VersionsVersions

3, 0, 0, 1 20.00%
3, 0, 0, 1 60.00%
3, 0, 0, 1 20.00%
(Note, Righway Technologies publishes each variation of this file with the same version, but the hashes are unique.)

Relationships

gffupdater.exe

GoforFiles Application by Righway Technologies (Signed)

Remove gffupdater.exe
Warning 18 antivirus scanners has detected malware in various versions of gffupdater.exe.

Overview

gffupdater.exe has 3 known versions, the most recent one is 3, 0, 0, 1. gffupdater.exe is run as a standard windows process with the logged in user's account privileges. The process utilizes the Windows Task Scheduler to automatically launch the file as a process when a user logs into Windows. The average file size is about 518.39 KB. It is an authenticode code-signed executable issued to Righway Technologies by the certification authority COMODO CA Limited. Numerous variations of gffupdater.exe have been installed with both GoforFiles and Feature Update Service (GFF).

DetailsDetails

File name:gffupdater.exe
Publisher:http://goforfiles.com/
Product name:GoforFiles Application
Description:GoforFiles Updater Application
Typical file path:C:\Program Files\goforfiles\gffupdater.exe
Original name:GoforFiles.exe
Certificate
Issued to:Righway Technologies
Authority (CA):COMODO CA Limited
Expiration date:Sunday, August 23, 2015

ResourcesPrograms installed in

(Note, the programs listed below are for all versions of GoforFiles Application.)
GoforFiles
  76% remove
It's totally unique. Very simple interface is specifically designed for each and everyone. GoforFiles does not require any specific knowledge to operate it, but combines powerful programming technique...
Righway Technologies, Inc
  70% remove
GoforFiles bundles various adware toolbars including the Delta Search Toolbar (an adware toolbar that modifies the user's web browser home page, search settings and other settings).

BehaviorsBehaviors

(Note, the behaviors below are for all versions of gffupdater.exe, select a unique version for details.)
Scheduled tasks
  • The job 'GoforFilesUpdate' runs on logon in the path '\GoforFilesUpdate'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
  • Login entry path '\GoforFilesUpdate'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 18 of them detected the following malware.
Antivirus engineEngine versionDetectionFile version
avast! 8.0.1489.320 Win32:Adware-AHK [PUP] 3, 0, 0, 1
avast! 8.0.1489.320 Win32:Adware-AHK [PUP] 3, 0, 0, 1
Baidu Antivirus 3.5.1.41473 Trojan.Win32.YourFileDownloader.B 3, 0, 0, 1
ESET NOD32 7.8844 a variant of Win32/YourFileDownloader.B 3, 0, 0, 1
ESET NOD32 7.8861 a variant of Win32/YourFileDownloader.B 3, 0, 0, 1
K7 AntiVirus 9.172.9695 Riskware 3, 0, 0, 1
K7GW 12.7.0.14 Riskware 3, 0, 0, 1
Kingsoft 2013.04.09.267 Win32.Troj.Generic.a.(kcloud) 3, 0, 0, 1
Kingsoft 2013.4.9.267 Win32.Troj.Generic.a.(kcloud) 3, 0, 0, 1
McAfee 6.4.564 Artemis!56C016DCB606 3, 0, 0, 1
McAfee 5.600.1067 Artemis!7AF38D476C75 3, 0, 0, 1
McAfee Gateway Anti-Malware v2013-dat Artemis!56C016DCB606 3, 0, 0, 1
McAfee Gateway Anti-Malware v2013-dat Artemis!7AF38D476C75 3, 0, 0, 1
Panda Antivirus 10.0.3.5 Suspicious file 3, 0, 0, 1
Trend Micro HouseCall 9.700-1001 TROJ_GEN.F47V0920 3, 0, 0, 1
Trend Micro HouseCall 9.700.0.1001 TROJ_GEN.F47V0808 3, 0, 0, 1
VIPRE Antivirus 21832 ExpressFiles Installer (fs) 3, 0, 0, 1
VIPRE Antivirus 21986 ExpressFiles Installer (fs) 3, 0, 0, 1

VersionsAll file variations of gffupdater.exe

MD5SHA-1File size
56c016dcb6060cf7b6c09445d621ed81 a6a7c309626a6902033653e0d0286239bdb11b29 355.58 KB
7af38d476c757509ae47e9aa292b3c6b aa9fc79d519472c700bd38a830f120036e0cf574 237.58 KB
10c7f833d6d01bb643e3a8f17c4ad144 1b894063f467f3edac65261e3ad1e0c2509d70c3 962 KB
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE