Iloveyou Virus Presentation

Download as pptx, pdf, or txt
Download as pptx, pdf, or txt
You are on page 1of 15

ILOVEYOU VIRUS

MALPAL JEY CEY B.


DEFINITION
ILOVEYOU WAS CREATED BY ONEL DE GUZMAN, A COLLEGE
STUDENT IN MANILA, PHILIPPINES, WHO WAS 24 YEARS OLD AT THE
TIME. DE GUZMAN, WHO WAS POOR AND STRUGGLING TO PAY FOR
INTERNET ACCESS AT THE TIME, CREATED THE COMPUTER WORM
INTENDING TO STEAL OTHER USERS' PASSWORDS, WHICH HE COULD
USE TO LOG IN TO THEIR INTERNET ACCOUNTS WITHOUT NEEDING TO
PAY FOR THE SERVICE. HE JUSTIFIED HIS ACTIONS ON HIS BELIEF
THAT INTERNET ACCESS IS A HUMAN RIGHT, AND THAT HE WAS NOT
ACTUALLY STEALING.
DEFINITION
THE ILOVEYOU VIRUS IS DELIVERED AS AN EMAIL WITH THE SUBJECT "ILOVEYOU" AND AN
ATTACHMENT THAT, WHEN VIEWED, CAUSES THE MESSAGE TO BE RESENT TO EVERYONE IN THE
RECIPIENT'S MICROSOFT OUTLOOK CONTACT BOOK. THOUGH MORE IMPORTANTLY, IT CAUSES
ALL JPEG, MP3 AND OTHER FILES ON ALL RECEIVERS' HARD DRIVES TO BE DELETED. ILOVEYOU
VIRUS IS ACTUALLY A WORM WHICH REPLICATES ITSELF AND SPREAD FROM SYSTEM TO
SYSTEM WITHOUT HUMAN INTERACTION.
THE ILOVEYOU VIRUS SPREADS THROUGH EMAIL. ONCE A PERSON OPENS THE ATTACHMENT,
THE WORM IS AUTOMATICALLY DOWNLOADED INTO THE SYSTEM AND THEN SPREADS OVER THE
NETWORK. IT WAS A VBSCRIPT PROGRAM WITH THE TEXT FILE EXTENSION OF .VBS THAT CAN
DESTROY MANY TYPES OF FILES SUCH AS JPEG, MP3, JS, CSS, WSH AND HTA.
CODE

EXPLANATION:
WHEN ILOVEYOU IS RUN, IT FIRST COPIES MSKERNEL32.VBS AND LOVE-LETTER-FOR-YOU.TXT.VBS
TO THE WINDOWS SYSTEM DIRECTORY. IT ALSO SAVES ITSELF AS WIN32DLL.VBS IN THE WINDOWS
DIRECTORY.
CODE

EXPLANATION:

IT REGISTERS ITSELF IN THE REGISTRY TO BE RUN WHEN THE SYSTEM IS RESTARTED.


CODE

EXPLANATION:
THE WORM THEN REPLACES THE MICROSOFT INTERNET EXPLORER HOME PAGE WITH A LINK TO
WIN-BUGSFIX.EXE, AN EXECUTABLE APPLICATION. IF YOU DOWNLOAD THE FILE, THE WORM ADDS IT
TO THE REGISTRY, FORCING THE SOFTWARE TO RUN WHEN YOU RESTART YOUR COMPUTER.
THE ILOVEYOU VIRUS ALSO CHECKS FOR THE "WINFAT32“ TO MAKE IT ACTIVE EVERY TIME THE
WINDOW STARTS.
CODE

EXPLANATION:
THE VIRUS THEN SCANS ALL FOLDERS ON ALL LOCAL AND DISTANT DISKS FOR SPECIFIC FILE TYPES
AND OVERWRITES THEM WITH ITS OWN CODE. THE FILES THAT ARE REWRITTEN CONTAIN THE
EXTENSIONS.VBS OR.VBE. FOR ALL FILES WITH THE FOLLOWING
EXTENSIONS:.JS,.JSE,.CSS,.WSH,.SCT, AND.HTA, THE VIRUS WILL PRODUCE A NEW FILE WITH THE
SAME NAME BUT A.VBS EXTENSION AND ERASE THE ORIGINAL.
CODE

EXPLANATION:
ALL FILES WITH THE EXTENSIONS.JPG,.JPEG,.MP3, AND.MP2 GET A NEW FILE ADDED NEXT TO THEM,
AND THE ORIGINAL GETS DELETED. THE VIRUS, FOR EXAMPLE, WILL PRODUCE A NEW FILE CALLED
PIC.JPG.VBS AND ERASE THE ORIGINAL FOR A PHOTO NAMED PIC.JPG.
CODE

EXPLANATION:
THIS IS THE CODE FOR THE SENDING THE ILOVEYOU VIRUS
FROM ONE COMPUTER TO ANOTHER THROUGH AN EMAIL.
CODE

EXPLANATION:
THIS IS THE CODE FOR THE SENDING THE ILOVEYOU VIRUS
FROM ONE COMPUTER TO ANOTHER THROUGH AN EMAIL.
HOW THUS THIS VIRUS
PENETRATES COMPUTER?
THE VIRUS WAS SPREAD THROUGH AN E-MAIL ATTACHMENT DESIGNED TO
PROPAGATE THE VIRUS MESSAGE AUTOMATICALLY THROUGHOUT AN AGENCY'S GLOBAL
EMAIL ADDRESS DIRECTORY. UNSUSPECTING USERS WHO OPENED THE ATTACHMENT.

THE ILOVEYOU VIRUS COMES IN AN EMAIL WITH "ILOVEYOU" IN THE SUBJECT LINE AND
CONTAINS AN ATTACHMENT THAT, WHEN OPENED, RESULTS IN THE MESSAGE BEING RE-SENT
TO EVERYONE IN THE RECIPIENT'S MICROSOFT OUTLOOK ADDRESS BOOK. PERHAPS MORE
SERIOUSLY, IT RESULTS IN THE LOSS OF EVERY JPEG, MP3 AND
CERTAIN OTHER FILES ON ALL RECIPIENTS' HARD DISKS
WHAT WILL BE THE POSSIBLE
EFFECTS?
IS A COMPUTER WORM THAT INFECTED OVER TEN MILLION WINDOWS PERSONAL
COMPUTERS ON AND AFTER 5 MAY 2000 WHEN IT STARTED SPREADING AS AN EMAIL
MESSAGE WITH THE SUBJECT LINE "ILOVEYOU" AND THE ATTACHMENT "LOVE-LETTERFOR-
YOU.TXT.VBS" THE LATTER FILE EXTENSION ('VBS'), A TYPE OF INTERPRETED
FILE), WAS MOST OFTEN HIDDEN BY DEFAULT ON WINDOWS COMPUTERS OF THE TIME
(AS IT IS AN EXTENSION FOR A FILE TYPE THAT IS KNOWN BY WINDOWS), LEADING
UNWITTING USERS TO THINK IT WAS A NORMAL TEXT FILE. OPENING THE ATTACHMENT
ACTIVATES THE VISUAL BASIC SCRIPT.
WHAT WILL BE THE POSSIBLE
EFFECTS?

THE WORM INFLICTS DAMAGE ON THE LOCAL MACHINE, OVERWRITING RANDOM TYPES
OF FILES (INCLUDING OFFICE FILES, IMAGE FILES, AND AUDIO FILES;
HOWEVER, AFTER OVERWRITING MP3 FILES THE VIRUS HIDES THE FILE), AND SENDS
A COPY OF ITSELF TO ALL ADDRESSES IN THE WINDOWS ADDRESS BOOK USED BY
MICROSOFT OUTLOOK. THIS MADE IT SPREAD MUCH FASTER THAN ANY OTHER PREVIOUS
EMAIL WORM .
SIGNS OF A VIRUS INFECTION
IT IS VITAL TO KNOW THESE SIGNS AND SYMPTOMS TO STEER CLEAR OF THE DANGERS
1. COMP PERFORMANCE IS SLOWER THAN USUAL
2. IRRELEVANT POP-UPS THAT KEEP COMING BACK TO BACK
3. FEW PROGRAMS RUNNING ON THEIR OWN
4. FILE MULTIPLYING/DUPLICATING ON ITS OWN
5. FILES OR PROGRAMS THAT ARE NEW AND UNKNOWN
6. DENIED ACCESS TO FILES AND FOLDERS
7. THE SOUND OF A HARD DRIVE IN CONTINUANT ACTION
5. HOW WILL YOU PREVENT THE
DAMAGE?
IN ORDER TO STAY SAFE FROM VIRUS ATTACKS LIKE ILOVEYOU AND MELISSA, THERE IS A DIRE NEED TO INSTALL A ROBUST
VIRUS REMOVAL PROGRAM. ALL THE OTHER PRECAUTIONARY METHODS RANK SECOND. YOU CAN ALSO START EXAMINING ON
YOUR OWN BY FOLLOWING THE BELOW MENTIONED STEP-BY-STEP PROCEDURES.

• GET ON TO THE SAFE MODE INSTALL FIREWALL OF OUR COMPUTERS / LAPTOPS.

• TEMPORARY FILES KEEP THE OPERATING SYSTEM PATCHED.

• INSTALL A VIRUS REMOVAL SOFTWARE BACK UP DATA REGULARLY.

• RUN A VIRUS/MALWARE SCAN


• REINSTALL THE SOFTWARE OR DAMAGED FILES
• INSTALL AND UPDATE THE ANTI-VIRUS.

You might also like