Graftor, Advertising software (Adware).

Graftor is as adware. Specifically it belongs to a family of Potentially Unwanted Software with adware features and polluteware.

It installs as a program with random names like " LighterGeneration », « PremiumStream " or " ContradePlatform ». He added other programs without the knowledge of the user. It pollutes the storage units and / or the Registry for.

Adware

This program is ranked in the category of adware (Adware), from English "ADS" diminutive English Warning (poster promoting). Adware is usually installed as a program or as a browser extension and are loaded at system boot. They can launch services, start scheduled tasks and create shortcuts on your desktop. All these operations are done with or without your consent under the terms of his contract of use. Installed, adware can change some settings on your browsers such as search pages, the start page or your error page "404". An adware can collect your browsing habits and report to a server by tracking method This is because most often a marketing solution for customer loyalty.

While browsing it usually displays ads in the form of coupons and banners in the form of popups. These ads are usually signed with the words "Powered by", "Brought to you by" or "Ads by", followed by the name of adware. But some adware exaggerate the size and frequency of display ads, which can affect the speed of Internet navigation and the visibility of the content of pages viewed. Also note that the publisher of advertising can disclaim responsibility for the content of his ads by targeted links. Ultimately, the goal of these programs is to make money by generating web traffic to sponsored websites. Some adware are installed via packaged software and are not necessarily desired by the user and the virus generally into Potentially Unwanted Software (LPI/PUP).

Potentially Unwanted Software (LPI)

Potentially unwanted software (LPI) ou Potentialy Unwanted Programs (PUP) are causing many infections. The most frequently encountered example is adware InstallCore, CrossRider, Graftor or Boxore that pollute the Registry for data and storage units. They are usually installed without your knowledge by downloading freeware. Indeed some sites use Repackaging method, an operation that is to redo the installation package of the software by adding download options. These options allow you to add other software such as browser toolbars, des adwares, potentially unwanted software, intrusive advertisements software, even hijackers.

Spyware (spywares) and adware (Adwares) undesirable, as malware, can use the write legitimate software vulnerabilities or those operating systems. It is therefore essential to have official software and they have an automatic update. Also your Windows operating system must be programmed in automatic update mode and activated, so you can have the latest critical security flaws updates.

Characteristics

See details of lines

– It installs as a process launched at startup of the system (RP),
- It installs a program extension for the Google Chrome browser (G2),
- It installs an extension program for the Mozilla Firefox browser (M2),
- It installs a Mozilla Firefox Plugin (P2),
- It installs as a service to be launched at every system start (O23),(SS/SR),
- It installs as a program (O42),
– It creates to many registry keys ‘Software’,
– It creates additional folders (O43),
– It moved to the Windows prefetcher folder (O45),

[collapse]

Overview in reports

See details of lines

[MD5.CF3E485E3D3D7CCAB27B139D73B63E20] – (…) — c:\Windows faw.exe [417792] [PID.1932]
[MD5.A50CD1BC1CFFEC65E0D176DBEC70682A] – (…) — c:\Windowsmfaw.exe [408576] [PID.1976]
O23 – Service: faw (faw) . (…) – c:\Windows faw.exe
O23 – Service: SystemSafeguard (11c3b81e) . (…) – c:\Program Files (x86)\SystemSafeguardSystemSafeguard.dll
O23 – Service: mfaw (mfaw) . (…) – c:\Windowsmfaw.exe
O43 – CFD: 2015/07/15 16:19:03 – [] HD — C:\ProgramData faw
OR - Auto [2015/07/15 15:18:18] [ 417792] faw (faw) . (…) – c:\Windows faw.exe
OR - Auto [2015/07/15 15:18:19] [ 408576] mfaw (mfaw) . (…) – c:\Windowsmfaw.exe
M2 - off: prefs.js [Coolman – ukc1hexj.default-1415047178103B4Rrunly@4T.net] [] crazylowerprice v0.3 (..)
HKLMSOFTWAREWow6432NodeSystemLifterX

O42 - Software: SystemSafeguard – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fd3b02ee}
O43 – CFD: 2015/08/26 09:41:51 – [] D — C:\Program Files (x86)\SystemSafeguard

O23 – Service: PremiumStream (32c3c91d) . (…) – c:\Program Files (x86)\PremiumStreamPremiumStream.dll
O42 - Software: PremiumStream – (.PremiumStream.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{d65a1a66}
O43 – CFD: 2015/08/21 09:21:51 – [] D — C:\Program Files (x86)\PremiumStream

O23 – Service: ContradePlatform (21d3b91f) . (…) – c:\Program Files (x86)\ContradePlatformContradePlatform.dll
O42 - Software: ContradePlatform - (.PointerBooster.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}
O43 – CFD: 2015/08/22 05:21:52 – [] D — C:\Program Files (x86)\ContradePlatform

O23 – Service: EnhanceIt (31d3b91f) . (…) – c:\Program Files (x86)\EnhanceItEnhanceIt.dll
O42 - Software: enhanceit – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{51489c1e}
O43 – CFD: 2015/07/12 05:01:02 – [] D — C:\Program Files (x86)\EnhanceIt

