home

Bright circle investments Ltd.

Publisher Information

Bright circle investments Ltd. is a software publisher located in Nicosia, CY*. The company is a primary distributor of unwanted software. Bright Circle (also known as Motoko Group, Evangelion Group, Robokid, etc,) that utilizes the free Crossrider extension platform to develope and distribute a number of adware software programs (SavePass, PlusHD, HQVideo, etc.) for the web browser that deliver advertisements. There is one additional code signing certificate issued to this publisher.
Authority:
COMODO CA Limited

Valid from:
6/19/2014 2:00:00 AM

Valid to:
6/20/2015 1:59:59 AM

Subject:
CN=Bright circle investments Ltd., O=Bright circle investments Ltd., STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Nicosia, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00ef90fef9ac8e258e5d30d0e08c84d37e

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Brightcircleinvestments.G, PUP.Brightcircleinvestments.Q, PUP.Crossrider.Brightcircleinvestments.AA, PUP.Brightcircleinvestments.h, Adware.Crossrider.Brightcircle (M), PUP.Brightcircle.Brightcircleinvestments.Installer (M), Adware.BrightCircle.Brightcircleinvestments (M), Adware.BrightCircle.Brightcircleinvestments.Installer (M), Adware.BrightCircle.Installer (M), PUP.Brightcircle (M), Adware.BrightCircle (M), Adware.BrightCircle.setup (M), Adware.BrightCircle.PlusHDV1 (M), Adware.Crossrider (M)
100.00%

NANO AntiVirus
Riskware.Nsis.Downware.yrefc, Riskware.Win32.CrossRider.dbkrkz, Riskware.Win32.AdLoad.dblrre, Riskware.Win32.AdLoad.dbjxuu
16.00%

G Data
Script.Application.Plush, Win32.Application.Plush, Gen:Variant.Adware.Kazy.374109, Gen:Variant.Adware.Kazy.374062, Adware.Generic.959304
16.00%

VIPRE Antivirus
Crossrider, Threat.4789396
14.00%

Avira AntiVirus
Adware/CrossRider.A.11566, Adware/CrossRider.A.11353, Adware/CrossRider.A.11433, Adware/CrossRider.A.11940, Adware/CrossRider.A.14863
14.00%

Qihoo 360 Security
Win32/Virus.Adware.15b, Win32/Virus.Adware.560, Win32/Virus.Adware.c3a, Win32/Virus.Adware.162, Win32/Virus.Adware.440, Win32/Virus.Adware.6c0
14.00%

Trend Micro House Call
Suspicious_GEN.F47V0704, TROJ_GEN.F47V1224, ADW_CROSSRID, Suspicious_GEN.F47V0703, TROJ_GEN.R0CBC0OG814, Suspicious_GEN.F47V0623
14.00%

Fortinet FortiGate
Riskware/Toolbar_CrossRider
14.00%

MicroWorld eScan
Gen:Variant.Kazy.19680, Gen:Variant.Adware.Kazy.374109, Gen:Variant.Adware.Kazy.374062, Adware.Generic.959304, Gen:Adware.Plush.1, Adware.Generic.956974
14.00%

Bitdefender
Gen:Variant.Kazy.19680, Gen:Variant.Adware.Kazy.374109, Gen:Variant.Adware.Kazy.374062, Adware.Generic.959304, Gen:Adware.Plush.1
14.00%

1 / 68      (Adware)
setup.exe  (e169f65cd0dbd42bbb0158e511c6a817)

1 / 68      (Adware)
tmp00000053 (Plus-HD-V1.5)  (b19347f8218a67cc2bc5321b67df97a7)

1 / 68      (Adware)
setup.exe  (4b99425a0918583ea17621f14942c0ee)

1 / 68      (Adware)
1a865e51-8d7f-47ac-a7cc-49d250e98ec8-11.exe (Plus-HD-V1.5)  (0b13c2941482032329588898cabc1d31)

1 / 68      (Adware)
uninstall.exe  (0e54818294712136af4ffc2a35a2243c)

1 / 68      (Adware)
video mediaplayer-nova.dll  (f182f4b6811c4a9b2a325a5b31455f8d)

1 / 68      (Adware)
tmp000000293d61eb8e3e4e383a  (a0cb775897b07513b0acd8798db38b32)

1 / 68      (Adware)
0fcf82ed-b5d1-488f-a627-18864879300c (Plus-HD-V1.5)  (36dcfa7cc92c3501cd8bf6088e3701fb)

1 / 68      (Adware)
uninstall.exe  (e09761dd47d4ef300929136c686c0aae)

1 / 68      (Adware)
fraven 1.1-nova.dll  (78866800327d4e020c1bb32b1c599607)

