Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

1, 0, 0, 18 40.00%
1, 0, 0, 17 60.00%

Relationships

GFFupdater.exe

Go for Updater by Righway Technologies (Signed)

Remove GFFupdater.exe
Version:   1, 0, 0, 17
MD5:   0429fca3ce38367c98b9eecfaa17b35a
SHA1:   ceff33b379ad83e6cc7f6274934f01a412cb4746
SHA256:   171f155e3693f6cee680d6de059d2c4954a4c3855c1a6aad87bfc8c629076bef
Warning 6 antivirus scanners has detected malware.

What is GFFupdater.exe?

Go for Files Updater is the software updater program which runs in the background of Windows and automatically starts up when your PC boots. It checks for software udpates and automatically downloads and installs them if found.

Overview

gffupdater.exe is malware that executes as a process with the local user's privileges. It is an auto-starting process that used the Windows Task Scheduler service to load when the user logs into Windows (sometimes this is required to bypass the UAC protection). It is installed with a couple of know programs including GoforFiles published by Righway Technologies, Inc, GoforFiles from Righway Technologies, Inc and GoforFiles by Righway Technologies, Inc. The file is digitally signed by Righway Technologies which was issued by the COMODO CA Limited certificate authority (CA).

DetailsDetails

File name:gffupdater.exe
Publisher:http://www.goforfiles.com/
Product name:Go for Updater
Description:Go for Files Updater
Typical file path:C:\Program Files\goforfiles\gffupdater.exe
File version:1, 0, 0, 17
Product version:1,0,0,0
Size:195.64 KB (200,336 bytes)
Certificate
Issued to:Righway Technologies
Authority (CA):COMODO CA Limited
Effective date:Wednesday, August 22, 2012
Expiration date:Sunday, August 23, 2015
Digital DNA
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
GoforFiles
 Righway Technologies, Inc
  70% remove
GoforFiles bundles various adware toolbars including the Delta Search Toolbar (an adware toolbar that modifies the user's web browser home page, search settings and other settings).

BehaviorsBehaviors

Scheduled tasks
  • The task 'GoforFilesUpdate' runs on logon in the path '\GoforFilesUpdate'
  • The job 'Go for FilesUpdate' runs on logon in the path '\Go for FilesUpdate'
  • Entry path 'C:\WINDOWS\Tasks\GoforFilesUpdate.job'
  • Entry path '\Go for FilesUpdate'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
  • Login entry path '\GoforFilesUpdate'
  • Login entry path 'C:\WINDOWS\Tasks\GoforFilesUpdate.job'
  • Login entry path '\Go for FilesUpdate'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 6 of them detected the following malware.
Antivirus engineEngine versionDetection
avast! 6.0.1289.0 Win32:Adware-AHK [PUP]
Dr.Web 8.13.4.12 Tool.DownLoader.52
Emsisoft Anti-Malware 3.0.0.575 Trojan.Win32.YourFileDownloader.AMN (A)
eSafe 7.0.17.0 Win32.Trojan
ESET NOD32 7.8216 a variant of Win32/YourFileDownloader.B
Trend Micro HouseCall 9.700.0.1001 TROJ_GEN.F47V0115

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00143331%
0.028634%
Kernel CPU:0.00084591%
0.013761%
User CPU:0.00058740%
0.014873%
Kernel CPU time:333 ms/min
100,923,805ms/min
CPU cycles:124,768/sec
17,470,203/sec
Memory
Private memory:9.4 MB
21.59 MB
Private (maximum):8.79 MB
Private (minimum):321 KB
Non-paged memory:9.4 MB
21.59 MB
Virtual memory:90.14 MB
140.96 MB
Virtual memory (peak):95.29 MB
169.69 MB
Working set:1.37 MB
18.61 MB
Working set (peak):13.77 MB
37.95 MB
Page faults:17,974/min
2,039/min
I/O
I/O read transfer:49.73 KB/sec
1.02 MB/min
I/O read operations:2/sec
343/min
I/O write transfer:0 Bytes/sec
274.99 KB/min
I/O write operations:1/sec
227/min
I/O other transfer:38 Bytes/sec
448.09 KB/min
I/O other operations:9/sec
1,671/min
Resource allocations
Threads:4
12
Handles:247
600
GUI GDI count:24
103
GUI GDI peak:25
142
GUI USER count:6
49
GUI USER peak:7
71

BehaviorsProcess properties

Integrety level:High
Platform:32-bit
Command line:"C:\Program Files\goforfiles\gffupdater.exe"
Owner:User
Parent process:taskeng.exe (Task Scheduler Engine by Microsoft)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate 37.78%
Windows 7 Home Premium 31.11%
Windows 8 6.67%
Windows 7 Ultimate N 6.67%
Windows 7 Professional 4.44%
Windows 8 Enterprise 4.44%
Windows Vista Home Premium 4.44%
Microsoft Windows XP 4.44%

Distribution by countryDistribution by country

United States installs about 33.33% of Go for Updater.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Hewlett-Packard 32.14%
Dell 28.57%
Sony 14.29%
Toshiba 14.29%
Acer 10.71%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE