13 Years of Service
62%
' >> H-Worm Plus | ReNEW version by MeoIT | Fixed 12_2_15 <<
' ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' Update 12/2/2015: Bug fix and add new Function. Pls see details.
'
' Change Log 12/2/2015:
'
' + ADD Options: Install USB File name, Install subFolder name, Startup name, Registry name (User/Machine). Change them with any name you want
' + ADD Option, Function: Disable/Enable anti Virtual Machine
' * Fix delay run Main Form
' * Fix: Continuous copying made USB and HDD_of_O.S fast damaged (We h@ck but We do not necessarily damaging hardware. It's waste!.)
' * Fix: Updated File in USB no change (if it plugged) after main Update File has loaded
' Now, we already have the files synchronized between before and after performing the update
' * Fix (1) - delete reg of USB Spread (true_false - date)
' * Fix (2) - There was an error "Not Responding..." when the client PC runs from 2 process upward (same type H-Worm Plus)
' So I changed Antis Function, split the Anti two group:
' > Group 1 (default Enable): Process Hacker, Process Explorer, FakeNet, PC Hunter, Rogue Killer, Spy BHO Remover, Shadow Defender, WireShark, Vbs Lookup, Vbs Killer, Vbs Anti, Sanboxie, Process Lasso, System Explorer
' > Group 2 (default Disable): Task Manager, apateDNS, Firewall App Blocker, CurrPorts, SmartSniff, HijackThis, NetStat Agent, TiGeR Firewall, TCPView, Active Ports
' Now, it will be more compatible.
'
' Change Log 5/2/2015:
'
' * Change Sleep
' * Fix Uninstall (1). Now, Worm will completely deleted everywhere!
' + Add Unicode edited Worm file for Update Function if you want change/edit vbs and save with Unicode file type
' + Add Antis (2): Sanboxie, Shadow Defender, Process Hacker, Process Explorer, System Explorer, Task Manager, FakeNet, CurrPorts, Active Ports, apateDNS, Firewall App Blocker, PCHunter
' Spy BHO Remover, NetStat Agent, SmartSniff, Rogue Killer, Wireshark, HijackThis, VBS Lookup, Vbs Killer, TiGeR-Firewall, TCPView, TCPEye, Process Lasso...
' (If you want to test this worm, please don't put in Sanboxie, because it not run ^^. Maybe, Virtual machine.)
' + Add auto delete files and subFolder of User TEMP/IE which older 8 days for clean/fresh client PC
' + Add SuperHide worm file function
' + Change other on Control/Option Windows for looklike, math
'' Screen shot:
'
'
'
'
'
'
'
'
'
'
'
' On Windows 10 (x64)
'
'
'
'
'
' Scan worm:
Filename: MyWorm.vbs
Type: File
Filesize: 30809 bytes
Date: 12/02/2015 - 20:26 GMT+2
MD5: 5130c5241d1307bb69db10e64831d95a
SHA1: 9328807c6366cc805e44852c073eaa637e53f1ab
Status: Infected
Result: 6/35
AVG Free - Virus found ASP/BackDoor
Avast - VBS
ownloader-MI [Trj]
AntiVir (Avira) - VBS/Jenxcus.Gen
BitDefender - OK
Clam Antivirus - OK
COMODO Internet Security - OK
Dr.Web - OK
eTrust-Vet - OK
F-PROT Antivirus - OK
F-Secure Internet Security - OK
G Data - OK
IKARUS Security - OK
Kaspersky Antivirus - Trojan.Script.Suspic.gen
McAfee - OK
MS Security Essentials - Worm:VBS/Jenxcus.CB
ESET NOD32 - OK
Norman - OK
Norton Antivirus - OK
Panda Security - OK
A-Squared - OK
Quick Heal Antivirus - OK
Solo Antivirus - OK
Sophos - OK
Trend Micro Internet Security - OK
VBA32 Antivirus - OK
Zoner AntiVirus - OK
Ad-Aware - OK
BullGuard - OK
FortiClient - OK
K7 Ultimate - OK
NANO Antivirus - Trojan.Script.Hworm.cbxvbd, Trojan.Script.Agent.chhpqc, Trojan.Script.Agent.dmmbyt, Trojan.Script.Agent.dlfcwa
Panda CommandLine - OK
SUPERAntiSpyware - OK
Twister Antivirus - OK
VIPRE - OK
Scan Result:
' ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' Update 12/2/2015: Bug fix and add new Function. Pls see details.
'
' Change Log 12/2/2015:
'
' + ADD Options: Install USB File name, Install subFolder name, Startup name, Registry name (User/Machine). Change them with any name you want
' + ADD Option, Function: Disable/Enable anti Virtual Machine
' * Fix delay run Main Form
' * Fix: Continuous copying made USB and HDD_of_O.S fast damaged (We h@ck but We do not necessarily damaging hardware. It's waste!.)
