Remove Graftor
Removal instructions

Severity scale:  
  (45/100)
Graftor is also known as Win32.Graftor, W32/Graftor | Type: Trojans

Graftor is a family of malicious Trojan horses which pretends to be legitimate applications. It tries to connect to internet and contact various different servers without user knowledge, probably to get commands from attacker, or to download more malware.

Graftor family includes several different types of malware, some of them even pretends to be a media player. Here’s a list of things that it can do:

  • Modifies autorun registry to run automatically when Windows starts
  • Copies malicious executable files into its profile directory
  • Installs its components in background
  • Connects to a remote server without user knowledge
  • Creates a hidden folder (C:\addons) and copy itself there
  • Creates a new directory called "Programas21"
  • Disables users ability to cancel Graftors connection to the Internet


It is very important to remove Graftor from your PC. Manual removal might not delete all files of this Trojan, so it’s recommended doing a full system scan with a reputable anti-malware software to ensure your systems security level is high.

Automatic Graftor removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Graftor you agree with our Privacy Policy and Agreement of Use.
Do it now!
Download
remover for Graftor Happiness
Guarantee
Compatible with Microsoft
SpyHunter is recommended remover to uninstall Graftor. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove Graftor using SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.

Alternate Software

STOPzilla
We are testing STOPzilla's efficiency at removing Graftor (2012-06-04 07:51:08)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing Graftor (2012-06-04 07:51:08)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing Graftor (2012-06-04 07:51:08)
Defender Pro Ultimate
We are testing Defender Pro Ultimate's efficiency at removing Graftor (2012-06-04 07:51:08)
Virus Removal Phone Support
1-877-657-9614
Help Line to remove Graftor

Graftor manual removal

Kill processes:
arquivo.exe
modpro.exe
Delete registry values:
Remove "http://187.109.161.62/index1.php" from registry value "AutoConfigURL" at "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\".
Remove "http://fitness.poxyport.info" from registry value "AutoConfigURL" at "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\".
Remove "http://bashcontrolilimited.tecnologiaovh.com" from registry value "AutoConfigUrl" at "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\".
Remove autorun entry "Microsofts" which is pointing to "<$WINDIR>\<$ENV(Win32Graftor3471_Filename)>.exe".
Remove autorun entry "sbthost" which is pointing to "<$APPDATA>\arquivo.exe".
Delete files:
The file at "<$APPDATA>\arquivo.exe
Delete directories:
C:\Programas21
C:\addons

Information added: 06/04/12 07:51; information updated: 06/04/12 07:51

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Post a comment

Attention: Use this form only if you have additional information about Graftor parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)
Like us on Facebook
Read on mobile
News
Press Mentions
I failed to remove Graftor using SpyHunter.

Email


Close
add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!