» uninstall.exe
Overview
Analysis
File Details
Behaviors (1)

uninstall.exe

AcDc Project (BrightCircle Investments Limited)

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The application uninstall.exe by AcDc Project (BrightCircle Investments Limited) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is the uninstaller utility registered in the Windows Control Panel for the program Cinema Go Pro 2.3cV08.01 by Cinema ProV08.01. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.

File name:

uninstall.exe

Publisher:

AcDc Project (BrightCircle Investments Limited) (signed and verified)

MD5:

f3794ace35916d08782fdae7f6205afb

SHA-1:

0dd45f69894b406412269ca3794ba1ef4b480253

SHA-256:

48824eefdc47abd5cef40dc8dc536e8c7a79bb56cd578d5fd12e4ecba17f8625

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/5/2025 5:55:29 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Brightcircle (M)

17.3.14.10

File size:

102 KB (104,416 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\cinema go pro 2.3cv08.01\uninstall.exe

Digital Signature

Signed by:

AcDc Project (BrightCircle Investments Limited)

Authority:

COMODO CA Limited

Valid from:

12/1/2014 5:30:00 AM

Valid to:

12/2/2015 5:29:59 AM

Subject:

CN=AcDc Project (BrightCircle Investments Limited), O=AcDc Project (BrightCircle Investments Limited), STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Nicosia, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00BB5CB272841409598560E8776848BBF4

File PE Metadata

Compilation timestamp:

1/8/2015 10:34:20 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

Entry address:

0x86A5

Entry point:

E8, 27, 5D, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, B0, 71, 41, 00, E8, 25, 0A, 00, 00, E8, D2, 31, 00, 00, 0F, B7, F0, 6A, 02, E8, BA, 5C, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 9B, 56, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

6.2778

Code size:

67.5 KB (69,120 bytes)

Program Uninstaller

Program name:

Cinema Go Pro 2.3cV08.01

Display publisher:

Cinema ProV08.01

Display version:

1.35.12.18

Uninstall string:

C:\Program Files\Cinema Go Pro 2.3cV08.01\Uninstall.exe /fcp=1

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.