home

CinemaNowShell.EXE

CinemaNow Media Manager

Cinemanow, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘CinemaNowMediaManagerApp’. This is installed with CinemaNow Media Manager.
Publisher:
CinemaNow Inc.  (signed by Cinemanow, Inc.)

Product:
CinemaNow Media Manager

Version:
1, 6, 0, 21

MD5:
6d7fcce5685918bc8db3ee17dd4d7679

SHA-1:
45d443fa4c3c92fbfeb6adccda124a092d1c94a6

SHA-256:
06c03331484800f55daa6530a1793df4788048ff223d61e2cb7956c5f8021f6f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 12:33:25 AM UTC  (today)

File size:
1.9 MB (2,022,248 bytes)

Product version:
1, 6, 0, 21

Copyright:
© 2007-2008

Original file name:
CinemaNowShell.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\cinemanow\cinemanow media manager\cinemanowshell.exe

Digital Signature
Signed by:
Cinemanow, Inc.

Authority:
VeriSign, Inc.

Valid from:
11/1/2006 7:00:00 PM

Valid to:
11/28/2009 5:59:59 PM

Subject:
CN="Cinemanow, Inc.", OU=Cinemanow, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Cinemanow, Inc.", L=Marina Del Rey, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6A30C72FBF0E978D40C946ECBFED0E2A

File PE Metadata
Compilation timestamp:
10/6/2008 6:05:22 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:/tZ3M/s473bJJqApyLAcUyVNxuAadfF0b65Q6g9CoWzURCcozPaeGvgkGvgm:o/satJq4yLQIwAEd0b65Ki5PaeU

Entry address:
0xA9CB8

Entry point:
E8, 91, E7, FB, FF, E9, 16, FE, FF, FF, 8B, 44, 24, 04, 66, 8B, 08, 40, 40, 66, 85, C9, 75, F6, 2B, 44, 24, 04, D1, F8, 48, C3, CC, CC, CC, CC, CC, CC, CC, CC, 53, 57, 33, FF, 8B, 44, 24, 10, 0B, C0, 7D, 14, 47, 8B, 54, 24, 0C, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 10, 89, 54, 24, 0C, 8B, 44, 24, 18, 0B, C0, 7D, 13, 8B, 54, 24, 14, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 18, 89, 54, 24, 14, 0B, C0, 75, 1B, 8B, 4C, 24, 14, 8B, 44, 24, 10, 33, D2, F7, F1, 8B, 44, 24, 0C, F7, F1, 8B, C2, 33, D2, 4F, 79, 4E...
 
[+]

Entropy:
6.8326

Code size:
841.5 KB (861,696 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
CinemaNowMediaManagerApp

Command:
C:\Program Files\cinemanow\cinemanow media manager\cinemanowshell.exe -start


The file CinemaNowShell.EXE has been discovered within the following program.

CinemaNow Media Manager  by CinemaNow, Inc.
CinemaNow Media Manager software, also called CNMM , is installed onto your PC from the HP MediaSmart Installation CD. This software controls the queuing, downloading, and viewing of movies and other videos from CinemaNow.
www.cinemanow.com
About 1% of users remove it
 
Powered by Should I Remove It?

Scan CinemaNowShell.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.