Virus:Win32/Mabezat.B!ofd
Virus:Win32/Mabezat.B!ofd is a virus, which proliferates via malevolent encrypted files. While being installed on the infected computer system, Virus:Win32/Mabezat.B!ofd makes system modifications by restricting attacked PC users from opening some of system files. Virus:Win32/Mabezat.B!ofd corrupts Windows executable files. Virus:Win32/Mabezat.B!ofd also aims at circulating via infected spam email attachments, removable drives, network shares and by CD-burning. Virus:Win32/Mabezat.B!ofd carries a date-based payload that encrypts files with certain extensions. Virus:Win32/Mabezat.B!ofd checks for an Internet connection by aiming at connecting to certain websites. Virus:Win32/Mabezat.B!ofd may strive to use archiving program 'Winrar' to archive itself when creating attachments. Virus:Win32/Mabezat.B!ofd may search for 'Winrar' by inquiring the registry entry. For using 'Winrar' Virus:Win32/Mabezat.B!ofd initially creates a folder, which includes a copy of Virus:Win32/Mabezat.B!ofd. Virus:Win32/Mabezat.B!ofd also downloads potentially harmful files.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %USERPROFILE%\Local Settings\Application Data\Microsoft\CD Burning\zPharaoh.exe | |
| 2. | %USERPROFILE%\Local Settings\Application Data\Microsoft\CD Burning\autorun.inf | |
| 3. | %SystemDrive%\Documents and Settings\hook.dl_ | |
| 4. | %SystemDrive%\Documents and Settings\tazebama.dl_ | |
| 5. | %USERPROFILE%\Application Data\tazebama\zPharaoh.dat |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.