O23 – Service: CutterInstance (3c2d81f8) . (…) – c:\Program Files (x86)\CutterInstanceCutterInstance.dll
O42 - Software: CutterInstance – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{51489c1e}
O43 – CFD: 16/01/2015 – 17:34:56 – [] —-D C:\Program Files (x86)\CutterInstance
SS – | Auto 22/07/1658 2198016 | (3c2d81f8) . (…) – c:\Program Files (x86)\CutterInstanceCutterInstance.dll

O23 – Service: UpgradeStance (8ae27094) . (…) – c:\Program Files (x86)\UpgradeStanceUpgradeStance.dll
O42 - Software: UpgradeStance – (.PointerBooster.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}
O43 – CFD: 12/01/2015 – 07:46:02 – [] —-D C:\Program Files (x86)\UpgradeStance

O23 – Service: LinkInstance (10c4b81f) . (…) – c:\Program Files (x86)\LinkInstanceLinkInstance.dll
O42 - Software: LinkInstance – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{10c3b81e}
O43 – CFD: 20/01/2015 – 07:41:28 – [] —-D C:\Program Files (x86)\LinkInstance
SR – | Auto 20/01/2015 2189312 | (10c3b81e) . (…) – c:\Program Files (x86)\LinkInstanceLinkInstance.dll

O23 – Service: LibraryInstance (1ca156e3) . (.Software Publisher.) – c:\Program Files (x86)\LibraryInstanceLibraryInstance.dll
O42 - Software: LibraryInstance – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{1ca156e3}
O43 – CFD: 20/01/2015 – 14:47:37 – [0] —-D C:\Program Files (x86)\LibraryInstance

O23 – Service: LighterGeneration (f22bc34d) . (.Software Publisher – ???.) – c:\Program Files (x86)\LighterGenerationLighterGeneration.dll
O42 - Software: LighterGeneration – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f22bc34d}
O43 – CFD: 22/01/2015 – 11:46:37 – [0] —-D C:\Program Files (x86)\LighterGeneration

O23 – Service: PragmaGeneration (b80b68f9) . (…) – c:\Program Files (x86)\PragmaGenerationPragmaGeneration.dll
O42 - Software: PragmaGeneration - (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{b80b68f9}
O43 – CFD: 22/03/2015 – 11:47:37 – [0] —-D C:\Program Files (x86)\PragmaGeneration

O23 – Service: SystemContinue O23 – Service: SystemContinue (9617fb41) . (…) – c:\Program Files (x86)\SystemContinueSystemContinue.dll
O42 - Software: SystemContinue – (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{9617fb41}
O43 – CFD: 22/02/2015 – 11:48:37 – [0] —-D C:\Program Files (x86)\SystemContinue

O42 - Software: PragmaFoobar - (.Software Publisher.) [HKLM][64Bits] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{ed30d1cf}
O43 – CFD: 29/08/2015 – [0] D — C:\Program Files (x86)\PragmaFoobar

O42 - Software: SoftwareRaise – (.Software Publisher.) [HKLM] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fa120929}
O43 – CFD: 10/02/2015 – [0] D — C:\Program Files (x86)\SoftwareRaise

O42 - Software: SemiconIntern – (.CenturyUpgrader.) [HKLM] — {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{24c54e38}
O43 – CFD: 10/02/2015 – [0] D — C:\Program Files (x86)\SemiconIntern

identified the 20/06/2016
O43 – CFD: 09/06/2016 – [] D — C:\ProgramDataQuoteex
O43 – CFD: 06/06/2016 – [] D — C:\ProgramDataQuoteexs
HKLMSOFTWAREWow6432NodemtQuoteex
HKCUSOFTWAREQGuan72564
HKCUSOFTWAREQGuan90132

[collapse]

Alias

ALYac Gen:Variant.Graftor.280039
Ad-Aware Gen:Variant.Graftor.280039
Arcabit Trojankgrfatorkd445a7
BitDefender Gen:Variant.Graftor.280039
Emsisoft Gen:Variant.Graftor.280039
eScan Gen:Variant.Graftor.280039
F-Secure Gen:Variant.Graftor.280039
GData gene:Variant.Graftor.280039
Malwarebytes Adware.Graftor
Malwarebytes PUP.Optional.Graftor.A

Associate Editors

See details of lines

Binkiland
CenturyUpgrader
PointerBooster
PremiumStream
WSE_Binkiland

[collapse]

Some products

See details of lines

Binkiland
ContradePlatform
CrazyLowerPrice
CutterEdit
CutterInstance
EnhanceIt
LibraryInstance
LighterGeneration
PragmaFoobar
PragmaGeneration
PremiumStream
SemiconIntern
SoftwareRaise
SystemContinue
SystemSafeguard
UpgradeStance

[collapse]

How to remove Graftor ?

Delete Microsoft Windows

zhpcleaner

Delete with ZHPCleaner

Diagnose ZHPDiag

Responsibility : The principle of non-responsibility of the original site, in terms of content pointed target sites, recalled by Case 19 September 2001 the Court of Appeal of Paris. The words that I hold here reflect my opinions and suggestions are - the visitor does not have to follow the.
Graftor, Advertising software (Adware)
5 (100%) 3 vote[s]

Total views 3,670 (Today 9 )