Definition

ILOVEYOU virus

The ILOVEYOU virus comes in an e-mail note with "I LOVE YOU" in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book and, perhaps more seriously, the loss of every JPEG, MP3, and certain other files on the recipient's hard disk. Because Microsoft Outlook is widely installed as the e-mail handler in corporate networks, the ILOVEYOU virus can spread rapidly from user to user within a corporation. On May 4, 2000, the virus spread so quickly that e-mail had to be shut down in a number of major enterprises such as the Ford Motor Company. The virus reached an estimated 45 million users in a single day.

The attachment in the ILOVEYOU virus is a VBScript program that, when opened (for example, by double-clicking on it with your mouse), finds the recipient's Outlook address book and re-sends the note to everyone in it. It then overwrites (and thus destroys) all files of the following file types: JPEG, MP3, VPOS, JS, JSE, CSS, WSH, SCT and HTA. Users who don't have a backup copy will have lost these files. (In March 1999, a virus named Melissa virus also replicated itself by using Outlook address books, but was less harmful in destroying user files.) The ILOVEYOU virus also resets the recipient's Internet Explorer start page in a way that may cause further trouble, resets certain Windows registry settings, and also acts to spread itself through Internet Relay Chat (Internet Relay Chat).

One of the first steps companies used to ward off the ILOVEYOU virus was to screen out notes with ILOVEYOU in the subject line. However, hackers quickly introduced copycat variations with subject lines variously identifying "JOKE" and "Mother's Day!" as the content, but containing the same or similar VBScript code. At least 12 variations have been identified. The most sinister mutation is undoubtedly the one with the subject line containing "VIRUS ALERT!!!" Posing as a virus fix from Symantec, the note starts out with "Dear Symantec Customer." The attachment (which should not be opened) is "protect.vbs."

Companies and users are advised to get or update anti-virus software that can help screen for the virus and remove it for users whose systems have been infected. Users are always advised never to open an e-mail attachment without screening it with anti-virus software or knowing exactly who sent it and what it is.

This was last updated in February 2006

Continue Reading About ILOVEYOU virus

Dig Deeper on Malware, Viruses, Trojans and Spyware

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

it helps me a lot :)
thank you
Cancel
Two things here.... One, if anyone has the least inclination to open an unknown email containing an unknown attachment from a heretofore unknown lover, then perhaps they're not really love-worth. Two, if you haven't installed a solid ever-diligent anti-virus program, you don't deserve much love anyway....
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close