PUP.GoforFiles

By LoneStar in Potentially Unwanted Programs

Threat Scorecard

Ranking:	5,493
Threat Level:	10 % (Normal)
Infected Computers:	48,841

First Seen:	January 29, 2014
Last Seen:	April 16, 2024
OS(es) Affected:	Windows

PUP.GoforFiles has been associated with several adware infections. PUP.GoforFiles and content associated with PUP.GoforFiles may cause various symptoms on affected Web browsers, including changing the victim's home page and search engine, altering its settings and preventing computer users from using the affected Web browser effectively. PUP.GoforFiles is associated with a low quality search engine that can help computer users find what they want, provided that they allow this PUP to remain on their computer and are willing to deal with PUP.GoforFiles' unwanted behaviors and symptoms. PUP.GoforFiles may cause various symptoms, endanger the victims' privacy and security, and make the affected computer run slowly or crash frequently. Because of this, malware analysts strongly advise computer users to remove PUP.GoforFiles immediately, ignore any of its instructions and avoid allowing PUP.GoforFiles to remain on a computer.

Table of Contents

Do not Let PUP.GoforFiles Stay on Your PC

As soon as PUP.GoforFiles is installed, PUP.GoforFiles may cause numerous symptoms, change your Web browser and computer settings to allow PUP.GoforFiles to run automatically and create an exception on the Windows Firewall that allows PUP.GoforFiles to communicate with a third party. The following characteristics are common problems associated with PUP.GoforFiles:

PUP.GoforFiles may cause Web browser redirects, hijacking the PC user's Web browser and leading it to certain websites forcefully.
PUP.GoforFiles may cause the affected Web browser to display numerous pop-ups, which may include advertisements, fake system dialogs and suspicious error messages. PUP.GoforFiles advertisements may endanger your security by promoting known PUPs and online harmful tactics.
PUP.GoforFiles may make changes to your Web browser settings, such as changing the affected Web browser's homepage and default search engine.
PUP.GoforFiles may track your online activities and keep tabs on your online history and computer settings.

PUP.GoforFiles and content associated with PUP.GoforFiles should be removed immediately. This can be done with the help of a reliable security program. In many occasions, it may be compulsory to undo manually changes associated with PUP.GoforFiles. For example, in many cases it may be necessary to restore your default homepage and search engine manually.

Aliases

2 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
Sophos	Go For Files
McAfee	Artemis!1DD330B80F2E

