13 Years of Service
62%
' >> H-Worm Plus reNew by MeoIT (v0416) <<
' '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' Change Log 31/03/2016:
' + ADD detection the Architecture of OS and Windows Service Pack
' + ADD set the delay to connecting. We can set it with any time we want
' + ADD set the temp folder name for Send and Run (from Disk / URL). We can change it with any name we want
' + ADD set "Hide/Show for files/Folders which already exits in USB". Requested by [MENTION=9904]DELIJA[/MENTION] . [ Default set is SHOW. Because I want to Users can copy content from USB to other devices, not copy only shortcut 1KB size. If HIDE, Users will suspect
]
' * Fixed: not delete the install subFolder after uninstall
' * Fixed: wrong detection status of UAC
' * Fixed: wrong detection AccountType [ Administrators / Users Group ] when that Computer not use the English language (example: German, Turkey, Dutch...)
' > Enhanced detection .NET Framework (v2_v4.5_v4.5.1_v4.5.2_v4.6_v4.6.1)
' > Enhanced Antis function
' > CHANGE registry key of USB Spread date
' > Optimized code and minor tweaks
'
' Change Log 05/02/2015 to 17/09/2015:
' + ADD the functions that lets We view the status of AccountType [ Administrators/ Users Group ], UAC (On/Off), Enhanced detection .NET Framework v2, CPU name, RAM size, GPU name, ProductKey
' * Fixed CPU occupied more than 7% of capacity at version 14/09/2015 (I think that the fan runs faster.)
' * Optimized code for easy encrypting
' * Minor tweaks
'
' + ADD the function that lets We view the status of AccountType, UAC, Enhanced detection .NET Framework v2 on the Windows XP
' + Increase compatibility on the Windows 10 Final (released 20/07/2015)
' * Minor tweaks
'
' * Fix a small bug when opening "A referral was returned from the server". Maybe, manifest's cause
' * Small changes in function to rename Machine ID
'
' + ADD Option: Rename Machine ID. We can change it with any name we want
' * FIX some Bugs
'
' + ADD Options: Install USB File name, Install subFolder name, Startup name, Registry name (User/Machine). Change them with any name you want
' + ADD Option, Function: Disable/Enable anti Virtual Machine
' * Fix delay run Main Form
' * Fix: Continuous copying made USB and HDD_of_O.S fast damaged (We h@ck but We do not necessarily damaging hardware. It's waste!.)
' * Fix: Updated File in USB no change (if it plugged) after main Update File has loaded
' Now, we already have the files synchronized between before and after performing the update
' * Fix (1) - delete reg of USB Spread (true_false - date)
' * Fix (2) - There was an error "Not Responding..." when the client PC runs from 2 process upward (same type H-Worm Plus)
' So I changed Antis Function, split the Anti two group:
' > Group 1 (default Enable): Process Hacker, Process Explorer, FakeNet, PC Hunter, Rogue Killer, Spy BHO Remover, Shadow Defender, WireShark, Vbs Lookup, Vbs Killer, Vbs Anti, Sanboxie, Process Lasso, System Explorer
' > Group 2 (default Disable): Task Manager, apateDNS, Firewall App Blocker, CurrPorts, SmartSniff, HijackThis, NetStat Agent, TiGeR Firewall, TCPView, Active Ports
' Now, it will be more compatible.
'
' * Change Sleep
' * Fix Uninstall. Now, Worm will completely deleted everywhere! (1)
' + ADD Unicode edited Worm file for Update Function if you want change/edit vbs and save with Unicode file type
' + ADD Antis (2)
' (If you want to test this worm, please don't put in Sanboxie, because it not run ^^. Maybe, Virtual machine.)
' + ADD auto delete files and subFolder of User TEMP/IE which older 8 days for clean/fresh client PC
' + ADD SuperHide worm file function
' + Change other on Control/Option Windows for looklike, math
'
' Screen shot:
'
'
'
'
' On Windows 10 (x64):
'
'
'
' Tutorial SET/ADD options:
'
' Scan worm:
'
' Result: 4/35: Avast, Avira, Kaspersky, MS Security Essentials
'
' ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
[HIDE-THANKS]' >> Link download 31/03/2016:
' >> PassRAR: in comment of RAR
' >> HashRAR MD5: 325B5DFA080EC4468D16879DBDC97A33
' >> CREDIT and THANKS: njQ8, HoUdiNi and me
'[/HIDE-THANKS]
'Rep+, Enjoy and Cheerrrrrrrrrrrrrrrrrrrrrr!.
HWorm reNew v0416 update 02/04/2016: [CLEAN. Scanned By Dynomite ]
' * Fixed: Can not run after you use "ScriptCryptor" on Windows 64bit machines ( Suggest by [MENTION=16194]Dynomite[/MENTION] )
' > Size of Worm at this version is less Size of Worm at 31/03/2016 version
' > Minor tweaks
[HIDE-THANKS]
Link:
Mirror :
Password : level23hacktools.com
[/HIDE-THANKS]
File Clean and Functional Analyzed Top10
' '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' Change Log 31/03/2016:
' + ADD detection the Architecture of OS and Windows Service Pack
' + ADD set the delay to connecting. We can set it with any time we want
' + ADD set the temp folder name for Send and Run (from Disk / URL). We can change it with any name we want
' + ADD set "Hide/Show for files/Folders which already exits in USB". Requested by [MENTION=9904]DELIJA[/MENTION] . [ Default set is SHOW. Because I want to Users can copy content from USB to other devices, not copy only shortcut 1KB size. If HIDE, Users will suspect
]' * Fixed: not delete the install subFolder after uninstall
' * Fixed: wrong detection status of UAC
' * Fixed: wrong detection AccountType [ Administrators / Users Group ] when that Computer not use the English language (example: German, Turkey, Dutch...)
' > Enhanced detection .NET Framework (v2_v4.5_v4.5.1_v4.5.2_v4.6_v4.6.1)
' > Enhanced Antis function
' > CHANGE registry key of USB Spread date
' > Optimized code and minor tweaks
'
' Change Log 05/02/2015 to 17/09/2015:
' + ADD the functions that lets We view the status of AccountType [ Administrators/ Users Group ], UAC (On/Off), Enhanced detection .NET Framework v2, CPU name, RAM size, GPU name, ProductKey
' * Fixed CPU occupied more than 7% of capacity at version 14/09/2015 (I think that the fan runs faster.)
' * Optimized code for easy encrypting
' * Minor tweaks
'
' + ADD the function that lets We view the status of AccountType, UAC, Enhanced detection .NET Framework v2 on the Windows XP
' + Increase compatibility on the Windows 10 Final (released 20/07/2015)
' * Minor tweaks
'
' * Fix a small bug when opening "A referral was returned from the server". Maybe, manifest's cause
' * Small changes in function to rename Machine ID
'
' + ADD Option: Rename Machine ID. We can change it with any name we want
' * FIX some Bugs
'
' + ADD Options: Install USB File name, Install subFolder name, Startup name, Registry name (User/Machine). Change them with any name you want
' + ADD Option, Function: Disable/Enable anti Virtual Machine
' * Fix delay run Main Form
' * Fix: Continuous copying made USB and HDD_of_O.S fast damaged (We h@ck but We do not necessarily damaging hardware. It's waste!.)
' * Fix: Updated File in USB no change (if it plugged) after main Update File has loaded
' Now, we already have the files synchronized between before and after performing the update
' * Fix (1) - delete reg of USB Spread (true_false - date)
' * Fix (2) - There was an error "Not Responding..." when the client PC runs from 2 process upward (same type H-Worm Plus)
' So I changed Antis Function, split the Anti two group:
' > Group 1 (default Enable): Process Hacker, Process Explorer, FakeNet, PC Hunter, Rogue Killer, Spy BHO Remover, Shadow Defender, WireShark, Vbs Lookup, Vbs Killer, Vbs Anti, Sanboxie, Process Lasso, System Explorer
' > Group 2 (default Disable): Task Manager, apateDNS, Firewall App Blocker, CurrPorts, SmartSniff, HijackThis, NetStat Agent, TiGeR Firewall, TCPView, Active Ports
' Now, it will be more compatible.
'
' * Change Sleep
' * Fix Uninstall. Now, Worm will completely deleted everywhere! (1)
' + ADD Unicode edited Worm file for Update Function if you want change/edit vbs and save with Unicode file type
' + ADD Antis (2)
' (If you want to test this worm, please don't put in Sanboxie, because it not run ^^. Maybe, Virtual machine.)
' + ADD auto delete files and subFolder of User TEMP/IE which older 8 days for clean/fresh client PC
' + ADD SuperHide worm file function
' + Change other on Control/Option Windows for looklike, math
'
' Screen shot:
'
'
'
'
' On Windows 10 (x64):
'
'
'
' Tutorial SET/ADD options:
'
' Scan worm:
'
' Result: 4/35: Avast, Avira, Kaspersky, MS Security Essentials
'
' ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
[HIDE-THANKS]' >> Link download 31/03/2016:
This link is hidden for visitors. Please Log in or register now.
' >> PassRAR: in comment of RAR
' >> HashRAR MD5: 325B5DFA080EC4468D16879DBDC97A33
' >> CREDIT and THANKS: njQ8, HoUdiNi and me
'[/HIDE-THANKS]
'Rep+, Enjoy and Cheerrrrrrrrrrrrrrrrrrrrrr!.
HWorm reNew v0416 update 02/04/2016: [CLEAN. Scanned By Dynomite ]
' * Fixed: Can not run after you use "ScriptCryptor" on Windows 64bit machines ( Suggest by [MENTION=16194]Dynomite[/MENTION] )
' > Size of Worm at this version is less Size of Worm at 31/03/2016 version
' > Minor tweaks
[HIDE-THANKS]
Link:
This link is hidden for visitors. Please Log in or register now.
Mirror :
This link is hidden for visitors. Please Log in or register now.
Password : level23hacktools.com
[/HIDE-THANKS]
File Clean and Functional Analyzed Top10
Last edited by a moderator:
