Welcome to the Virus Encyclopedia of Panda Security.
It infects Word's global template and modifies Visual Basic Script files. It gets the infected computer’s IP address and sends it via e-mail to a certain address.
ColdApe.B is a macro virus that reaches computers in an infected Word 97 document, with a DOC extension. This document then infects the Word template (NORMAL.DOT file) and spreads its infection to every Word document generated with it.
ColdApe.B obtains the IP address of the infected computer and sends it out to the follwoing e-mail address: email@example.com. It also modifies Visual Basic Script files (with a VBS extension).>
In addition, ColdApe.B sends e-mail messages from the affected computer to the address firstname.lastname@example.org, with the following message:Dear Nicky... my name is ... and I want to make hot monkey love with you. You anti-virus stud!.
ColdApe.B does not spread automatically using its own means. It needs the attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, e-mail messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.
ColdApe.B is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.
However, if the following two messages are present in the Sent Items directory of your e-mail program, it can be a clera indication that ColdApe.B has reached your computer:
ARE YOU FACING ANY PC OR INTERNET RELATED PROBLEMS? FREE SUPPORT INCLUDED. CALL US 24/7
powered by Anytech365