SpyHunter Detects & Remove PUP.GoforFiles

File System Details

PUP.GoforFiles may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	GoForFilesUpdater.exe	13a317e9a45e2e5a864d120d8a2058e0	2,726
Name: GoForFilesUpdater.exe MD5: 13a317e9a45e2e5a864d120d8a2058e0 Size: 278.09 KB (278096 bytes) Detections: 2,726 Type: Executable File Path: C:\Program Files\GoForFilesUpdater\GoForFilesUpdater.exe Group: Malware file Last Updated: October 14, 2021
2.	GoforFiles.exe	1debc4f1c1673ff1cfb36e4ce96d8567	527
Name: GoforFiles.exe MD5: 1debc4f1c1673ff1cfb36e4ce96d8567 Size: 2.26 MB (2265680 bytes) Detections: 527 Type: Executable File Path: C:\Program Files (x86)\GoforFiles\GoforFiles.exe Group: Malware file Last Updated: December 28, 2021
3.	goforfilesdl.exe	9c5a02c7a1f7d0006e75bc599fd9d401	167
Name: goforfilesdl.exe MD5: 9c5a02c7a1f7d0006e75bc599fd9d401 Size: 3.19 MB (3195984 bytes) Detections: 167 Type: Executable File Path: %SYSTEMDRIVE%\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\GoForFiles\goforfilesdl.exe Group: Malware file Last Updated: April 16, 2024
4.	GoforFiles.exe	b5610dad9cf8412028d916a83215dab0	30
Name: GoforFiles.exe MD5: b5610dad9cf8412028d916a83215dab0 Size: 2.26 MB (2264656 bytes) Detections: 30 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
5.	GFFUpdater.exe	8d1d4e1e605fbb54b466c649988b4ea4	13
Name: GFFUpdater.exe MD5: 8d1d4e1e605fbb54b466c649988b4ea4 Size: 985.08 KB (985088 bytes) Detections: 13 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
6.	GFFUpdater.exe	81e64578ebf5347b93cc0fe163f3f9a3	12
Name: GFFUpdater.exe MD5: 81e64578ebf5347b93cc0fe163f3f9a3 Size: 985.08 KB (985088 bytes) Detections: 12 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
7.	GoforFiles.exe	92be0506451f4452c1353a1685dc3ad1	6
Name: GoforFiles.exe MD5: 92be0506451f4452c1353a1685dc3ad1 Size: 2.26 MB (2269776 bytes) Detections: 6 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
8.	GFFUpdater.exe	b1c5a706c18908514835d9e311c29b8c	6
Name: GFFUpdater.exe MD5: b1c5a706c18908514835d9e311c29b8c Size: 985.08 KB (985088 bytes) Detections: 6 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
9.	GFFUpdater.exe	36217bbd423acac6fb365bd2893c2cb7	4
Name: GFFUpdater.exe MD5: 36217bbd423acac6fb365bd2893c2cb7 Size: 370.76 KB (370764 bytes) Detections: 4 Type: Executable File Path: %PROGRAMFILES(x86)%\GoforFiles Group: Malware file Last Updated: January 29, 2014
10.	GoForFiles6wY0w9dvx6.exe	6b125ea6b8da17cf5b73331c8331c2ce	4
Name: GoForFiles6wY0w9dvx6.exe MD5: 6b125ea6b8da17cf5b73331c8331c2ce Size: 3.93 MB (3936544 bytes) Detections: 4 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: November 28, 2014
11.	GFFUpdater.exe	bd8d50e761677bfcae41d5e940f8c136	3
Name: GFFUpdater.exe MD5: bd8d50e761677bfcae41d5e940f8c136 Size: 614.99 KB (614992 bytes) Detections: 3 Type: Executable File Path: %PROGRAMFILES(x86)%\GoforFiles Group: Malware file Last Updated: January 29, 2014
12.	GoForFilesOXEjJ1pGg9.exe	2699c9800e92397014775c9a95075609	3
Name: GoForFilesOXEjJ1pGg9.exe MD5: 2699c9800e92397014775c9a95075609 Size: 4.28 MB (4283248 bytes) Detections: 3 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: January 19, 2015
13.	GFFUpdater.exe	91f7f61101db45796a9fd527abd2a872	2
Name: GFFUpdater.exe MD5: 91f7f61101db45796a9fd527abd2a872 Size: 985.08 KB (985088 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
14.	GFFUpdater.exe	e6d2a41d2a44b64cd5bce6d55840d534	2
Name: GFFUpdater.exe MD5: e6d2a41d2a44b64cd5bce6d55840d534 Size: 2.18 MB (2180758 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
15.	GFFUpdater.exe	0c60ec8428f8ca84c5d7f4f85fae6c28	2
Name: GFFUpdater.exe MD5: 0c60ec8428f8ca84c5d7f4f85fae6c28 Size: 1.01 MB (1012736 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
16.	GoforFiles.exe	46faba7ec3307c1151725e776f1613ad	1
Name: GoforFiles.exe MD5: 46faba7ec3307c1151725e776f1613ad Size: 2.26 MB (2269776 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
17.	GFFUpdater.exe	a5ed8f5e9dc0423c066c89f0176e4d8e	1
Name: GFFUpdater.exe MD5: a5ed8f5e9dc0423c066c89f0176e4d8e Size: 200.33 KB (200336 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
18.	GoforFiles.exe	139ffa1f8df6b524cf0236e0315e386f	1
Name: GoforFiles.exe MD5: 139ffa1f8df6b524cf0236e0315e386f Size: 2.26 MB (2269776 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
19.	GoforFiles.exe	0c651819ab67ae08997ba4949c02bd57	1
Name: GoforFiles.exe MD5: 0c651819ab67ae08997ba4949c02bd57 Size: 908.94 KB (908944 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES(x86)%\GoforFiles Group: Malware file Last Updated: January 29, 2014
20.	GFFUpdater.exe	e2b220e26fb6bf692fa3d394d0e269e5	1
Name: GFFUpdater.exe MD5: e2b220e26fb6bf692fa3d394d0e269e5 Size: 1.01 MB (1012736 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
21.	GoforFiles.exe	96ee9dda9be7ef7368c83106b5a08446	1
Name: GoforFiles.exe MD5: 96ee9dda9be7ef7368c83106b5a08446 Size: 2.33 MB (2335232 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES(x86)%\GoforFiles Group: Malware file Last Updated: January 29, 2014
22.	GFFUpdater.exe	f4cc90e3948dd589ae37366b5dd2171f	1
Name: GFFUpdater.exe MD5: f4cc90e3948dd589ae37366b5dd2171f Size: 140.43 KB (140432 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
23.	uninstall.exe	716830e654c6fbe49e26e46316e9bcf2	1
Name: uninstall.exe MD5: 716830e654c6fbe49e26e46316e9bcf2 Size: 6.61 MB (6614160 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\GoforFiles Group: Malware file Last Updated: January 29, 2014
24.	C:\Program Files\GoforFiles\uninstall.exe
Name: C:\Program Files\GoforFiles\uninstall.exe Type: Executable File Group: Malware file
25.	C:\Program Files\GoforFiles\GoforFiles.exe
Name: C:\Program Files\GoforFiles\GoforFiles.exe Type: Executable File Group: Malware file

