I Love You Worm

I Love You worm is a particularly infamous worm that was first seen in 2000 and has been seen still widely in circulation years later. Unlike more modern worms, SpywareRemove.com malware analysts have discovered that I Love You worm will overwrite a wide range of different files with copies of itself instead of trying to remain hidden. I Love You worm is able to spread itself by stealing social contact lists and spoofing sender addresses to make it look like an I Love You worm attachment is a love letter from a known contact. Using robust anti-malware software to delete I Love You worm should be done as quickly as you can, since delay allows I Love You worm to overwrite more files on your PC and to email itself to more potential victims.

Why You Should Reject the I Love You Worm Love Letter

I Love You worm was one of the earliest and most notorious of widespread infections to use social engineering to grease the wheels of its proliferation scheme. After infecting a Windows computer (non-Windows computers aren't vulnerable to I Love You worm attacks), I Love You worm will gather contacts from your Microsoft Outlook address book and email itself as a file attachment to these prospective victims. By hiding its file type extension, using a misleading "LOVE-LETTER-FOR-YOU." file name and using "ILOVEYOU" as the email message's subject, I Love You worm tries to trick you into thinking that I Love You worm is just a friendly letter from an acquaintance.

The simplest way to keep I Love You worm off your PC is avoid downloading file attachments, unless you've verified that they're safe, even if they appear to be sent by a friend or another known contact. You should also be aware of the file extension that's used and avoid files that try to hide their extensions when they would normally be visible.

New variants of I Love You worm may also be able to create copies of themselves in removable devices and in network-shared folders that can also infect other PCs, although SpywareRemove.com malware researchers haven't noticed this common worm distribution tactic in the original I Love You worm.

I Love You Worm Characteristics

Being that the I Love You Worm spread through email in a Visual Basic Script (VBS) file, it could initiate when a user simply clicks on the attachment. The file attachment is normally named 'LOVE-LETTER-FOR-YOU.TXT.vbs'. The '.vbs' file extension may not be displayed on some systems depending on the configuration.

The I Love You worm is known to target older versions of Windows including Windows 95, Windows 98, Windows 2000 and Windows NT 4.0. Various files within random subdirectories in Windows containing the extensions JPG, VBS, JS, JSE, CSS, WSH, SCT, HTA, MP3, MP2 are prone to being overwritten. In other words, a file called 'American.mp3' would become 'American.mp3.vbs' and initiate the worm once it is clicked on again.

There are other variants of the I Love You worm such as VBS-Love Letter.C Worm and VBS/LoveLetter.B (aka Very Funny). These variations perform virtually the same malicious actions as the original I Love You worm.

The Incidental Damage of an I Love You worm Infestation

Despite its primitive structure by modern standards, SpywareRemove.com research team has found that I Love You worm uses standard Registry-based startup entry exploits, to launch itself without your consent. Although an I Love You worm still requires initial file execution before I Love You worm can launch itself, afterwards, I Love You worm is able to run without any further input.

I Love You worm will copy itself over a wide range of files, selecting suitable files according to their file type extensions. Most notably, .doc files, .jpg files and .mp3 files are all targeted by I Love You worm, as well as over half a dozen other, less commonly-used file types.

As if destroying all your music, pictures and text documents weren't doing enough damage, I Love You worm will also install a Trojan attacker (WIN-BUGSFIX.EXE, also known as Microsoftv25.exe) that specializes in password theft. Between I Love You worm's many duplicates and the presence of an affiliated Trojan, deleting I Love You worm manually is unlikely to work. SpywareRemove.com malware experts recommend the use of an appropriate anti-malware product to find and delete all copies of I Love You worm and related infections.