Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Additional versions
Relationships
yourfileupdater.exe
YourFile Downloader by Via Advertising Group Limited (Signed)
Version: | 1.0.0.1 |
MD5: | 1793fbfa7113aa06d1d1de7de32ea42b |
SHA1: | 4787618a1313b3e5c2c9938c0c23efb5a2a3d2fa |
SHA256: | 09221f50d7ee7938fc4f903737638fb40c6e441e513d2c21d7ffe96933db434a |
Warning 4 antivirus scanners has detected malware.
What is yourfileupdater.exe?
The YourFile Downloader auto updater is a program which runs in the background of Windows and automatically starts up when your PC boots. It checks for software udpates and automatically downloads and installs them if found.
About yourfileupdater.exe (from Via Advertising Group Limited)
“YourFileDownloader is designed to make your download experience easier and quicker than ever. Now you don’t have to spend your valuable time and energy for finding desired programs and get forwarded a”
Details
File name: | yourfileupdater.exe |
Publisher: | http://yourfiledownloader.com |
Product name: | YourFile Downloader |
Typical file path: | C:\Program Files\yourfiledownloader\yourfileupdater.exe |
Original name: | YourFile.exe |
File version: | 1.0.0.1 |
Size: | 239.42 KB (245,168 bytes) |
Certificate |
Issued to: | Via Advertising Group Limited |
Authority (CA): | VeriSign |
Effective date: | Monday, April 30, 2012 |
Expiration date: | Wednesday, May 1, 2013 |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following programs will install this file
|
Via Advertising Group Limited |
|
YourFileDownloader provides the ability to download various software applications locally. It provides a list and search interface to locate and download appliations. The program does however automatically add itself to the Windows built-in Firewall.
Behaviors
Scheduled tasks
- The job 'YourFile Update' runs on logon in the path '\YourFile Update'
- The task 'Your File Updater' runs in the path '\Your File Updater'
- The task 'YourFile DownloaderUpdate' runs on logon in the path '\YourFile DownloaderUpdate'
- Entry path 'C:\WINDOWS\Tasks\Your File Updater.job'
- Entry path 'C:\windows\Tasks\YourFile DownloaderUpdate.job'
- Entry path '\YourFile DownloaderUpdate'
- Entry path 'C:\WINDOWS\Tasks\YourFile Update.job'
- Entry path '\YourFile Update'
- Entry path '\Your File Updater'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
- Login entry path 'C:\WINDOWS\Tasks\Your File Updater.job'
- Login entry path 'C:\windows\Tasks\YourFile DownloaderUpdate.job'
- Login entry path '\YourFile DownloaderUpdate'
- Login entry path 'C:\WINDOWS\Tasks\YourFile Update.job'
- Login entry path '\YourFile Update'
- Login entry path '\Your File Updater'
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
- Firewall exception for 'C:\Program Files\YourFileDownloader\YourFileUpdater.exe'
Malware detections
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
Antivirus engine | Engine version | Detection |
Kingsoft |
2012.12.21.213 |
Win32.Troj.Agent.(kcloud) |
nProtect |
2013-01-12.01 |
Trojan/W32.Agent.245168.B |
VIPRE Antivirus |
14992 |
Via Advertising (fs) |
ViRobot |
2011.4.7.4223 |
Trojan.Win32.A.Agent.245168 |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00041344% | |
Kernel CPU: | 0.00018414% | |
User CPU: | 0.00022930% | |
Kernel CPU time: | 137 ms/min | |
CPU cycles: | 18,171/sec | |
Memory |
Private memory: | 9.33 MB | |
Private (maximum): | 11.79 MB | |
Private (minimum): | 7.32 MB | |
Non-paged memory: | 9.33 MB | |
Virtual memory: | 68.34 MB | |
Virtual memory (peak): | 71.23 MB | |
Working set: | 7.86 MB | |
Working set (peak): | 13.81 MB | |
Page faults: | 28,089/min | |
I/O |
I/O read transfer: | 1.11 KB/sec | |
I/O read operations: | 2/sec | |
I/O write transfer: | 0 Bytes/sec | |
I/O write operations: | 1/sec | |
I/O other transfer: | 34 Bytes/sec | |
I/O other operations: | 1/sec | |
Resource allocations |
Threads: | 3 | |
Handles: | 176 | |
GUI GDI count: | 29 | |
GUI GDI peak: | 29 | |
GUI USER count: | 3 | |
GUI USER peak: | 5 | |
Process properties
Integrety level: | Undefined |
Platform: | 32-bit |
Command line: | "C:\Program Files\yourfiledownloader\yourfileupdater.exe" |
Owner: | User |
Parent processes: |
|
Threads
Averages
YourFileUpdater.exe (main module) |
Total CPU: | 0.00056315% | |
Kernel CPU: | 0.00026066% | |
User CPU: | 0.00030249% | |
CPU cycles: | 6,889/sec | |
Memory: | 520 KB | |
ntdll.dll |
Total CPU: | 0.00006170% | |
Kernel CPU: | 0.00000000% | |
User CPU: | 0.00006170% | |
CPU cycles: | 253/sec | |
Memory: | 1.67 MB | |
wow64.dll |
Total CPU: | 0.00001479% | |
Kernel CPU: | 0.00000000% | |
User CPU: | 0.00001479% | |
CPU cycles: | 27/sec | |
Memory: | 252 KB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
OS version | distribution |
Windows 7 Ultimate |
36.78% |
|
Windows 7 Home Premium |
24.14% |
|
Microsoft Windows XP |
21.84% |
|
Windows 8 Pro |
6.90% |
|
Windows 7 Professional |
3.45% |
|
Windows 7 Home Basic |
3.45% |
|
Windows 8 |
2.30% |
|
Windows 8 Enterprise |
1.15% |
|
Distribution by country
United States installs about 28.74% of YourFile Downloader.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Hewlett-Packard |
29.27% |
|
Acer |
21.95% |
|
Dell |
19.51% |
|
Sony |
14.63% |
|
GIGABYTE |
4.88% |
|
Toshiba |
4.88% |
|
Alienware |
2.44% |
|
American Megatrends |
2.44% |
|