Trojan:Win32/Tobfy.A

Trojan:Win32/Tobfy.A is a Trojan that is a component of a Police Central e-crime Unit (PCEU) Ransomware. Trojan:Win32/Tobfy.A is used by cybercriminals to spread this specific ransomware to targeted PCs. Trojan:Win32/Tobfy.A locks the desktop of the vulnerable computer and illustrates a certain image/pop-up notification. The image provides PC users with phony instructions and deceptive information about a fine that a victim is aksed to pay via Paysafecard, Ukash, Ultimate Game Card or Green Dot MoneyPak to regain access to the PC. The pop-up message speaks in the name of the legitimate institution in order to convince computer users to pay the fine for supposed violation of laws.

While being installed, Trojan:Win32/Tobfy.A makes system changes on the corrupted PC by adding a disguised random file name. Trojan:Win32/Tobfy.A creates the specific registry entry so that it can load automatically whenever you boot up Windows. Trojan:Win32/Tobfy.A kills several legitimate processes that involve msconfig.exe, cmd.exe, taskmgr.exe and regedit.exe if they are presently existing on the infected computer. Trojan:Win32/Tobfy.A also closes windows, which are entitled 'Program Manager'. Trojan:Win32/Tobfy.A disables services, devices, and drivers when the PC is started in Safe Mode and Safe Mode with Networking by renaming the certain registry keys.