Severity scale:  

Graftor. How to remove? (Uninstall guide)

removal by Jake Doevan - -   Also known as Win32.Graftor, W32/Graftor | Type: Trojans

Graftor is a family of malicious Trojan horses which pretends to be legitimate applications. It tries to connect to internet and contact various different servers without user knowledge, probably to get commands from attacker, or to download more malware.

Graftor family includes several different types of malware, some of them even pretends to be a media player. Here’s a list of things that it can do:

  • Modifies autorun registry to run automatically when Windows starts
  • Copies malicious executable files into its profile directory
  • Installs its components in background
  • Connects to a remote server without user knowledge
  • Creates a hidden folder (C:\addons) and copy itself there
  • Creates a new directory called “Programas21”
  • Disables users ability to cancel Graftors connection to the Internet

It is very important to remove Graftor from your PC. Manual removal might not delete all files of this Trojan, so it’s recommended doing a full system scan with a reputable anti-malware software to ensure your systems security level is high.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Graftor you agree to our privacy policy and agreement of use.
do it now!
Reimage (remover) Happiness
Reimage (remover) Happiness
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Graftor. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

More information about this program can be found in Reimage review.
Press mentions on Reimage

Graftor manual removal:

Kill processes:


Delete registry values:
Remove "" from registry value "AutoConfigURL" at "HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings".

Remove "" from registry value "AutoConfigURL" at "HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings".

Remove "" from registry value "AutoConfigUrl" at "HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings".

Remove autorun entry "Microsofts" which is pointing to "<$WINDIR><$ENV(Win32Graftor3471_Filename)>.exe".

Remove autorun entry "sbthost" which is pointing to "<$APPDATA>arquivo.exe".

Delete files:
The file at "<$APPDATA>arquivo.exe

Delete directories:


About the author

Jake Doevan
Jake Doevan - Computer technology expert

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Jake Doevan
About the company Esolutions