Graftor, Logiciel Publicitaire (Adware).

Graftor presents itself as an adware. Specifically it belongs to a family of software potentially unwanted with adware and polluteware features.

He's moved as a program with random as names «» LighterGeneration », « PremiumStream «or «» ContradePlatform ». He added other programs without the knowledge of the user. It pollutes storage units and/or the Base of registers.

Logiciel Publicitaire (Adware)

This program is ranked in the category of adware (Adware), English "ADS" diminutive of English warning (Promotion poster). Adware usually settle as a program or as a browser extension and are loaded each time the system starts. They can launch services, Start scheduled tasks and create shortcuts on your desktop. All these operations are carried out with or without your consent under the terms of his contract of use. Once installed, adware may change some settings in your browsers, like for example the pages of research, the start page or even your error page "404". Adware may collect your browsing habits and communicate them to a server by the method of tracking because it is more often a marketing solution to retain customers.

During navigation it usually displays advertisements in the form of coupons and banners in the form of popups. These ads are usually signed with the words "Powered by", "Brought to you by" or even "Ads by", followed by the name of the adware. But some adware are exaggerated in size and the frequency of the display ads, which can affect the speed of internet browsing and the visibility of the content of the pages visited. Note also that the advertising editor can decline any responsibility on the content of the links targeted by its ads. In the end, the goal of these programs is to make money by generating Web traffic to sponsored sites. Some adware are installed via the software bundled and are not necessarily desired by the user and antivirus generally classify them in potentially unwanted software (LPI/PUP).

Potentially unwanted software (LPI)

Potentially unwanted software (LPI) or potentially Unwanted Programs (PUP) are the cause of many infections. The most frequently encountered example is adware InstallCore, CrossRider, Graftor or Boxore pollute your data storage units and the Base of records. They usually settled without your knowledge via freeware download. In fact some sites use the repaquetage method, an operation that is to repeat the installation of the software module by adding download options. These options allow you to add other software as for example browser tool bars, the adware, potentially unwanted software, intrusive ads software, and even browser hijackers.

Spyware (spyware) and adware (Adware) unwanted, as malware, can use the vulnerabilities of writing the legitimate software or operating systems. It is therefore essential to have official software and that they have an automatic update. Your Windows operating system must be programmed in mode update automatic and active, in order to have the latest updates of critical security vulnerabilities.


See the detail of the lines

-It installs as a process launched at startup of the system (RP),
-It installs a program extension for Google Chrome browser (G2),
-It installs a program of extension for the Mozilla Firefox browser (M2),
-It installs a plugin for Mozilla Firefox browser (P2),
-It installs as a service to be launched each time the system starts (O23),(SS/SR),
-It can be installed as a program (O42),
– It creates to many registry keys ‘Software’,
– It creates additional folders (O43),
– It moved to the Windows prefetcher folder (O45),


Aperçu dans les rapports

See the detail of the lines

[MD5. CF3E485E3D3D7CCAB27B139D73B63E20] -. (...) — c:\Windowsfaw.exe [417792] [PID.1932]
[MD5. A50CD1BC1CFFEC65E0D176DBEC70682A] -. (...) — c:\Windowsmfaw.exe [408576] [PID.1976]
O23 - Service: faw (faw) . (...) – c:\Windowsfaw.exe
O23 - Service: SystemSafeguard (11c3b81e) . (...) – c:\Program Files (x86)\SystemSafeguardSystemSafeguard.dll
O23 - Service: mfaw (mfaw) . (...) – c:\Windowsmfaw.exe
O43 - CFD: 2015/07/15 16:19:03 -. [] HD — C:\ProgramDatafaw
SR - Auto [2015/07/15 15:18:18] [ 417792] faw (faw) . (...) – c:\Windowsfaw.exe
SR - Auto [2015/07/15 15:18:19] [ 408576] mfaw (mfaw) . (...) – c:\Windowsmfaw.exe
M2 – MFEP: prefs.js [Coolman –] [] crazylowerprice v0.3 (..)

O42 - software: SystemSafeguard – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fd3b02ee}
O43 - CFD: 2015/08/26 09:41:51 -. [] D C:\Program Files (x86)\SystemSafeguard

O23 - Service: PremiumStream (32c3c91d) . (...) – c:\Program Files (x86)\PremiumStreamPremiumStream.dll
O42 - software: PremiumStream – (.PremiumStream.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{d65a1a66}
O43 - CFD: 2015/08/21 09:21:51 -. [] D C:\Program Files (x86)\PremiumStream

O23 - Service: ContradePlatform (21d3b91f) . (...) – c:\Program Files (x86)\ContradePlatformContradePlatform.dll
O42 - software: ContradePlatform – (.PointerBooster.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}
O43 - CFD: 2015/08/22 05:21:52 -. [] D C:\Program Files (x86)\ContradePlatform

