home

ge-force-bg.exe

Ge-Force

Selecao Technologies (Bright Circle Investments Ltd)

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The application ge-force-bg.exe by Selecao Technologies (Bright Circle Investments) has been detected as adware by 27 anti-malware scanners. Part of the Corssrider web browser platform, the BG executable is a background process that manage various function of the installed extensions in user's browser including managing installation, updates and remote code downloads. It is distributed as part of the Brightcircle group of browser-extensions.
Publisher:
Webar  (signed by Selecao Technologies (Bright Circle Investments Ltd))

Product:
Ge-Force

Description:
Ge-Force exe

Version:
1000.1000.1000.1000

MD5:
33ca1ca64d70e07d3c52ad91979c1634

SHA-1:
424ebe53f8c6581d1d4866c8ba188e56130e9e76

SHA-256:
89e625f4dc6784284e9267f0f18bc7fa4234dbc53a0b334bef484a6016b302ef

Scanner detections:
27 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements. Distributed through the Brightcircle investments brand.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Selecao Technologies (Bright Circle Investments Ltd).

Analysis date:
4/26/2024 2:12:04 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Application.Heur.Mu1@mKVR@0di
707

AhnLab V3 Security
PUP/Win32.CrossRider
2015.01.20

Avira AntiVirus
Adware/CrossRider.ZZ
7.11.206.190

avast!
Win32:Malware-gen
2014.9-150227

AVG
Generic
2016.0.3185

Baidu Antivirus
PUA.Win32.CrossRider
4.0.3.15227

Bitdefender
Gen:Application.Heur.Mu1@mKVR@0di
1.0.20.290

Bkav FE
W32.HfsAdware
1.3.0.6379

Emsisoft Anti-Malware
Gen:Application.Heur.Mu1@mKVR@0di
8.15.02.27.09

ESET NOD32
Win32/Toolbar.CrossRider.BA potentially unwanted (variant)
9.11116

Fortinet FortiGate
Riskware/CrossRider
2/27/2015

F-Secure
Riskware.Gen:Application.Heur.Mu1@mKVR@0di
11.2015-27-02_6

G Data
Win32.Adware.Crossrider
15.2.25

IKARUS anti.virus
Gen.Application.Heur
t3scan.1.8.6.0

K7 AntiVirus
Trojan
13.193.14846

Kaspersky
not-a-virus:WebToolbar.Win32.CrossRider
14.0.0.2420

Malwarebytes
PUP.Optional.CrossRider.A
v2015.02.27.09

McAfee
Artemis!46809B1703D6
5600.6841

MicroWorld eScan
Gen:Application.Heur.Mu1@mKVR@0di
16.0.0.174

NANO AntiVirus
Trojan.Win32.Crossrider.dloair
0.30.0.64812

Norman
Gen:Application.Heur.Mu1@mKVR@0di
11.20150227

Panda Antivirus
Trj/Genetic.gen
15.02.27.09

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1015

Reason Heuristics
Adware.Crossrider.Brightcircle
15.2.27.22

Rising Antivirus
PE:Malware.Obscure!1.9C59
23.00.65.15225

Sophos
Generic PUA EM
4.98

VIPRE Antivirus
Crossrider
37224

File size:
736 KB (753,640 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
Ge-Force.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ge-force\ge-force-bg.exe

Digital Signature
Signed by:
Selecao Technologies (Bright Circle Investments Ltd)

Authority:
COMODO CA Limited

Valid from:
12/15/2014 4:00:00 PM

Valid to:
12/16/2015 3:59:59 PM

Subject:
CN=Selecao Technologies (Bright Circle Investments Ltd), O=Selecao Technologies (Bright Circle Investments Ltd), STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Nicosia, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3F2791037D410A199539AA4A99F7DEB3

File PE Metadata
Compilation timestamp:
1/19/2015 12:10:11 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:avyeVX/HKSF3TSmPZfmITMf1hOVAl6TP2M:avySPH3d3K0T

Entry address:
0x6C5CA

Entry point:
E8, DD, C8, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 48, 14, 4B, 00, E8, 50, 49, 00, 00, E8, C4, 1C, 00, 00, 0F, B7, F0, 6A, 02, E8, 70, C8, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, AF, 4E, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
6.4956

Code size:
608 KB (622,592 bytes)

Remove ge-force-bg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.