LoveLetter is an Internet worm. It is programmed in VBScript (a cut-down version of Visual Basic) and requires the Windows Scripting Host installed in order to run (WSH is standard in Windows 98 and Windows 2000 installations).
The LoveLetter virus distributes itself to everyone in the Outlook address book and everyone in any IRC channels you visit using mIRC. Once run LoveLetter tries to increase infection by replacing files with set extentions (vbs, vbe, js, jse, css, wsh, sct, hta, jpg, jpeg, mp3, mp2) with a copy of the LoveLetter virus. LoveLetter searches all drives mapped to your computer including networked drives.
Finally, the LoveLetter virus will attempt to download a file called WIN-BUGSFIX.exe from the Internet. This is a pasword cracking program. It will try and find out as many passwords it can from your machine & network before sending them to the LoveLetter virus' author in the Phillipines via email.
If your computer has been infected by LoveLetter, you should immediately prevent the virus from 'machine hopping' by disconnecting your computer from your network and the Internet. The simplest way to do this is to pull out your network and/or modem cable from the back of your computer. Then you need to remove all infected files before you can reconnect to the network or Internet.
To protect yourself from LoveLetter you should not open any attachments in any email with the subject ILOVEYOU. Also you should not accept LOVE-LETTER-FOR-YOU.HTM from anyone on IRC. It is safe to open the email itself, LoveLetter is not as dangerous as BubbleBoy in this respect. To be 100% secure, never open any attachments sent via e-mail or IRC, especially if you do not know or trust the sender.