This is accomplished by the worm replacing the file SCRIPT.INI.Īfter a short delay the worm uses Microsoft Outlook to send copies of itself to all entries in the address book. The worm creates a file 'LOVE-LETTER-FOR-YOU.HTM' which contains the worm and this is then sent to the IRC channels if the mIRC client is installed. For instance, if file exists as "2PAC.MP3", this now becomes a hidden file and the virus is copied as "". This virus locates instances of the following file types:Īnd if found, makes them hidden and copies itself as these filenames except with. With copies of itself and renames the files to *.VBS. The worm also overwrites the following files: So PICT.JPG would be replaced with and this would contain the worm. With copies of itself and it adds the extension. This worm searches all drives connected to the host system and replaces the following files: In order to run the worm at system startup. HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ When the worm is first run it drops copies of itself and writes an. This is not normally present on Windows 95 or Windows NT unless Internet Explorer 5 is installed. If the user runs the attachment the worm runs using the Windows Scripting Host program. Heres a few things this mischievous little bug gets up too. I read up on the symptoms I had from it and I found out it was the now infamous love letter virus from about 2 years ago!! :eek: I came across one just the other day and I had to format my machine! I downloaded a pic, and it was obviously infected with a VBS worm script virus.
You gotta be careful when it comes to VBS scripts altogether. I program ASP pages and as I understand it this is correct however if anyone else knows differently please post as its best to know your mistakes before its too late So long as you are not running these files on your computer then as far as i know you have nothing to worry about.
I play it safe though and just never run any. this is not always the case as there are harmless and even useful. vbs files which are sent to your computer on the other hand are run from your computer and CAN cause damage.
vbs files which are downloaded onto your computer?Īctive Server pages are harmless to your computer as all their code is run server side and it does not have enough control to damage a computer unless the webmaster didnt restrict access on the server machine (which hardly ever happens as that would be a HUGE security risk to them but not to you) Do you mean you visit web pages that use Active Server Pages (ASP) which are programmed in VB Script or do you mean.
0 kommentar(er)
