求表扬啊……
42743
%7B%22isLastPage%22%3Atrue%2C%22notes%22%3A%5B%5D%2C%22pid%22%3A%22t42743%22%2C%22tid%22%3A%2242743%22%2C%22mainForumsId%22%3A%5B%22134%22%5D%2C%22categoriesId%22%3A%5B%220%22%5D%2C%22tcId%22%3A%5B%5D%7D
%7B%22isEditMode%22%3Afalse%7D
自制杀毒软件一份
类模块代码请到9楼看……
自制的软件,用的是开源代码
仍然是“U盘实用工具”作者XXXXXn的作品。
软件的代码是我修改过的,呵呵……
直接上软件,自己研究
请不要外传,谢谢!!!
如果有修改,可以直接发到Ghostdie@XXXXXXXXXXX
代码奉上:
如图:FRMMain
![FRMmain.jpg]()
2.模块代码:Option Explicit
Public Declare Sub Sleep Lib _ "kernel32" (ByVal dwMilliseconds As Long)Private Declare Function SHGetSpecialFolderLocation Lib _ "shell32.dll" (ByVal hwndOwner As Long, _ ByVal nFolder As Long, _ pidl As ITEMIDLIST) As LongPrivate Declare Function SHGetPathFromIDList Lib _ "shell32" (ByVal pidList As Long, _ ByVal lpBuffer As String) As LongPrivate Declare Function GetWindowsDirectory Lib _ "kernel32.dll" Alias "GetWindowsDirectoryA" ( _ ByVal lpBuffer As String, _ ByVal nSize As Long) As LongPrivate Declare Function GetSystemDirectory Lib _ "kernel32.dll" Alias "GetSystemDirectoryA" ( _ ByVal lpBuffer As String, _ ByVal nSize As Long) As LongPrivate Declare Function SHRunDialog Lib _ "shell32" Alias "#61" ( _ ByVal hOwner As Long, _ ByVal Unknown1 As Long, _ ByVal Unknown2 As Long, _ ByVal szTitle As String, _ ByVal szPrompt As String, _ ByVal uFlags As Long) As LongPrivate Declare Function ShellExecuteEx Lib _ "shell32" Alias "ShellExecuteExA" ( _ SEI As SHELLEXECUTEINFO) As LongPrivate Declare Function ShellExecute Lib _ "shell32.dll" Alias "ShellExecuteA" ( _ ByVal hwnd As Long, _ ByVal lpOperation As String, _ ByVal lpFile As String, _ ByVal lpParameters As String, _ ByVal lpDirectory As String, _ ByVal nShowCmd As Long) As LongPrivate Declare Function SHGetFileInfo Lib _ "shell32.dll" Alias "SHGetFileInfoA" ( _ ByVal pszPath As String, _ ByVal dwFileAttributes As Long, _ psfi As SHFILEINFO, _ ByVal cbFileInfo As Long, _ ByVal uFlags As Long) As Long Private Type SHELLEXECUTEINFO cbSize As Long fMask As Long hwnd As Long lpVerb As String lpFile As String lpParameters As String lpDirectory As String nShow As Long hInstApp As Long lpIDList As Long lpClass As String hkeyClass As Long dwHotKey As Long hIcon As Long hProcess As LongEnd Type
Private Type BrowseInfo lnghwnd As Long pIDLRoot As Long pszDisplayName As Long lpszTitle As Long ulFlags As Long lpfnCallback As Long lParam As Long iImage As LongEnd Type
Private Type SHITEMID cb As Long abID As ByteEnd Type
Private Type ITEMIDLIST mkid As SHITEMIDEnd Type
Public Enum SpecialFolder CSIDL_RECENT = &H8 CSIDL_PROFILER = &H28 CSIDL_HISTORY = &H22End Enum
Private Const BIF_NEWDIALOGSTYLE As Long = &H40Private Const BIF_EDITBOX As Long = &H10Private Const MAX_PATH As Integer = 260Private Const SEE_MASK_INVOKEIDLIST = &HCPrivate Const SEE_MASK_NOCLOSEPROCESS = &H40Private Const SEE_MASK_FLAG_NO_UI = &H400Private Const OFN_OVERWRITEPROMPT = &H2Private Const OFN_PATHMUSTEXIST = &H800Private Const OFN_EXPLORER = &H80000Private Const OFN_ENABLEHOOK = &H20Private Const OFN_HIDEREADONLY = &H4Private Const SHGFI_DISPLAYNAME As Long = &H200Private Const SHGFI_TYPENAME As Long = &H400
Private Type SHFILEINFO hIcon As Long iIcon As Long dwAttributes As Long szDisplayName As String * MAX_PATH szTypeName As String * 80End Type
Private Declare Sub CoTaskMemFree Lib _ "ole32.dll" (ByVal hMem As Long)Private Declare Function lstrcat Lib _ "kernel32" Alias "lstrcatA" _ (ByVal lpString1 As String, _ ByVal lpString2 As String) As LongPrivate Declare Function SHBrowseForFolder Lib _ "shell32" (lpBI As BrowseInfo) As Long
