Trojan.Obvod is a Trojan that may drop potentially infectious files and execute malicious actions such as click-fraud on the infected computer by stealthily contacting several ad or DNS servers simulating to have been referred from legal websites. Trojan.Obvod may spread through drive-by downloads from Web exploit packs. Once executed, Trojan.Obvod copies itself to the certain location. Trojan.Obvod creates the certain .job file, which allows it to run automatically every time you start Windows. Any current scheduled tasks with the same .job file name will be overwritten. Trojan.Obvod may delete certain files. Trojan.Obvod can also download, execute and decrypt files. Trojan.Obvod reduces security settings by modifying registry entries under the following registry subkeys.
How Can You Detect Trojan.Obvod?
Trojan.Obvod Removal Details
Trojan.Obvod has typically the following processes in memory:
- %UserProfile%\Application Data\[RANDOM CHARACTERS].exe
Trojan.Obvod creates the following files in the system:
Trojan.Obvod creates the following registry entries:
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones