Published Mar 25, 2013 | Updated Sep 15, 2017

TrojanDropper:Win32/Frovserp.A

Severe |Detected with Windows Defender Antivirus

Aliases: Trojan-Ransom.Win32.Blocker.axwg (Kaspersky) TR/Ransom.Blocker.axwg (Avira) Trojan-Ransom.Win32.Blocker (Ikarus) Ransom-FASE!2ABB7296B05E (McAfee) TROJ_RANSOM.EJN (Trend Micro)

Summary

Windows Defender detects and removes this threat.

Trojan:Win32/Tobfy.S is a ransomware trojan that prevents you from accessing your desktop by covering it with a certain image.

The image contains fake instructions and misleading information about a ransom that you need to pay to regain control of your PC. The image illegally invokes legal authorities to try to convince you to pay the ransom.

There is no one-size-fits-all response if you have been victimized by ransomware. There is no guarantee that paying the ransom will give you access to your files.

If you've already paid, see our ransomware page for help on what to do now.

Run antivirus or antimalware software

The following free Microsoft software detects and removes this threat:

However, because this threat can lock your screen, you might not be able to download or run antivirus or antimalware software. If that happens, you will need to use the free tool Windows Defender Offline:

The following articles may help if you're having trouble getting the tool to work:

After you've used Windows Defender Offline, you should update your security software and run a full scan:

Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC.

You can also visit the Microsoft virus and malware community for more help.

Follow us