How to remove Trojan.FatObfus.Gen

CLEAN INSTRUCTION

1. Trojan.FatObfus is usually a downloader for the Swizzor trojan and Qhost trojan.

2.Go to Start, Run type regedit and press OK.

3. Navigate to the following keys:

- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser helper Objects

If you have an infection you should see there some keys that are pointing to files with random names
from the C:\Documents and Settings\Administrator\Local Settings\Temp (your temp directory).

Example of random names: d8a03198.exe or gmqnnljb.exe.

If you encounter those keys, then you should delete them and also you should delete the infected files too.

NB: Before you edit the registry, please export the keys that you plan to edit, or create a backup of the system.


SYMPTOMS
1. You will see new programs in Task Manager.
 

2. The Internet Explorer start page will be modified.

3. An increased number of popups may appear.

4. You will not have access to several websites (usually antivirus websites).


DESCRIPTION
1. Trojan.FatObfus is an obfuscated file designed to hide the real intention of the malware.