1 / 68      (Adware)
fraven 1.1-bho.dll (Fraven 1.1 by setup)  (f7b163095670b1b7c6095a8792704f40)

1 / 68      (Adware)
fraven 1.1-nova.exe (Fraven 1.1 by setup)  (4ecc67a45f0078ef3d150d8f92fd8247)

1 / 68      (Adware)
fraven 1.1-novainstaller.exe (Fraven 1.1 by setup)  (acd4d77eec26abd5d34406e31717959f)

1 / 68      (Adware)
8f6ceed5-cbdf-42f0-8419-4c7bf8318158-5.exe (Fraven 1.1 by setup)  (ae10700091b415d06faa40a7f1bfbec4)

1 / 68      (Adware)
8f6ceed5-cbdf-42f0-8419-4c7bf8318158-4.exe (Fraven 1.1 by setup)  (b0e3110beb3a51217a21d9c7afcfa17a)

1 / 68      (Adware)
8f6ceed5-cbdf-42f0-8419-4c7bf8318158-11.exe (Fraven 1.1 by setup)  (a60432d3b5c892a6676699757dcba2bd)

1 / 68      (Adware)
1a865e51-8d7f-47ac-a7cc-49d250e98ec8-3.exe (Plus-HD-V1.5)  (b881e6aa0fa813b9484eb7e7b6944d0e)

1 / 68      (Adware)
plus-hd-v1.5-nova.dll  (a8a82cde0c1e6b5fb5938dd2fe9b63d0)

1 / 68      (Adware)
afnwp.exe  (5a1ad2292b9f108e0333178e7ea2a2b5)

1 / 68      (Adware)
setup.exe  (138ad2c748e7633255c514aa0441074f)

1 / 68      (Adware)
uninstall.exe  (8728760ce009c509d9fa13fcfd3eabbf)

1 / 68      (Adware)
plus-hd-v1.5-bho64.dll (Plus-HD-V1.5)  (eacc0000f6e7776688cb72f5de7de00d)

1 / 68      (Adware)
plus-hd-v1.5-bho.dll (Plus-HD-V1.5)  (40b077d64a97bcca24d7487ac596dfb3)

1 / 68      (Adware)
video mediaplayer-bho.dll (video MediaPlayer by enter)  (38292afbf020624c57e020f3ed7a054b)

1 / 68      (Adware)
uninstall.exe  (2f0cfa2410899ba4f4f4d35d6def03d4)

1 / 68      (Adware)
setup.exe  (2d2b8e625f51eeda5010c1ee357dcce8)

1 / 68      (Adware)
9aaff588-263f-4f74-9eca-58ef928ceaf0-5.exe (video MediaPlayer by enter)  (3eea77ed7aca5004280ced8bf0b18591)

1 / 68      (Adware)
9aaff588-263f-4f74-9eca-58ef928ceaf0-4.exe (video MediaPlayer by enter)  (fb19f4de487e14f87544325d475c0081)

1 / 68      (Adware)
9aaff588-263f-4f74-9eca-58ef928ceaf0-11.exe (video MediaPlayer by enter)  (c0d1af2177df66f026001e7849a95221)

1 / 68      (Adware)
476fdc93-92d4-41ce-8a34-6bd3d68d08d8-5.exe (Fraveen 1.4 by shift)  (8fa542b9436efe785a0a355dc80c0fa7)

 
Latest 30 of 73 files

Downloads URLs for files signed by Bright circle investments Ltd..

1 / 68      (Adware)
http://dl.datagenserv.com/full/.../setup.exe  (138ad2c748e7633255c514aa0441074f)

1 / 68      (Adware)
http://dl.datagenserv.com/shop/.../setup.exe  (f763c25d4157411906c349aec2687838)

1 / 68      (Adware)
http://dl.datagenserv.com/catch/.../setup.exe  (2d2b8e625f51eeda5010c1ee357dcce8)

The following websites host and distribute files published by Bright circle investments Ltd..

dl.datagenserv.com

The following certificate is also signed by Bright circle investments Ltd..

4347D0F2AD67F1767C932B3BFBEA7713  (Jun 20, 2014 to Jun 21, 2015)

The following publishers (by Authenticode signature organization name) are related.

Motoko Group

Evangelion Group

Robokid Technologies

Sailor Project

Kimahri Software inc.

Bohr­-ium Group

Coder Born Group

Airwaves Moves

Monkey Code Lab

King Gainer Lab

Goobzo LTD

SIMONA-VIORICA MARIN

HARASAN PRAPAPON

CoolMirage Ltd.

Stampede Technologies

Hike Zone Plus

* Note, the details and description above are based on the code signing digital signature issued to Bright circle investments Ltd. by COMODO CA Limited on June 19, 2014 with the serial number '00ef90fef9ac8e258e5d30d0e08c84d37e'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.