Attached Link: http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=VBS_LOVELETTER-O

Theres a massive virus-attack in europe and asia, think it's only thing of thime for receiving usa. Short explanation what this virus does: 1. Came as a mail attachment named LOVE-LETTER-FOR-YOU.TXT.VBS , in this stage the only chance for your system to alive, !!!!!!! DELETE THIS MAIL !!!!!!!!!!!!! 2. After opening sends all your saved mailadresses the same mail 3. Goes to a homepage and loads a vb-script which corrupted many off your files to new virus-files 4. If you stay at the point of 4, it's to late. The only way is to reformat your disks. Virus-description: Subject: ILOVEYOU Text: Kindlz check attached loveletter from me Attachment: LOVE-LETTER-FOR-YOU.TXT.VBS Text from antivirus.com: risk rating: HIGH RISK Aliases: LOVELETTER Description: Note: This virus is currently in the wild and is spreading rapidly. This VBScript virus like Melissa uses Microsoft Outlook to send email with an attachment file ?LOVE-LETTER-FOR-YOU.TXT.vbs? to all email addresses listed in the address list. This email will have the subject: ?ILOVEYOU?, body: ?kindly check the attached LOVELETTER coming from me.? And a file attachment with the virus. LOVELETTER also propagates using mIRC by modifying the ?script.ini.? After connecting to a chat server using mIRC, the virus initiates a DCC send to all the users in the current channel and sends a copy of itself ?LOVE-LETTER-FOR-YOU.HTM?. This virus has a destructive payload, it overwrites files with specific extensions with its virus codes. This action eliminates the host file and what remains is the file containing the virus source code. Solution: (ONLY FOR EXPERIENCED USERS, mark from me) 1.Click START|RUN Type REGEDIT and hit ENTER key 2.In the left panel, click the "+" to the left of the following: HKEY_LOCAL_MACHINE Software Microsoft Windows CurrentVersion Run 3.In the right panel, search for the registry key that contains the data value of ?:WindowsSystem MSKernel32.vbs" and ?WIN-BUGSFIX.exe?. These are the registry keys that grant the capability to load the worm whenever Windows starts up. 4.In the right window, highlight the registry key that loads the file and press the DELETE key. Answer YES to delete the entry. 5.Search for the registry key that contains the data value of ?:WindowsSystem Win32DLL.vbs". This is the registry key that enables the worm to run each time Windows is started. 6.In the right window, highlight the registry key that loads the file and press the DELETE key. Answer YES to delete the entry. 7.Exit the registry. 8.Click START|SHUTDOWN. Choose "Restart in MS-DOS mode" and click OK. 9.After the computer has restarted, the default directory should C:. 10.Subsequently, type ?DEL WIN-BUGSFIX.exe?. 11.Press CTRL+ALT+DEL and allow Windows to restart. 12.You may also delete the file detected as VBS_LOVELETTER by Trend antivirus is to ensure re-infection does not occur. Technical details: http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=VBS_LOVELETTER&VSect=T Sorry for posting this in this forum, but think it's really important. CHECK OUT THE LINK TO READ MORE. SHARKEY

Basically, DON`T RUN THE ATTACHMENT file kiddies !

Yep, polar - and don't read mail on Outlook if you can avoid it. MS Outlook is designed to be able to run Macros, much like Word and Excel. And therefore vulnerable to Macro Viruses, just like they are. In fact, the ONLY way reading an e-mail can damage your system is via Outlook. Good rule of thumb: If you don't know the sender, don't open the attachment. EVER.

Hey Sharkey, thanks, but we been talking about it ALL morning long here... I posted a warning soon as I got into work this morning ;P

Macintosh and Linux users are supposedly not affected.

Hello Bast, i've read the discussion you have started, but i'm not shure if all had checked the dangerous of this virus. The mail-exchange-servers of several companys in switzerland goes this morning down, and some of theme where at this moment down (now for 8 hours). Named companys which servers goes down: SWISSCOM the greatest provider and telecom-company SIEMENS Some Banks and other companys. This virus is more dangerous then the melissa-virus, against this melissa was a farce. SHARKEY

Just a note about not knowing the sender: the virus propagates by sending to all contacts in the address book, so there is a good chance you will know the sender.

I just read an article on AOL about this thing - it took out the major ISP in Denmark. It also took out one of our business partners about an hour ago - just as our boss was on the phone with them. It's a NASTY little virus! I think the guys who write these things should be locked in a small room with nothing but one knife and one fork and left in there for a year... And the moron who came up with using nylon for shoelaces should join them.

Been listening to a program on NPR about it--and NPR's mail is also down (for those outside US--National Public Radio). I just dled Eudora and will install again. I used it for years and went to OE when I reformatted and installed Win98 last month. Its back to Eudora for me (unless someone tells me that won't make any difference--of course I have sense enough not to open an attachment) --and would I have been FURIOUS if it had wiped out all my .jpg files as I understand it will along with .mpgs. Diane B

The file is in VisualBasicScript. ANY HTML enabled mail-reader COULD trigger it. Best just to heed the warnings here (and elsewhere - the warnings will probably do almost as much damage as the virus in taking up bandwidth!) and just not open the thing and if you do, for the sake of whatever god(s) you recognise, don't download, open, or run the blasted attachment!

Yes, I understand--and Eudora (just installed it) is HTML capable now. Hmmmm. Well, I agree about the warnings taking as much bandwidth as the virus. However, so far I can't find anything that keeps the mail from automatically opening as you click on it to delete it. Keep looking. Diane B

All of you about to jump the Microsoft ship and find yourselves a new emailer, give a try to Pegasus emailer. It is free, has been free for 12 years, is the most stable, freindly, feature and safety laden of email clients out there really. And did I mention, it is free ;p Been using it and each new version the coder Dave does now for oh... gosh, 8 or 9 years? Oh dear, I just gave away my age. It can be had at your trusty www.tucows.com, just search for Pegasus.

Thanks Bast. Eudora is also free now--only 1 version but you choose if you'll use it lite, with ads (they are pretty inconspicuous--I was planning to pay for version w/o ads), or pay for no ads. Diane B

If you get this virus, e-mail yourself some empty e-mails. Then highlight a range of e-mails, including your empties and the infected e-mail, and delete the set

Oh hell I would delete that as soon as it arrived being I don't know ANYONE that loves ME. ;) PAN~ federation-21.com

I hear the virus is still out there,but has been re-named to "VERYFUNNY.VBS".