Backdoor:Win32/Wavipeg.B
Virus:Win32/Expiro.gen!AS
Some variants might also take webcam screenshots, play an audio message pretending to be from the FBI, closes or stops processes or programs, and prevents certain drivers from loading in safe mode - possibly to stop you from attempting to disable the trojan.
Variants of Trojan:Win32/Tobfy might make lasting changes to your PC that make it difficult for you to download, install, run, or update your antivirus software.
TrojanSpy:Win32/Banker.AMS
Trojan:Win32/Tobfy.H is ransomware that displays a full screen image, falsely claiming to be from the authorities. The image contains a message demanding payment in order for you to regain access to your desktop.
Virus:Win64/Expiro.AB
Trojan:Win32/Tobfy.A is a ransomware that prevents you from accessing your desktop by covering the desktop with a certain image.
Ransom:HTML/Genasom.D
Microsoft Defender Antivirus detects and removes this threat.
The threat is a HTML page used by the Ransom:Win32/Tobfy family of ransomware.
This threat stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.
Our ransomware FAQ page has more information on this type of threat.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Virus:Win32/Expiro.DG
Trojan:Win32/Tobfy.I a ransomware trojan that targets users from certain countries. It locks your computer and displays a localized webpage that covers your desktop. It demands the payment of a fine for the supposed possession of illicit material.
Win32/Miuref
Windows Defender detects and removes this threat.
This family of threats are malicious JavaScript files that redirect your web browser to show you ads or download other malware.
They can be installed by other malware, including members of the Win32/Fareit family, or installed on your PC from a spam email attachment.