My Service provider sent me the following info on the >ILOVEYOU< virus
which might be of interest or use to you computer experts out there.
"LoveLetter sends the mail once to each recipient. After a mail has been
sent, it adds a marker to the registry and does not mass mail itself
anymore.
The virus then searches for certain filetypes on all folders an all local
and remote drives and overwrites them with its own code. The files that are
overwritten have one of these extensions:
vbs. vbe. js. jse. css. wsh. sct. hta.
The virus also tries to use companion techniques, adding a secondary file
next to the existing file - hoping that the user will click on the wrong
file. This is done so that the virus locates files with jpg, jpeg, mp3, mp2
and adds a new file next to it. For example, a picture named 'pic.jpg' will
cause a new file called 'pic.jpg.vbs to be created.'
LoveLetter was found globally on May 4th. At the beginning of the code, the
virus contains the following text:
rem barok - loveletter(vbe) <i hate go to school>
rem by: spyder@mail.com/
@GRAMMARSoft Group / Manila,Philippines.
You cant be too careful, I note that John Lye has unfortunately downloaded
the virus - hope things are under control John, BUT PLEASE DONT SEND ME AN
E-MAIL TO LET ME KNOW!!
Paul
|