I found another variant of Pbstealer which is spreading in a SIS file named 'PBCompressor.SIS'. This time it can also steal the To-Do and Calendar data along with Contacts and Notes.

Another change in this variant is that it doesn't copy its files in the C:\System\Apps folder. This time the location of the files is C:\System\Mail\00110001_S\pbcompressor.app and C:\System\Mail\00110001_S\pbcompressor.rsc .

The removal method of this variant is same as the original one.