Malware

Graftor.912492 (B) removal guide

Malware Removal

The Graftor.912492 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.912492 (B) virus can do?

  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • A process attempted to delay the analysis task.
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Deletes its original binary from disk
  • Creates a hidden or system file
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Creates a slightly modified copy of itself
  • Anomalous binary characteristics

How to determine Graftor.912492 (B)?



File Info:

crc32: FCEA1910
md5: a52a9d0e758b05f91b65db8091aa60e4
name: A52A9D0E758B05F91B65DB8091AA60E4.mlw
sha1: a114b95490b4eb9dcc249b39b5be87464ef41672
sha256: 5538405c4c758c96efa8d1e06bbd64454ee4249e953390e5a6a646de621cb1a1
sha512: 381055699140571bee491b94e2cdd8f3eeaf553f3b7a4c133c609941933b4eff104fb3ae530bfd0c1d9f06a67f9101a934f317826c52d923b6a84bd511dd21f0
ssdeep: 49152:PvVHGlmEHmy4ZFp/EStBKOS1Ch2eCygdzMv:xU9/GF6SnKOmCYB7z2
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: www.QQHelper.net
InternalName: QQx519cx7267x52a9x624b
FileVersion: 1.5.2.305
CompanyName: www.QQHelper.net
LegalTrademarks: www.QQHelper.net
ProductName: QQx519cx7267x52a9x624b
ProductVersion: 1.0.0.0
FileDescription: QQx519cx7267x52a9x624b
OriginalFilename: QQHelper.exe
Translation: 0x0804 0x03a8

Graftor.912492 (B) also known as:

DrWebTrojan.DownLoader37.16809
MicroWorld-eScanGen:Variant.Graftor.912492
FireEyeGen:Variant.Graftor.912492
ALYacGen:Variant.Graftor.912492
CylanceUnsafe
AegisLabRiskware.Win32.Graftor.1!c
SangforTrojan.Win32.Wacatac.A
BitDefenderGen:Variant.Graftor.912492
BitDefenderThetaGen:NN.ZelphiF.34608.VnKfaKCe5JhR
CyrenW32/Trojan.XZHO-5868
SymantecML.Attribute.HighConfidence
AvastWin32:AdwareX-gen [Adw]
AlibabaTrojan:Win32/AdwareX.006640da
RisingMalware.Heuristic!ET#98% (RDMK:cmRtazo509Id8rVStuODkO+fDTqE)
Ad-AwareGen:Variant.Graftor.912492
EmsisoftGen:Variant.Graftor.912492 (B)
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
SophosMal/Generic-S
MicrosoftProgram:Win32/Uwamson.A!ml
GridinsoftTrojan.Win32.Agent.oa
ArcabitTrojan.Graftor.DDEC6C
AhnLab-V3Unwanted/Win32.HackTool.R119402
GDataGen:Variant.Graftor.912492
CynetMalicious (score: 100)
McAfeeGenericRXAA-AA!A52A9D0E758B
MAXmalware (ai score=86)
VBA32BScope.Trojan.Click
MalwarebytesAdware.QQHelper
TrendMicro-HouseCallTROJ_GEN.R06CH09C521
IkarusPUA.QQfarmer
FortinetRiskware/Application
AVGWin32:AdwareX-gen [Adw]
Cybereasonmalicious.e758b0
Paloaltogeneric.ml

How to remove Graftor.912492 (B)?

Graftor.912492 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment