Iloveyou Virus Presentation
Iloveyou Virus Presentation
Iloveyou Virus Presentation
EXPLANATION:
WHEN ILOVEYOU IS RUN, IT FIRST COPIES MSKERNEL32.VBS AND LOVE-LETTER-FOR-YOU.TXT.VBS
TO THE WINDOWS SYSTEM DIRECTORY. IT ALSO SAVES ITSELF AS WIN32DLL.VBS IN THE WINDOWS
DIRECTORY.
CODE
EXPLANATION:
EXPLANATION:
THE WORM THEN REPLACES THE MICROSOFT INTERNET EXPLORER HOME PAGE WITH A LINK TO
WIN-BUGSFIX.EXE, AN EXECUTABLE APPLICATION. IF YOU DOWNLOAD THE FILE, THE WORM ADDS IT
TO THE REGISTRY, FORCING THE SOFTWARE TO RUN WHEN YOU RESTART YOUR COMPUTER.
THE ILOVEYOU VIRUS ALSO CHECKS FOR THE "WINFAT32“ TO MAKE IT ACTIVE EVERY TIME THE
WINDOW STARTS.
CODE
EXPLANATION:
THE VIRUS THEN SCANS ALL FOLDERS ON ALL LOCAL AND DISTANT DISKS FOR SPECIFIC FILE TYPES
AND OVERWRITES THEM WITH ITS OWN CODE. THE FILES THAT ARE REWRITTEN CONTAIN THE
EXTENSIONS.VBS OR.VBE. FOR ALL FILES WITH THE FOLLOWING
EXTENSIONS:.JS,.JSE,.CSS,.WSH,.SCT, AND.HTA, THE VIRUS WILL PRODUCE A NEW FILE WITH THE
SAME NAME BUT A.VBS EXTENSION AND ERASE THE ORIGINAL.
CODE
EXPLANATION:
ALL FILES WITH THE EXTENSIONS.JPG,.JPEG,.MP3, AND.MP2 GET A NEW FILE ADDED NEXT TO THEM,
AND THE ORIGINAL GETS DELETED. THE VIRUS, FOR EXAMPLE, WILL PRODUCE A NEW FILE CALLED
PIC.JPG.VBS AND ERASE THE ORIGINAL FOR A PHOTO NAMED PIC.JPG.
CODE
EXPLANATION:
THIS IS THE CODE FOR THE SENDING THE ILOVEYOU VIRUS
FROM ONE COMPUTER TO ANOTHER THROUGH AN EMAIL.
CODE
EXPLANATION:
THIS IS THE CODE FOR THE SENDING THE ILOVEYOU VIRUS
FROM ONE COMPUTER TO ANOTHER THROUGH AN EMAIL.
HOW THUS THIS VIRUS
PENETRATES COMPUTER?
THE VIRUS WAS SPREAD THROUGH AN E-MAIL ATTACHMENT DESIGNED TO
PROPAGATE THE VIRUS MESSAGE AUTOMATICALLY THROUGHOUT AN AGENCY'S GLOBAL
EMAIL ADDRESS DIRECTORY. UNSUSPECTING USERS WHO OPENED THE ATTACHMENT.
THE ILOVEYOU VIRUS COMES IN AN EMAIL WITH "ILOVEYOU" IN THE SUBJECT LINE AND
CONTAINS AN ATTACHMENT THAT, WHEN OPENED, RESULTS IN THE MESSAGE BEING RE-SENT
TO EVERYONE IN THE RECIPIENT'S MICROSOFT OUTLOOK ADDRESS BOOK. PERHAPS MORE
SERIOUSLY, IT RESULTS IN THE LOSS OF EVERY JPEG, MP3 AND
CERTAIN OTHER FILES ON ALL RECIPIENTS' HARD DISKS
WHAT WILL BE THE POSSIBLE
EFFECTS?
IS A COMPUTER WORM THAT INFECTED OVER TEN MILLION WINDOWS PERSONAL
COMPUTERS ON AND AFTER 5 MAY 2000 WHEN IT STARTED SPREADING AS AN EMAIL
MESSAGE WITH THE SUBJECT LINE "ILOVEYOU" AND THE ATTACHMENT "LOVE-LETTERFOR-
YOU.TXT.VBS" THE LATTER FILE EXTENSION ('VBS'), A TYPE OF INTERPRETED
FILE), WAS MOST OFTEN HIDDEN BY DEFAULT ON WINDOWS COMPUTERS OF THE TIME
(AS IT IS AN EXTENSION FOR A FILE TYPE THAT IS KNOWN BY WINDOWS), LEADING
UNWITTING USERS TO THINK IT WAS A NORMAL TEXT FILE. OPENING THE ATTACHMENT
ACTIVATES THE VISUAL BASIC SCRIPT.
WHAT WILL BE THE POSSIBLE
EFFECTS?
THE WORM INFLICTS DAMAGE ON THE LOCAL MACHINE, OVERWRITING RANDOM TYPES
OF FILES (INCLUDING OFFICE FILES, IMAGE FILES, AND AUDIO FILES;
HOWEVER, AFTER OVERWRITING MP3 FILES THE VIRUS HIDES THE FILE), AND SENDS
A COPY OF ITSELF TO ALL ADDRESSES IN THE WINDOWS ADDRESS BOOK USED BY
MICROSOFT OUTLOOK. THIS MADE IT SPREAD MUCH FASTER THAN ANY OTHER PREVIOUS
EMAIL WORM .
SIGNS OF A VIRUS INFECTION
IT IS VITAL TO KNOW THESE SIGNS AND SYMPTOMS TO STEER CLEAR OF THE DANGERS
1. COMP PERFORMANCE IS SLOWER THAN USUAL
2. IRRELEVANT POP-UPS THAT KEEP COMING BACK TO BACK
3. FEW PROGRAMS RUNNING ON THEIR OWN
4. FILE MULTIPLYING/DUPLICATING ON ITS OWN
5. FILES OR PROGRAMS THAT ARE NEW AND UNKNOWN
6. DENIED ACCESS TO FILES AND FOLDERS
7. THE SOUND OF A HARD DRIVE IN CONTINUANT ACTION
5. HOW WILL YOU PREVENT THE
DAMAGE?
IN ORDER TO STAY SAFE FROM VIRUS ATTACKS LIKE ILOVEYOU AND MELISSA, THERE IS A DIRE NEED TO INSTALL A ROBUST
VIRUS REMOVAL PROGRAM. ALL THE OTHER PRECAUTIONARY METHODS RANK SECOND. YOU CAN ALSO START EXAMINING ON
YOUR OWN BY FOLLOWING THE BELOW MENTIONED STEP-BY-STEP PROCEDURES.