How to remove GravityRAT trojan virus

Now we'll talk about GravityRAT, that infected the system, and you unwillingly assisted it to do so. This tool can call issues on your computer, and we earnestly recommend you to remove it as soon as you'll finish reading this item. The safest way to stop the Trojan infestation is to know how to distinguish viruses. In the very beginning, we should explain you the crucial things about Trojans. Trojans are the specific sort of viruses that is known for secrecy and multitasking, but isn't capable of solely infecting victim's PC. In fact, Trojans can't be called viruses, because viruses can multiply and independently infect systems. Trojans depend on people totally, at all times of their "life". The original host of young Trojan is its owner that grants it a form of a helpful tool and places it on cozy file-sharing website. Since then, the program is waiting until a gullible customer will download it and offer his services as a victim. One more crucial thing about Trojans is that most of the times they're being distributed with help of bundled installation, which means that they infest the machine in one package with few other viruses.


When Trojan finally finds a victim it starts to pursue its aims, which obviously means bad things for you and your computer. Trojan viruses are the largest sort of unwanted software, and might include your device in a botnet, scrounge your passwords or induce lots of problems with your PC. Here is a short enumeration of possible ways for using Trojan viruses:


  • Trojan programs, thanks to their stealthiness, are nearly perfect means for espionage. Trojan can dwell in an unprotected PC for years, collecting info about its owner, visited websites, passwords, accounts and, possibly, even the text entered via keyboard.
  • The less common manner of using Trojans is to make so-called botnets. Botnet is a web of thousands or at least hundreds of PC's, or some other "smart" devices, with which fraudsters are performing their illegal schemes. The multiplicity of actions is pretty wide: from DDoS attacks on any sites to large malspam campaigns, and it usually results in restrictions from Google for single IP address or the whole subnet.


All these ways of applying Trojan viruses can be carried out separately or at the same time. In addition to the written in the previous paragraphs major goals that directly give profit to swindlers, Trojans have multiple side effects: they use the resources of your PC, choke the system with useless programs and prevent the workstation from running for its primary function. Knowing this, you will listen to our tip and uninstall GravityRAT once and for all.

Removal instruction

Step 1. Boot the system into safe mode

  • Press Start
  • Type Msconfig and press Enter

Safe mode. Step 1


  • Select Boot tab

Safe mode. Step 2



  • Select Safe boot and press Ok

More information about Safe mode: What is Safe Mode and how to boot computer in Safe Mode


Step 2. Show all hidden files and folders

  • Press Start
  • Click on Control Panel

Show hidden files. Step 1


  • Select Appearance and Personalization

Show hidden files. Step 2


  • Click on Folder Options
  • Select View tab
  • Select Show hidden files, folders and drives

Show hidden files. Step 3


  • Press Ok


Step 3. Remove virus files


Check next folders to find suspicious files:

  • %TEMP%
  • %ProgramData%


Step 4. Fix hosts file

  • Go to %SystemRoot%\System32\drivers\etc\ folder



  • Open hosts file using Notepad or other text editor
  • Delete suspicious elements
  • Basic hosts file looks like this:



Step 5. Clean registry (for experienced users)

  • Click Start
  • Type Regedit.exe and press Enter
  • Clean startup registry keys
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\RunOnce
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\RunServices
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit

Step 6. Scan computer with antivirus


Here comes an easy and fast method to get rid of GravityRAT through Spyhunter AV program. This program will not only clear your device of any installed programs on it, but simultaneously shield it from further suchlike troubles. Spyhunter works in fully independent mode, and to uninstall some Trojans you will only have to buy the program, establish it and start it. We think that this manner is a priority, because it is difficult for a common customer to recognize which of the files in the system is dangerous. By removing the wrong file, you might seriously disrupt the computer, and provoke its critical fault. If you're not certain about Spyhunter, you can check it yourself by installing a test version.


Special Offer

Download Spyhunter - Anti-malware scanner

We advise downloading SpyHunter to see, if it can detect malware for you.

Spyhunter has a biggest malware database

It protects the system against all kinds of threats: Trojans, adware and hijackers

24/7 Free Support Team

SpyHunter scanner detects threats and malware for free, but to remove infected elements you need to purchase a full version of program for 39.99$. More information about Spyhunter, EULA and Privacy policy.


Step 7. Disable Safe Mode and restart computer

  • Press Start
  • Type Msconfig and press Enter
  • Select Boot tab
  • Remove the check near Safe boot


Video with trojan virus





Share your feedback to help other people
1 1 1 1 1 1 1 1 1 1 Rating 0.00 [0 Votes]

Add comment

Security code



Acronis suggestion to CrashPlans users

Around a month ago, there was an accident with CrashPlans backup software.

What is MicTrayDebugger and is it dangerous

This is a brief entry about MicTrayDebugger: what is it, how it appeared in the system, is it dangerous and how to get rid of it.

What is HoeflerText and is it dangerous?


This article is dedicated to the fraud scheme that is called HoeflerText font wasn't found. We will explain you what is this scheme and how to avoid it.

What is Wpad.dat virus and how it is used

The topic of our today's article is a script that had been unjustly called a virus. It’s Wpad.dat, and it is not a virus. We will explain what is Wpad.dat and how to prevent fraudsters to deceive yourself with its help.


Cancer virus trollware

This is an article about crazy Cancer virus and the madness that it brings to victim's computer.

This website uses cookies to improve your experience