' * Fix: Updated File in USB no change (if it plugged) after main Update File has loaded
' Now, we already have the files synchronized between before and after performing the update
' * Fix (1) - delete reg of USB Spread (true_false - date)
' * Fix (2) - There was an error "Not Responding..." when the client PC runs from 2 process upward (same type H-Worm Plus)
' So I changed Antis Function, split the Anti two group:
' > Group 1 (default Enable): Process Hacker, Process Explorer, FakeNet, PC Hunter, Rogue Killer, Spy BHO Remover, Shadow Defender, WireShark, Vbs Lookup, Vbs Killer, Vbs Anti, Sanboxie, Process Lasso, System Explorer
' > Group 2 (default Disable): Task Manager, apateDNS, Firewall App Blocker, CurrPorts, SmartSniff, HijackThis, NetStat Agent, TiGeR Firewall, TCPView, Active Ports
' Now, it will be more compatible.
'
' Change Log 5/2/2015:
'
' * Change Sleep
' * Fix Uninstall (1). Now, Worm will completely deleted everywhere!
' + Add Unicode edited Worm file for Update Function if you want change/edit vbs and save with Unicode file type
' + Add Antis (2): Sanboxie, Shadow Defender, Process Hacker, Process Explorer, System Explorer, Task Manager, FakeNet, CurrPorts, Active Ports, apateDNS, Firewall App Blocker, PCHunter
' Spy BHO Remover, NetStat Agent, SmartSniff, Rogue Killer, Wireshark, HijackThis, VBS Lookup, Vbs Killer, TiGeR-Firewall, TCPView, TCPEye, Process Lasso...
' (If you want to test this worm, please don't put in Sanboxie, because it not run ^^. Maybe, Virtual machine.)
' + Add auto delete files and subFolder of User TEMP/IE which older 8 days for clean/fresh client PC
' + Add SuperHide worm file function
' + Change other on Control/Option Windows for looklike, math
'' Screen shot:
'
'
'
'
'
'
'
'
'
'
'
' On Windows 10 (x64)
'
'
'
'
'
' Scan worm:
Filename: MyWorm.vbs
Type: File
Filesize: 30809 bytes
Date: 12/02/2015 - 20:26 GMT+2
MD5: 5130c5241d1307bb69db10e64831d95a
SHA1: 9328807c6366cc805e44852c073eaa637e53f1ab
Status: Infected
Result: 6/35
AVG Free - Virus found ASP/BackDoor
Avast - VBS
ownloader-MI [Trj]AntiVir (Avira) - VBS/Jenxcus.Gen
BitDefender - OK
Clam Antivirus - OK
COMODO Internet Security - OK
Dr.Web - OK
eTrust-Vet - OK
F-PROT Antivirus - OK
F-Secure Internet Security - OK
G Data - OK
IKARUS Security - OK
Kaspersky Antivirus - Trojan.Script.Suspic.gen
McAfee - OK
MS Security Essentials - Worm:VBS/Jenxcus.CB
ESET NOD32 - OK
Norman - OK
Norton Antivirus - OK
Panda Security - OK
A-Squared - OK
Quick Heal Antivirus - OK
Solo Antivirus - OK
Sophos - OK
Trend Micro Internet Security - OK
VBA32 Antivirus - OK
Zoner AntiVirus - OK
Ad-Aware - OK
BullGuard - OK
FortiClient - OK
K7 Ultimate - OK
NANO Antivirus - Trojan.Script.Hworm.cbxvbd, Trojan.Script.Agent.chhpqc, Trojan.Script.Agent.dmmbyt, Trojan.Script.Agent.dlfcwa
Panda CommandLine - OK
SUPERAntiSpyware - OK
Twister Antivirus - OK
VIPRE - OK
Scan Result:
This link is hidden for visitors. Please Log in or register now.
This link is hidden for visitors. Please Log in or register now.
[VERDE]Files are Clean[/VERDE] & Functional [Analyzed by you2004975]
' ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' >> Link download 12/2/2015: [HIDE-THANKS]
[/HIDE-THANKS]
' >> PassRAR: in comment of RAR
' >> CREDIT and THANKS: njQ8, HoUdiNi and me
'
'Cheerrrrrrrrrrrrrrrrrrrrrr!.
' >> Link download 12/2/2015: [HIDE-THANKS]
This link is hidden for visitors. Please Log in or register now.
' >> PassRAR: in comment of RAR
' >> CREDIT and THANKS: njQ8, HoUdiNi and me
'
'Cheerrrrrrrrrrrrrrrrrrrrrr!.
Last edited by a moderator: