Graftor.167578 removal instruction

The Graftor.167578 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Graftor.167578 virus can do?

Behavioural detection: Executable code extraction – unpacking
Authenticode signature is invalid

How to determine Graftor.167578?


File Info:
name: C42AB9CCEECE67CD111F.mlw
path: /opt/CAPEv2/storage/binaries/db8213dd4a5533ca7fea722860cdacfc3f7a2a9fbe207e3b502ce2052bfee77d
crc32: 82389915
md5: c42ab9cceece67cd111f1918d2251ae1
sha1: dacf749dd7ead22df185fe98fcc50886817ea363
sha256: db8213dd4a5533ca7fea722860cdacfc3f7a2a9fbe207e3b502ce2052bfee77d
sha512: 5041b545ecefad4f443a94558a783b11e3695c0b6bf3bab0ccf24ef75c2e1e12df7d1f0e6476c987ee302b0526364b32557a55e69ed698b7f35b64e2d49d90a7
ssdeep: 384:Ik/NeT+OAlEmDxVzzCfbJcNuFw4EQ5g3TrT8VRJXKhjjC2zIxivkDy0iuLOVGz:Ik/YP8VPUYOpMjWgIQv+IKOVG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12F03F833E9AC1026F26786B51D7581AAB9267C301A50CE5732897F9C1E71683BDF071F
sha3_384: 7b24005d65ac3a7b080387e81ce674e852864b88dba7a225d2a8462f68e3a034c97f693b0babe64951eaa16614cf69aa
ep_bytes: 68601a4000e8eeffffff000000000000
timestamp: 2013-11-27 02:41:06

Version Info:
Translation: 0x0409 0x04b0
CompanyName:  kkkkk
ProductName: ¸³³©¾¯¬¸¬¸
FileVersion: 1.00
ProductVersion: 1.00
InternalName: teclas_de_setas
OriginalFilename: teclas_de_setas.exe

Graftor.167578 also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	Gen:Variant.Graftor.167578
FireEye	Generic.mg.c42ab9cceece67cd
ALYac	Gen:Variant.Graftor.167578
Malwarebytes	Generic.Malware/Suspicious
Sangfor	Suspicious.Win32.Save.vb
Alibaba	TrojanSpy:Win32/Itsproc.a46735de
Cybereason	malicious.dd7ead
BitDefenderTheta	AI:Packer.C1371B0620
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of Win32/Spy.VB.NTH
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Gen:Variant.Graftor.167578
SUPERAntiSpyware	Trojan.Agent/Gen-FalComp
DrWeb	Trojan.Siggen6.225
VIPRE	Gen:Variant.Graftor.167578
Trapmine	malicious.moderate.ml.score
Sophos	Mal/Generic-S
Ikarus	Trojan.Win32.Itsproc
Avira	HEUR/AGEN.1337714
MAX	malware (ai score=87)
Kingsoft	malware.kb.a.1000
Gridinsoft	Trojan.Win32.Agent.sa
Arcabit	Trojan.Graftor.D28E9A
ZoneAlarm	Trojan.Win32.Agent.aczdp
GData	Gen:Variant.Graftor.167578
Google	Detected
AhnLab-V3	Trojan/Win32.Agent.R110950
VBA32	Trojan.Agent
Cylance	unsafe
Tencent	Win32.Trojan.Agent.Gmnw
Yandex	Trojan.GenAsa!d9UmsxjvwrA
SentinelOne	Static AI – Malicious PE
Fortinet	W32/Bancos.OKU!tr
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Graftor.167578?

Graftor.167578 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X