Loading ...|
|
Tweet |  More |
Graftor Description
Graftor is a Trojan, which masquerades as a genuine software application. Graftor aims at connecting to the web and contacting lots of remote servers without the victim’s consent and knowledge, potentially to get instructional commands from the cybercriminal, or to distribute other malware infections. Graftor connects to a remote server without the computer user’s awareness. Graftor generates an invisible folder (C:\addons) and copies itself there. Graftor generates a new directory named “Programas21″. Graftor disables PC user’s ability to cancel Graftor’s connection to the web.
Type: Trojans
How Can You Detect Graftor?
Graftor Removal Details
Graftor has typically the following processes in memory:
- \arquivo.exe
Graftor creates the following files in the system:
- \.exe.
Graftor creates the following registry entries:
- “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\”http://bashcontrolilimited.tecnologiaovh.com” =
- “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\”http://187.109.161.62/index1.php” = “AutoConfigURL”
- “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\”http://fitness.poxyport.info” = AutoConfigURL”
- “AutoConfigUrl”
Important Article Disclaimer
This entry was last updated on 08/17/12 and posted on 06/4/12.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Graftor
Leave a Comment
Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.