July 7th, 2002, 11:35 PM
I found a loveletter.vbs code on the net and I would like to take a look at it. It does not name any variants (just says iloveyou.txt) so I would like to see what variant of loveletter it is. Could I just right click the link and click on Save Target As... and save it onto my desktop and scan it with Norton and McAfee to see what variant it is? Would I get infected if I saved the link onto my computer without reading it? Thanks
July 7th, 2002, 11:47 PM
when norton scans it and detects the strings it looks for to detect the iloveyou virus, your file will probably get deleted unless you've told it to quarintine or prompt first, but it will tell you the variant. you can also make a folder and make it exempt from being scanned by your av. You will not get infected by editing the text (right click and select edit) but by running it.
also, if the extention is '.txt' and not '.txt.vbs' you can just open it. it only runs as a script when the extention tells your os this file is to be run as a VB script.
check your view file options and make sure you have view file extentions for known types selected, otherwise it might have vbs as an extention and you wont know it.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
July 7th, 2002, 11:48 PM
no i dont think you would get infected unless u open the file sorry tedob1 we must have posted at the same time
By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
The 20th century pharoes have the slaves demanding work
July 8th, 2002, 12:00 AM
Thanks. I have my Norton set so that it tells me the name and what to do with it (quarantine, delete, clean, or ignore). I read this text on the internet before using Microsoft Internet Explorer and the code got detected but I don't want to take the chance on my good computer so I will not open it on my good one. I will save it to a floppy and bring it to my old test system.
this is the URL if you wanna check it out http://www.62nds.co.nz/62nds/documents/iloveyou.txt I dunno why it gets detected but it does by my McAfee.
I think it has something to do with script blocking.
I found that it was VBS.LoveLetter.A(1). So vbs.loveletter must look like this: iloveyou.txt.vbs in order to get infected by it? Can you still get infected even if you don't have Visual Basic? Thanks