home

uninstall.exe

Digit Network (Extreme White Limited)

The application uninstall.exe by Digit Network (Extreme White Limited) has been detected as adware by 17 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program Cinemax Plus 1.9cV28.05 by Cinema PlusV28.05. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Publisher:
Digit Network (Extreme White Limited)  (signed and verified)

MD5:
3a32e4f4e05b97359226bf479142abcf

SHA-1:
245724e40f76a9e473a2c88dde5621b4118fb8b2

SHA-256:
8ae1d9e8b73621ad17f07ff1613164e878a813d28ae78630d29d433bee91aef1

Scanner detections:
17 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/26/2024 12:28:04 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Application.Heur.hqX@lKHzZdji
5575765

AhnLab V3 Security
PUP/Win32.CrossRider
2015.05.29

Avira AntiVirus
ADWARE/CrossRider.Gen7
8.3.1.6

AVG
Crossrider
2016.0.3095

Bitdefender
Gen:Application.Heur.hqX@lKHzZdji
1.0.20.740

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
Application.Win32.InstallCore.GIFI
22258

Emsisoft Anti-Malware
Gen:Application.Heur.hqX@lKHzZdji
10.0.0.5366

F-Secure
Riskware.Gen:Application.Heur.hqX@lKHzZdji
5.14.151

G Data
Gen:Application.Heur.hqX@lKHzZdji
15.5.25

IKARUS anti.virus
Gen.Application.Heur
t3scan.1.9.2.0

K7 AntiVirus
Unwanted-Program
13.204.16062

Malwarebytes
PUP.Optional.CrossRider.A
v2015.05.28.05

MicroWorld eScan
Gen:Application.Heur.hqX@lKHzZdji
16.0.0.444

Panda Antivirus
Generic Suspicious
15.05.28.05

Reason Heuristics
PUP.ExtremeWhite.Installer
15.5.28.13

Rising Antivirus
PE:Malware.Obscure!1.9C59
23.00.65.15526

File size:
122.6 KB (125,520 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\cinemax plus 1.9cv28.05\uninstall.exe

Digital Signature
Signed by:
Digit Network (Extreme White Limited)

Authority:
COMODO CA Limited

Valid from:
4/15/2015 2:00:00 AM

Valid to:
4/15/2016 1:59:59 AM

Subject:
CN=Digit Network (Extreme White Limited), O=Digit Network (Extreme White Limited), STREET=Tassou Papadopulu 6 (flat/office 22), L=Nicosia, S=Agios Dometios, PostalCode=2373, C=CY

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F39F5E5096779B72822CF8381166A432

File PE Metadata
Compilation timestamp:
5/28/2015 2:04:41 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:D4gK1zdwp9qgADDDvfnzu2m7yrsroJIsLZR41ARNwuMxacdfEc1HksboJsWjcdKO:9SGuS7yrIXslalvdvHksb7KO3OmpwvYH

Entry address:
0x9BAD

Entry point:
E8, 01, 68, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, F8, D3, 41, 00, E8, 2D, 0A, 00, 00, E8, DA, 31, 00, 00, 0F, B7, F0, 6A, 02, E8, 94, 67, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 75, 61, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Code size:
89 KB (91,136 bytes)

Program Uninstaller
Program name:
Cinemax Plus 1.9cV28.05

Display publisher:
Cinema PlusV28.05

Display version:
1.36.01.22

Uninstall string:
C:\Program Files\Cinemax Plus 1.9cV28.05\Uninstall.exe /fcp=1 /runexe='C:\Program Files\Cinemax Plus 1.9cV28.05\UninstallBrw.exe' /url='http://notif.lockmaprack.com/notf_sys/index.html' /brwtype='uni'


Remove uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.