is used by Windows to run its code. ILOVEYOU was distributed through malicious email attachments. The worm was found in emails with the subject "ILOVEYOU" and a message of "kindly check the attached LOVELETTER coming from me." The attachment LOVE-LETTER-FOR-YOU.TXT.vbs contained the worm.

Upon opening the file, the worm creates copies of itself that are run upon reboot of the computer. Two of the three copies masquerade as legitimate Microsoft Windows library files,