More files

Registry Details

PUP.GoforFiles may create the following registry entry or registry entries:

File name without path

GoforFiles.lnk

Regexp file mask

%TEMP%\GoForFiles[RANDOM CHARACTERS].exe

%WinDir%\System32\Tasks\GoForFiles Installer Starter

%WinDir%\System32\Tasks\GoforFilesUpdate

%WinDir%\System32\Tasks\Update Service GoForFiles

%WinDir%\Tasks\GoforFilesUpdate.job

HKEY..\..\..\..{RegistryKeys}

SOFTWARE\GoforFiles

SOFTWARE\Microsoft\Tracing\GFFUpdater_RASAPI32

SOFTWARE\Microsoft\Tracing\GFFUpdater_RASMANCS

SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32

SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoForFiles Installer Starter

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoforFilesUpdate

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service GoForFiles

SOFTWARE\Wow6432Node\GoforFiles

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

GoforFiles

GoforFilesUpdater

Update Service GoForFiles

Directories

PUP.GoforFiles may create the following directory or directories:

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\GoforFiles

%AppData%\GoforFiles

%PROGRAMFILES%\GoforFiles

%PROGRAMFILES%\GoforFiles Updater

%PROGRAMFILES(x86)%\GoforFiles

%PROGRAMFILES(x86)%\GoforFiles Updater

URLs

PUP.GoforFiles may call the following URLs:

Goforfiles.com

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

PUP.GoforFiles

Threat Scorecard

EnigmaSoft Threat Scorecard

Do not Let PUP.GoforFiles Stay on Your PC

Aliases

SpyHunter Detects & Remove PUP.GoforFiles

File System Details

Registry Details

Directories

URLs

Submit Comment

Trending

Pacmoon Airdrop Scam

Hupdex Crypto Scam

Capcheck.co.in

Most Viewed

Discord Shows Black Screen when Sharing Screen

How To Fix 'Printer Driver is Unavailable' Error

What is Msedge.exe?