» ge-force-bg.exe
Overview
Analysis
File Details
Programs (1)

ge-force-bg.exe

Ge-Force

Naruto Source

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The application ge-force-bg.exe by Naruto Source has been detected as adware by 15 anti-malware scanners. This file is typically installed with the program Ge-Force by Sailor Project which is a potentially unwanted software program. Part of the Corssrider web browser platform, the BG executable is a background process that manage various function of the installed extensions in user's browser including managing installation, updates and remote code downloads. It is distributed as part of the Brightcircle group of browser-extensions.

File name:

ge-force-bg.exe

Publisher:

iWebar (signed by Naruto Source)

Product:

Ge-Force

Description:

Ge-Force exe

Version:

1000.1000.1000.1000

MD5:

1d356767bf4dc6e09310e23d0050ddac

SHA-1:

194b14b1d25c63385c027d3a4dd870f9abcca933

SHA-256:

0b57ee1b309cb4db3c870eb59f0e179073c358b81954bd98fcb4ba1e638382b0

Scanner detections:

15 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements. Distributed through the Brightcircle investments brand.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Naruto Source.

Analysis date:

4/25/2024 11:46:44 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Avira AntiVirus

Adware/CrossRider.pq

7.11.168.242

AVG

Generic

2015.0.3368

Dr.Web

Trojan.Crossrider.31451

9.0.1.05190

ESET NOD32

Win32/Toolbar.CrossRider.AL potentially unwanted application

7.0.302.0

G Data

Win32.Adware.Crossrider

14.9.24

Kaspersky

not-a-virus:AdWare.NSIS.Adwapper

15.0.0.494

Malwarebytes

PUP.Optional.GeForce.A

v2014.08.29.01

McAfee

Artemis!9A848E23D8D8

5600.7024

NANO AntiVirus

Riskware.Win32.Crossrider.dekmzj

0.28.2.61861

Panda Antivirus

Trj/Genetic.gen

14.08.29.01

Qihoo 360 Security

HEUR/Malware.QVM10.Gen

1.0.0.1015

Reason Heuristics

PUP.Crossrider.NarutoSource.L

14.8.29.1

Rising Antivirus

PE:Malware.Obscure!1.9C59

23.00.65.14827

Sophos

Generic PUA OH

4.98

VIPRE Antivirus

Crossrider

32478

File size:

650.4 KB (665,960 bytes)

Product version:

1000.1000.1000.1000

Original file name:

Ge-Force.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\ge-force\ge-force-bg.exe

Digital Signature

Signed by:

Naruto Source

Authority:

COMODO CA Limited

Valid from:

7/28/2014 3:00:00 AM

Valid to:

7/29/2015 2:59:59 AM

Subject:

CN=Naruto Source, O=Naruto Source, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

1CE82906A7F364268F66771839675655

File PE Metadata

Compilation timestamp:

8/28/2014 1:06:24 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:2vL7Ey2gbyV628OF/MGZKUqTCQ48aiZsQqgSSvU96Z1fELOfqGTI4NB:u/EJ9Y1TrB

Entry address:

0x5CF4D

Entry point:

E8, 9A, CD, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 28, AD, 49, 00, E8, 4D, 49, 00, 00, E8, C1, 1C, 00, 00, 0F, B7, F0, 6A, 02, E8, 2D, CD, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 6B, 51, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

6.4613

Code size:

514.5 KB (526,848 bytes)

The file ge-force-bg.exe has been discovered within the following program.

Ge-Force by Sailor Project

Ge-Force/iWebbar is an advertising supported (adware) extension that runs in the context of the user's web browser as well as a process in the background.

crossrider.com/install/61911-ge-forces

80% remove it

Remove ge-force-bg.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.