossrider (fs)
AhnLab-V3	2014.07.21.03	PUP/Win32.PlusHD
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.bAJ
Clam AntiVirus	0.98.4.0	Win.Adware.Agent-7332
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
Symantec	20131.1.5.61	Trojan.ADH.2
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad
Agnitum Outpost	5.5.1.3	PUA.AdLoad!

Startup Entries

Startup tasks:

d3b8531c-0be0-4228-8a58-264f0b468dc4-5.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-5.
d3b8531c-0be0-4228-8a58-264f0b468dc4-4.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-4.
d3b8531c-0be0-4228-8a58-264f0b468dc4-11.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-3.
d3b8531c-0be0-4228-8a58-264f0b468dc4-2.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-2.
Cinema-DPlus2-codedownloader.exe is automatically launched at startup through a scheduled task named d3b8531c-0be0-4228-8a58-264f0b468dc4-1.
Cinema-DPlus2-nova.exe is automatically launched at startup through a scheduled task named 488083f6-732e-4e87-8010-06572f9544e2-7.

Software Details

URL:

https://crossrider.com/install/59568-plus-hd-v1-8

Support:

–

Installation path:

C:\Program Files\cinema-dplus2

Uninstaller:

C:\Program Files\Cinema-DPlus2\Uninstall.exe /fcp=1

Size:

11.00 MB

Language:

English

Cinema-DPlus2 Executable Details

Primary executable:

utils.exe

Name:

Cinema-DPlus2

Path:

C:\Program Files\cinema-dplus2\utils.exe

MD5:

–

SHA-1:

–

SHA-256:

–

File Type

Filename

MD5

EXE

ae20f62a-d9b9-462a-9f4c-b3485437411c-4.exe

f097fa33c0abac9cb34d71f5e51733cd

EXE

488083f6-732e-4e87-8010-06572f9544e2-5.exe

74b203d1d965c1224497e4d373d9d056

EXE

488083f6-732e-4e87-8010-06572f9544e2-4.exe

Malware

6ed9ef2f7797adc8a822ddb1c2bd8aec

EXE

488083f6-732e-4e87-8010-06572f9544e2-3.exe

Toolbar

707a540634cbf07fc0b01cd2a1b45379

EXE

488083f6-732e-4e87-8010-06572f9544e2-2.exe

Malware

07d5b8a13285fb2aa02ca45844ef6a60

EXE

488083f6-732e-4e87-8010-06572f9544e2-10.exe

Toolbar

554147d4a9fcadca7e6ebe0db2350e6a

EXE

1e65abd1-8795-4e31-be22-d86b298e982e-5.exe

7b4013102a8ec152c7b65da193900172

EXE

1e65abd1-8795-4e31-be22-d86b298e982e-4.exe

f25978316e6369eb20723721f12f071a

EXE

1e65abd1-8795-4e31-be22-d86b298e982e-3.exe

5ec8e87e894b16ffd8dd38ce64799158

EXE

1e65abd1-8795-4e31-be22-d86b298e982e-2.exe

26d3f0412f762f9c0980a877ce3d1395