O23 - Service: EnhanceIt (31d3b91f) . (...) – c:\Program Files (x86)\EnhanceItEnhanceIt.dll
O42 - software: enhanceit – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{51489c1e}
O43 - CFD: 2015/07/12 05:01:02 -. [] D C:\Program Files (x86)\EnhanceIt

O23 - Service: CutterInstance (3c2d81f8) . (...) – c:\Program Files (x86)\CutterInstanceCutterInstance.dll
O42 - software: CutterInstance – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{51489c1e}
O43 - CFD: 16/01/2015 -. 17:34:56 -. [] —-D C:\Program Files (x86)\CutterInstance
SS – | Auto 22/07/1658 2198016 | (3c2d81f8) . (...) – c:\Program Files (x86)\CutterInstanceCutterInstance.dll

O23 - Service: UpgradeStance (8ae27094) . (...) – c:\Program Files (x86)\UpgradeStanceUpgradeStance.dll
O42 - software: UpgradeStance – (.PointerBooster.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}
O43 - CFD: 12/01/2015 -. 07:46:02 -. [] —-D C:\Program Files (x86)\UpgradeStance

O23 - Service: LinkInstance (10c4b81f) . (...) – c:\Program Files (x86)\LinkInstanceLinkInstance.dll
O42 - software: LinkInstance – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{10c3b81e}
O43 - CFD: 20/01/2015 -. 07:41:28 -. [] —-D C:\Program Files (x86)\LinkInstance
SR – | Auto 20/01/2015 2189312 | (10c3b81e) . (...) – c:\Program Files (x86)\LinkInstanceLinkInstance.dll

O23 - Service: LibraryInstance (1ca156e3) . (.Software Publisher.) – c:\Program Files (x86)\LibraryInstanceLibraryInstance.dll
O42 - software: LibraryInstance – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{1ca156e3}
O43 - CFD: 20/01/2015 -. 14:47:37 -. [0] —-D C:\Program Files (x86)\LibraryInstance

O23 - Service: LighterGeneration (f22bc34d) . (.Software Publisher – ???.) – c:\Program Files (x86)\LighterGenerationLighterGeneration.dll
O42 - software: LighterGeneration – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f22bc34d}
O43 - CFD: 22/01/2015 -. 11:46:37 -. [0] —-D C:\Program Files (x86)\LighterGeneration

O23 - Service: PragmaGeneration (b80b68f9) . (...) – c:\Program Files (x86)\PragmaGenerationPragmaGeneration.dll
O42 - software: PragmaGeneration – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{b80b68f9}
O43 - CFD: 22/03/2015 -. 11:47:37 -. [0] —-D C:\Program Files (x86)\PragmaGeneration

O23 - Service: SystemContinue O23 – Service: SystemContinue (9617fb41) . (...) – c:\Program Files (x86)\SystemContinueSystemContinue.dll
O42 - software: SystemContinue – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{9617fb41}
O43 - CFD: 22/02/2015 -. 11:48:37 -. [0] —-D C:\Program Files (x86)\SystemContinue

O42 - software: PragmaFoobar – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{ed30d1cf}
O43 - CFD: 29/08/2015 -. [0] D C:\Program Files (x86)\PragmaFoobar

O42 - software: SoftwareRaise – (.Software Publisher.) [HKLM] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fa120929}
O43 - CFD: 10/02/2015 -. [0] D C:\Program Files (x86)\SoftwareRaise

O42 - software: SemiconIntern – (.CenturyUpgrader.) [HKLM] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{24c54e38}
O43 - CFD: 10/02/2015 -. [0] D C:\Program Files (x86)\SemiconIntern

Recensé le 20/06/2016
O43 - CFD: 09/06/2016 -. [] D C:\ProgramDataQuoteex
O43 - CFD: 06/06/2016 -. [] D C:\ProgramDataQuoteexs



ALYac Gen:Variant.Graftor.280039
Ad-Aware Gen:Variant.Graftor.280039
Arcabit Trojan.Graftor.D445E7
BitDefender Gen:Variant.Graftor.280039
Emsisoft Gen:Variant.Graftor.280039
eScan Gen:Variant.Graftor.280039
F-Secure Gen:Variant.Graftor.280039
GData Gen:Variant.Graftor.280039
Malwarebytes Adware.Graftor
Malwarebytes PUP. Optional.Graftor.A

Associate editors

See the detail of the lines



Some products

See the detail of the lines



Comment supprimer Graftor ?

Delete with Microsoft Windows


Delete with ZHPCleaner

Diagnose with ZHPDiag

Responsibility : The principle of no liability for the original site, in the light of the content of the target sites pointing, is recalled by the judgment of the 19 September 2001 the Court of appeal of Paris. What I want here reflects my opinion and suggestions - the visitor is not obliged to follow.