PUP.GoforFiles
Posted: January 29, 2014
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 5,301 |
|---|---|
| Threat Level: | 1/10 |
| Infected PCs: | 114,098 |
| First Seen: | January 29, 2014 |
|---|---|
| Last Seen: | October 14, 2023 |
| OS(es) Affected: | Windows |
PUP.GoforFiles is a Potentially Unwanted Program with file-finding search features. Although PUP.GoforFiles's features appear to be in working condition, malware researchers also have found numerous issues with PUP.GoforFiles's website, Goforfiles.com, and even some invasive functions in PUP.GoforFiles that are reminiscent of the threat-downloading attacks of some Trojans. While you may find some use finding files with PUP.GoforFiles, PUP.GoforFiles should be treated as a potentially hostile program until further information is available, and, for safety's sake, uninstalling PUP.GoforFiles should be done with the same procedures you'd use to remove a Trojan.
When Going for Files Gets You More Than You Wanted
PUP.GoforFiles, a potential variant of YourFileDownloader, is a 'search engine' that specializes in finding files for download. This part of its feature set is, as far as malware experts can determine, functional, but PUP.GoforFiles also has several other functions that force its current classification as a Potentially Unwanted Program. PUP.GoforFiles often installs additional software, including adware (programs that generate browser advertisements) and browser hijackers (programs that redirect you to unwanted sites). PUP.GoforFiles updates itself automatically, which is a fairly substantial security issue. Finally, PUP.GoforFiles exploits the Windows Task Scheduler to allow itself to start automatically with Windows.
Because its software-installing features are both invasive and unnecessarily broad, some PC security companies have gone so far as to categorize PUP.GoforFiles as a Trojan downloader. PUP.GoforFiles may be detected by common aliases, including Tool.DownLoader.52, Win32/YourFileDownloader.B, Win32:Adware-AHK [PUP] and Skodna.Generic_c.CR. So far, malware researchers haven't identified any incidents of PUP.GoforFiles installing confirmed threats onto vulnerable computers, but PUP.GoforFiles's mere presence should be treated as a security concern.
Letting PUP.GoforFiles Go Off into the Horizon
It is very easy to understand that installing software that a good third of all the major anti-virus companies rate as a threat is a bad idea. However, there are no indications of this seedy history on the PUP.GoforFiles program's website, which does its level best to convince you that its software is useful. If anything, PUP.GoforFiles exemplifies how research into the software you choose to install continues to be critical and can't be replaced by believing what a site's marketing says about its product features.
PUP.GoforFiles does give its users uninstallation instruction on its site. However, considering its penchant for installing additional PUPs, malware researchers find deleting PUP.GoforFiles most reliable with third-party solutions, rather than hoping that PUP.GoforFiles will remove everything that PUP.GoforFiles installed. Unfortunately, a majority of PC security products have yet to develop database entries for PUP.GoforFiles, which can best be detected by making sure that all anti-malware products are as updated as possible.
Aliases
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\Program Files\GoForFilesUpdater\GoForFilesUpdater.exe
File name: GoForFilesUpdater.exeSize: 278.09 KB (278096 bytes)
MD5: 13a317e9a45e2e5a864d120d8a2058e0
Detection count: 6,385
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files\GoForFilesUpdater\GoForFilesUpdater.exe
Group: Malware file
Last Updated: October 14, 2021
C:\Program Files (x86)\GoforFiles\GoforFiles.exe
File name: GoforFiles.exeSize: 2.26 MB (2265680 bytes)
MD5: 1debc4f1c1673ff1cfb36e4ce96d8567
Detection count: 1,234
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\GoforFiles\GoforFiles.exe
Group: Malware file
Last Updated: December 28, 2021
%PROGRAMFILES%\GoforFiles\GFFUpdater.exe
File name: GFFUpdater.exeSize: 1.01 MB (1012736 bytes)
MD5: e2b220e26fb6bf692fa3d394d0e269e5
Detection count: 92
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%PROGRAMFILES(x86)%\GoforFiles\GoforFiles.exe
File name: GoforFiles.exeSize: 908.94 KB (908944 bytes)
MD5: 0c651819ab67ae08997ba4949c02bd57
Detection count: 82
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%PROGRAMFILES%\GoforFiles\GFFUpdater.exe
File name: GFFUpdater.exeSize: 200.33 KB (200336 bytes)
MD5: a5ed8f5e9dc0423c066c89f0176e4d8e
Detection count: 80
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%PROGRAMFILES%\GoforFiles\uninstall.exe
File name: uninstall.exeSize: 6.61 MB (6614160 bytes)
MD5: 716830e654c6fbe49e26e46316e9bcf2
Detection count: 80
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%PROGRAMFILES%\GoforFiles\GoforFiles.exe
File name: GoforFiles.exeSize: 2.26 MB (2269776 bytes)
MD5: 46faba7ec3307c1151725e776f1613ad
Detection count: 71
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%PROGRAMFILES%\GoforFiles\GoforFiles.exe
File name: GoforFiles.exeSize: 2.26 MB (2264656 bytes)
MD5: b5610dad9cf8412028d916a83215dab0
Detection count: 70
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%PROGRAMFILES(x86)%\GoforFiles\GoforFiles.exe
File name: GoforFiles.exeSize: 2.33 MB (2335232 bytes)
MD5: 96ee9dda9be7ef7368c83106b5a08446
Detection count: 62
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%PROGRAMFILES%\GoforFiles\GoforFiles.exe
File name: GoforFiles.exeSize: 2.26 MB (2269776 bytes)
MD5: 139ffa1f8df6b524cf0236e0315e386f
Detection count: 55
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%PROGRAMFILES%\GoforFiles\GFFUpdater.exe
File name: GFFUpdater.exeSize: 985.08 KB (985088 bytes)
MD5: 8d1d4e1e605fbb54b466c649988b4ea4
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%PROGRAMFILES%\GoforFiles\GFFUpdater.exe
File name: GFFUpdater.exeSize: 985.08 KB (985088 bytes)
MD5: 81e64578ebf5347b93cc0fe163f3f9a3
Detection count: 28
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%PROGRAMFILES%\GoforFiles\GoforFiles.exe
File name: GoforFiles.exeSize: 2.26 MB (2269776 bytes)
MD5: 92be0506451f4452c1353a1685dc3ad1
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%PROGRAMFILES%\GoforFiles\GFFUpdater.exe
File name: GFFUpdater.exeSize: 985.08 KB (985088 bytes)
MD5: b1c5a706c18908514835d9e311c29b8c
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%TEMP%\GoForFiles6wY0w9dvx6.exe
File name: GoForFiles6wY0w9dvx6.exeSize: 3.93 MB (3936544 bytes)
MD5: 6b125ea6b8da17cf5b73331c8331c2ce
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: November 28, 2014
%PROGRAMFILES(x86)%\GoforFiles\GFFUpdater.exe
File name: GFFUpdater.exeSize: 614.99 KB (614992 bytes)
MD5: bd8d50e761677bfcae41d5e940f8c136
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%TEMP%\GoForFilesOXEjJ1pGg9.exe
File name: GoForFilesOXEjJ1pGg9.exeSize: 4.28 MB (4283248 bytes)
MD5: 2699c9800e92397014775c9a95075609
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: January 19, 2015
%PROGRAMFILES%\GoforFiles\GFFUpdater.exe
File name: GFFUpdater.exeSize: 985.08 KB (985088 bytes)
MD5: 91f7f61101db45796a9fd527abd2a872
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
%PROGRAMFILES%\GoforFiles\GFFUpdater.exe
File name: GFFUpdater.exeSize: 1.01 MB (1012736 bytes)
MD5: 0c60ec8428f8ca84c5d7f4f85fae6c28
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\GoforFiles
Group: Malware file
Last Updated: January 29, 2014
More files
Registry Modifications
File name without pathGoforFiles.lnkRegexp file mask%TEMP%\GoForFiles[RANDOM CHARACTERS].exe%WinDir%\System32\Tasks\GoForFiles Installer Starter%WinDir%\System32\Tasks\GoforFilesUpdate%WinDir%\System32\Tasks\Update Service GoForFiles%WinDir%\Tasks\GoforFilesUpdate.jobHKEY..\..\..\..{RegistryKeys}SOFTWARE\GoforFilesSOFTWARE\Microsoft\Tracing\GFFUpdater_RASAPI32SOFTWARE\Microsoft\Tracing\GFFUpdater_RASMANCSSOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCSSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoForFiles Installer StarterSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoforFilesUpdateSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service GoForFilesSOFTWARE\Wow6432Node\GoforFilesHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}GoforFilesGoforFilesUpdaterUpdate Service GoForFiles
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.