Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
42 entries found. Displaying page 2 of 3.
Updated on Jan 15, 2022
Alert level: severe
Updated on Dec 11, 2012
Alert level: severe
Updated on Sep 15, 2023
Alert level: severe
Updated on Jul 19, 2012
Alert level: severe
Updated on Oct 31, 2012
Alert level: severe
Updated on Nov 06, 2012
Alert level: severe
Updated on Nov 01, 2020
Alert level: severe
Updated on Apr 13, 2013
Alert level: severe
Updated on Jul 15, 2016
Alert level: severe
Updated on Aug 30, 2012
Alert level: severe
Updated on Sep 28, 2012
Alert level: severe
Updated on Nov 20, 2012
Alert level: severe
Updated on Feb 11, 2013
Alert level: severe
Updated on Jan 13, 2013
Trojan:Win32/Tobfy.K is a malicious program that is unable to spread of its own accord. It may perform a number of actions of an attacker's choice on an affected computer.
Alert level: severe
Updated on Oct 27, 2013
Windows Defender Antivirus detects and removes this threat. 
 
This family of ransomware trojans targets people from certain countries. It locks your PC and displays a localized webpage that covers your desktop. This webpage demands the payment of a fine for the supposed possession of illicit material.

Some variants might also take webcam screenshots, play an audio message pretending to be from the FBI, closes or stops processes or programs, and prevents certain drivers from loading in safe mode - possibly to stop you from attempting to disable the trojan.

Variants of Trojan:Win32/Tobfy might make lasting changes to your PC that make it difficult for you to download, install, run, or update your antivirus software.

Alert level: severe
Updated on Aug 27, 2013

Trojan:Win32/Tobfy.H is ransomware that displays a full screen image, falsely claiming to be from the authorities. The image contains a message demanding payment in order for you to regain access to your desktop.

Alert level: severe
Updated on Oct 04, 2013

Trojan:Win32/Tobfy.A is a ransomware that prevents you from accessing your desktop by covering the desktop with a certain image.

Alert level: severe
Updated on Jan 10, 2018

Microsoft Defender Antivirus detects and removes this threat.

The threat is a HTML page used by the Ransom:Win32/Tobfy family of ransomware.

This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.

Our ransomware FAQ page has more information on this type of threat.

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.

Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.

Alert level: severe
Updated on Aug 27, 2013

Trojan:Win32/Tobfy.I a ransomware trojan that targets users from certain countries. It locks your computer and displays a localized webpage that covers your desktop. It demands the payment of a fine for the supposed possession of illicit material.

Alert level: severe
Updated on Apr 13, 2016

Windows Defender detects and removes this threat.

This family of threats are malicious JavaScript files that redirect your web browser to show you ads or download other malware.  

They can be installed by other malware, including members of the Win32/Fareit family, or installed on your PC from a spam email attachment.

Find out ways that malware can get on your PC.  

Alert level: severe