Virus:X97M/Mailcab.B

Virus:X97M/Mailcab.B is a virus that corrupts Microsoft Office Excel files by replicating itself as a macro module with the name 'ToDOLE' in all open Excel documents. Virus:X97M/Mailcab.B proliferates to other PCs via malicious emails. When installed on the targeted computer, Virus:X97M/Mailcab.B makes system changes by adding malevolent files. Virus:X97M/Mailcab.B creates copies of itself as an .XLS file and a .VBS file in a certain location used to run its copy so that it can load automatically whenever a PC user opens Excel. The .VBS file can imitate keystrokes in an Outlook program involved in the mailing routine. Virus:X97M/Mailcab.B modifies the Windows Registry that decrease macro security levels, permitting the damaging macro code to be run. Virus:X97M/Mailcab.B sends a copy of itself to all email addresses in an affected PC owner's Microsoft Outlook address book. Email addresses are collected between the times 10:00, 11:00, 14:00 and 15:00, with the help of a .VBS file that looks for email address in an attacked Outlook inbox, and saves the addresses in a file called 'D:\Collected_Address\log.txt'. Virus:X97M/Mailcab.B creates an input box in a covert sheet in .XLS files it corrupts. The input box includes the message 'Warning! You are going to open a confidential file'. In addition, Virus:X97M/Mailcab.B guides the computer user to open the .VBS file able to gather email addresses, which opens the covert worksheet, which in turn runs one of its copies.

SpyHunter Detects & Remove Virus:X97M/Mailcab.B