About "Graftor.372504" infection

The Graftor.372504 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Graftor.372504 virus can do?

Executable code extraction
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Norwegian (Nynorsk)
Installs itself for autorun at Windows startup
Creates a hidden or system file
Creates a copy of itself
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

sd9.ren

How to determine Graftor.372504?


File Info:
crc32: D9E9267D
md5: d7cfcffec1fd595fcb0db216cefb4af4
name: D7CFCFFEC1FD595FCB0DB216CEFB4AF4.mlw
sha1: 14377338bd81a3c4f44f36563b0ea05295aeeb9b
sha256: 02f3e0d3713dc386d7965403ab1fcb8d225f9e81900ffc7e688300d9b7c8442a
sha512: 8ba9552a256e7f980e93a973a12fff3be7a48a3dab31480b68722b62677d62f590d942227eafc65ff22e0eab7c06e1112e7b1c3450aab84d4d72ada56164d975
ssdeep: 1536:4PIHf7coWWV7BckjThNltK0htrgh3izODDQ0QoNci5rjLK0BAczerM0nl5x:4PI/0YBpjVd1eiSo5o2i5O0BBz8jl5x
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: x7248x6743x6240x6709 (C) 2001
InternalName: Slide
FileVersion: 1, 0, 0, 1
CompanyName: 
LegalTrademarks: 
ProductName: Slide x5e94x7528x7a0bx5e8f
ProductVersion: 1, 0, 0, 1
FileDescription: Slide Microsoft x57fax7840x7c7bx5e94x7528x7a0bx5e8f
OriginalFilename: Slide.EXE
Translation: 0x0804 0x04b0

Graftor.372504 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 00521b151 )
Lionic	Trojan.Win32.Zegost.m!c
Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader26.10190
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.Mauvaise.SL1
ALYac	Gen:Variant.Graftor.372504
Cylance	Unsafe
Zillya	Backdoor.Zegost.Win32.5532
Sangfor	Backdoor.Win32.Zegost.mtggk
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Backdoor:Win32/Zegost.8df2bee4
K7GW	Trojan ( 00521b151 )
Cybereason	malicious.ec1fd5
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/GenKryptik.BLHD
APEX	Malicious
Avast	Win32:Malware-gen
Kaspersky	Backdoor.Win32.Zegost.mtggk
BitDefender	Gen:Variant.Graftor.372504
NANO-Antivirus	Trojan.Win32.Zegost.exeihf
MicroWorld-eScan	Gen:Variant.Graftor.372504
Tencent	Win32.Backdoor.Zegost.Wtnr
Ad-Aware	Gen:Variant.Graftor.372504
Sophos	Mal/Generic-S
Comodo	TrojWare.Win32.TrojanProxy.Horst.~O@f80r9
BitDefenderTheta	Gen:NN.ZexaF.34294.hq0@ae70QRBT
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	BKDR_ZEGOST.SM34
McAfee-GW-Edition	GenericRXDV-LC!D7CFCFFEC1FD
FireEye	Generic.mg.d7cfcffec1fd595f
Emsisoft	Gen:Variant.Graftor.372504 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Backdoor.Zegost.uv
Avira	HEUR/AGEN.1111320
eGambit	Unsafe.AI_Score_100%
Antiy-AVL	Trojan/Generic.ASMalwS.23F2F1E
Microsoft	Trojan:Win32/TrickBot.RT!MTB
GData	Gen:Variant.Graftor.372504
AhnLab-V3	Backdoor/Win32.Zegost.C2347347
Acronis	suspicious
McAfee	GenericRXDV-LC!D7CFCFFEC1FD
MAX	malware (ai score=98)
VBA32	Backdoor.Zegost
Panda	Trj/GdSda.A
TrendMicro-HouseCall	BKDR_ZEGOST.SM34
Rising	Trojan.Generic@ML.100 (RDML:OmbhMKgREoq+XLKi5/aTeg)
Yandex	Trojan.GenAsa!RVRyPSQbm3k
Ikarus	Trojan.Win32.Krypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/GenKryptik.EGBG!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove Graftor.372504?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About “Graftor.372504” infection