Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Additional versions
Relationships
GFFupdater.exe
Go for Updater by Righway Technologies (Signed)
Version: | 1, 0, 0, 17 |
MD5: | 0429fca3ce38367c98b9eecfaa17b35a |
SHA1: | ceff33b379ad83e6cc7f6274934f01a412cb4746 |
SHA256: | 171f155e3693f6cee680d6de059d2c4954a4c3855c1a6aad87bfc8c629076bef |
Warning 6 antivirus scanners has detected malware.
What is GFFupdater.exe?
Go for Files Updater is the software updater program which runs in the background of Windows and automatically starts up when your PC boots. It checks for software udpates and automatically downloads and installs them if found.
Overview
gffupdater.exe is malware that executes as a process with the local user's privileges. It is an auto-starting process that used the Windows Task Scheduler service to load when the user logs into Windows (sometimes this is required to bypass the UAC protection). It is installed with a couple of know programs including GoforFiles published by Righway Technologies, Inc, GoforFiles from Righway Technologies, Inc and GoforFiles by Righway Technologies, Inc. The file is digitally signed by Righway Technologies which was issued by the COMODO CA Limited certificate authority (CA).
Details
File name: | gffupdater.exe |
Publisher: | http://www.goforfiles.com/ |
Product name: | Go for Updater |
Description: | Go for Files Updater |
Typical file path: | C:\Program Files\goforfiles\gffupdater.exe |
File version: | 1, 0, 0, 17 |
Product version: | 1,0,0,0 |
Size: | 195.64 KB (200,336 bytes) |
Certificate |
Issued to: | Righway Technologies |
Authority (CA): | COMODO CA Limited |
Effective date: | Wednesday, August 22, 2012 |
Expiration date: | Sunday, August 23, 2015 |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following programs will install this file
|
Righway Technologies, Inc |
|
GoforFiles bundles various adware toolbars including the Delta Search Toolbar (an adware toolbar that modifies the user's web browser home page, search settings and other settings).
Behaviors
Scheduled tasks
- The task 'GoforFilesUpdate' runs on logon in the path '\GoforFilesUpdate'
- The job 'Go for FilesUpdate' runs on logon in the path '\Go for FilesUpdate'
- Entry path 'C:\WINDOWS\Tasks\GoforFilesUpdate.job'
- Entry path '\Go for FilesUpdate'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
- Login entry path '\GoforFilesUpdate'
- Login entry path 'C:\WINDOWS\Tasks\GoforFilesUpdate.job'
- Login entry path '\Go for FilesUpdate'
Malware detections
Based on 40+ industry antivirus scanners, 6 of them detected the following malware.
Antivirus engine | Engine version | Detection |
avast! |
6.0.1289.0 |
Win32:Adware-AHK [PUP] |
Dr.Web |
8.13.4.12 |
Tool.DownLoader.52 |
Emsisoft Anti-Malware |
3.0.0.575 |
Trojan.Win32.YourFileDownloader.AMN (A) |
eSafe |
7.0.17.0 |
Win32.Trojan |
ESET NOD32 |
7.8216 |
a variant of Win32/YourFileDownloader.B |
Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.F47V0115 |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00143331% | |
Kernel CPU: | 0.00084591% | |
User CPU: | 0.00058740% | |
Kernel CPU time: | 333 ms/min | |
CPU cycles: | 124,768/sec | |
Memory |
Private memory: | 9.4 MB | |
Private (maximum): | 8.79 MB | |
Private (minimum): | 321 KB | |
Non-paged memory: | 9.4 MB | |
Virtual memory: | 90.14 MB | |
Virtual memory (peak): | 95.29 MB | |
Working set: | 1.37 MB | |
Working set (peak): | 13.77 MB | |
Page faults: | 17,974/min | |
I/O |
I/O read transfer: | 49.73 KB/sec | |
I/O read operations: | 2/sec | |
I/O write transfer: | 0 Bytes/sec | |
I/O write operations: | 1/sec | |
I/O other transfer: | 38 Bytes/sec | |
I/O other operations: | 9/sec | |
Resource allocations |
Threads: | 4 | |
Handles: | 247 | |
GUI GDI count: | 24 | |
GUI GDI peak: | 25 | |
GUI USER count: | 6 | |
GUI USER peak: | 7 | |
Process properties
Distribution by Windows OS
OS version | distribution |
Windows 7 Ultimate |
37.78% |
|
Windows 7 Home Premium |
31.11% |
|
Windows 8 |
6.67% |
|
Windows 7 Ultimate N |
6.67% |
|
Windows 7 Professional |
4.44% |
|
Windows 8 Enterprise |
4.44% |
|
Windows Vista Home Premium |
4.44% |
|
Microsoft Windows XP |
4.44% |
|
Distribution by country
United States installs about 33.33% of Go for Updater.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Hewlett-Packard |
32.14% |
|
Dell |
28.57% |
|
Sony |
14.29% |
|
Toshiba |
14.29% |
|
Acer |
10.71% |
|