» hdcinemaplus1.6-bho.dll
Overview
Analysis
File Details

hdcinemaplus1.6-bho.dll

HDCinemaPlus1.6

Robokid Technologies

By using the Crossrider framework, this web extension is loaded in the web browser and displays advertisments on web pages not affiliated by the extension or company. These unwanted advertisements are injected by the extension in the browser in the form of common ad types such as banners and text-links. The module hdcinemaplus1.6-bho.dll, “HDCinemaPlus1.6 BHO” by Robokid Technologies has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is the Browser Helper Object (BHO) for the Crossrider web browser platform for Internet Explorer. Instead of utilizing a traditional IE Toolbar, it installs a BHO in the browser in order to manage the functionality of the addon. It is distributed as part of the Brightcircle group of browser-extensions.

File name:

Publisher:

HDTube (signed by Robokid Technologies)

Product:

HDCinemaPlus1.6

Description:

HDCinemaPlus1.6 BHO

Version:

1.1.153.34

MD5:

356d5f19fdd1b6dc75dd9b4f08dc8e43

SHA-1:

8f93674c5156c94dd26243455cf2488d90f908a1

SHA-256:

4a4e8fb08b66019e5c4a46b1f5622db51fa373b0eecae8f64d7516ae4b277556

Scanner detections:

1 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements. Distributed through the Brightcircle investments brand.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Robokid Technologies.

Analysis date:

4/26/2024 11:24:44 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Crossrider (M)

17.3.15.10

File size:

533.5 KB (546,328 bytes)

Product version:

1.1.153.34

Original file name:

HDCinemaPlus1.6.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\hdcinemaplus1.6\hdcinemaplus1.6-bho.dll

Digital Signature

Signed by:

Robokid Technologies

Authority:

COMODO CA Limited

Valid from:

6/23/2014 2:00:00 AM

Valid to:

6/24/2015 1:59:59 AM

Subject:

CN=Robokid Technologies, O=Robokid Technologies, STREET=Athinodorou 3 Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00ECF35E880AD0F3BC6F82DFB1F2E84CC0

File PE Metadata

Compilation timestamp:

7/14/2014 12:18:19 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

Entry address:

0x3CC67

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 4A, B3, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 20, 3B, 07, 10, E8, BA, 30, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 18, A4, 07, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 20, 4C, 06, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

362.5 KB (371,200 bytes)

Remove hdcinemaplus1.6-bho.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.