Related Resources • Glossary of Terms • About.com article • Hoax Encyclopedia

With an estimated 200 new viruses discovered monthly, it is always interesting to see which one will gain attention. As with most things in life, a good name seems to help. Though not scoring many points in the infection circle, where both the Jennifer Lopez and Miss World viruses seem to have petered out, readers are responding to media and antivirus vendor reports on these newest entrants. Unlike the Anna Kournikova scare back in February, however, JennLo and Miss World may have to be content with a little talk and no real action. A good thing - since both viruses have malicious intent.

According to the folks at F-Secure, the Jennifer Lopez virus is a variant of the Loveletter virus (dubbed Loveletter.CN) that drops the CIH virus as part of its payload. (The CIH virus overwrites data on the hard drive and attempts to overwrite the Flash BIOS as well). The JennLo virus is received via email with the subject: "Where are you?". The body of the email reads, "This is my pic in the beach!" and the attachment is "JENNIFERLOPEZ_NAKED.JPG.vbs". As with other Loveletter variants, the virus overwrites files with the following extensions: VBS, VBE, JS, JSE, WSH, HTA, JPG, JPEG, MP2, MP3, SCT and CSS. The virus also changes CSS, HTA, JS, JSE, SCT, and WSH extensions to VBS and adds VBS as a second extension to JPG, JPEG, MP2 and MP3 files.

Also destructive, Miss World modifies the autoexec.bat file (a file accessed and run on system startup), adding the instruction to reformat the hard drive. The worm also tries to delete system registry files and their backups, though if the format were successful this particular routine would be unnecessary. However, the registry files are locked by Windows and thus cannot be deleted. Miss World is received via email, with the subject line: "Miss World" and the body of the message reads, "Enjoy the latest pictures of Miss World from various Country". F-Secure notes that the Miss World virus does contain Flash modules that display pictures - though none of these are of the actual Miss World.