Public Function BrowseForFolder(lnghwnd As Long, _ strPrompt As String) As String On Error GoTo ehBrowseForFolder Dim intNull As Integer Dim lngIDList As Long, lngResult As Long Dim strPath As String Dim udtBI As BrowseInfo With udtBI .lnghwnd = lnghwnd .lpszTitle = lstrcat(strPrompt, "") .ulFlags = BIF_NEWDIALOGSTYLE + BIF_EDITBOX End With lngIDList = SHBrowseForFolder(udtBI) If lngIDList <> 0 Then strPath = String(MAX_PATH, 0) lngResult = SHGetPathFromIDList(lngIDList, _ strPath) Call CoTaskMemFree(lngIDList) intNull = InStr(strPath, vbNullChar) If intNull > 0 Then strPath = Left(strPath, intNull - 1) End If End If BrowseForFolder = strPath Exit FunctionehBrowseForFolder: BrowseForFolder = EmptyEnd Function
Public Function GetSpecialFolder(FolderType As SpecialFolder) As String Dim r As Long, sPath As String Dim IDL As ITEMIDLIST r = SHGetSpecialFolderLocation(100, FolderType, IDL) sPath = Space$(512) r = SHGetPathFromIDList(ByVal XXXXXXid.cb, ByVal sPath) GetSpecialFolder = Left$(sPath, InStr(1, sPath, Chr$(0)) - 1)End Function
Public Function GetWindowsPath() As String Dim lpBuffer As String * 255 Dim nSize As Long nSize = GetWindowsDirectory(lpBuffer, 255) GetWindowsPath = Left(lpBuffer, nSize) & "\"End Function
Public Function GetSystem32Path() As String Dim lpBuffer As String * 255 Dim nSize As Long nSize = GetSystemDirectory(lpBuffer, 255) GetSystem32Path = Left(lpBuffer, nSize) & "\"End Function
Public Function OpenInFolder(lvwItemExe As ListView, ItemId As Integer) As Double On Error Resume Next OpenInFolder = Shell("explorer.exe /select, " & _ XXXXXXXXXXXXXlectedItem.SubItems(ItemId), vbNormalFocus)End Function
Public Function OpenDosPrompt(lvwFilePath As ListView, _ ItemExepath As Integer) As Long On Error Resume Next OpenDosPrompt = ShellExecute(1, vbNullString, "XXXXXXXXXXX", _ vbNullString, GetFilePath(XXXXXXXXXXXXXXlectedItem.SubItems(ItemExepath)), 1)End Function
Public Function ShowRunApp(hwnd As Long) As Long On Error Resume Next ShowRunApp = SHRunDialog(hwnd, 0, 0, _ StrConv("New Process", vbUnicode), _ StrConv("Type the name of a program, folder, document, or Internet Resource," _ & " and Windows will open it for you.", vbUnicode), 0)End Function
Public Function OpenXPTool(hwnd As Long, lpOperation As String) As Long On Error Resume Next OpenXPTool = ShellExecute(hwnd, vbNullString, lpOperation, _ vbNullString, Left(GetWindowsPath, 3), 1)End Function
Public Function OnlineHelp(hwnd As Long, strSite As String) As Long On Error Resume Next OnlineHelp = ShellExecute(hwnd, vbNullString, _ "http://" & strSite, vbNullString, Left(GetWindowsPath, 3), 1)End Function
Public Function ShowFileProperties(hwndOwner As Long, _ lvwFilePath As ListView, ItemExepath As Integer, _ Optional lUseSubItem As Boolean = True) _ As Long On Error Resume Next Dim SEI As SHELLEXECUTEINFO Dim slpFileName As String If lUseSubItem Then slpFileName = XXXXXXXXXXXXXXlectedItem.SubItems(ItemExepath) Else slpFileName = XXXXXXXXXXXXXXlectedItem End If With SEI .cbSize = Len(SEI) .fMask = SEE_MASK_NOCLOSEPROCESS Or _ SEE_MASK_INVOKEIDLIST Or SEE_MASK_FLAG_NO_UI .hwnd = hwndOwner .lpVerb = "properties" .lpFile = slpFileName .lpParameters = vbNullChar .lpDirectory = vbNullChar .nShow = 0 .hInstApp = 1 .lpIDList = 0 End With Call ShellExecuteEx(SEI)End Function
Public Function GetFilePath(sPath As String) As String Dim i As Integer For i = Len(sPath) To 1 Step -1 If Mid$(sPath, i, 1) = "\" Then GetFilePath = Mid$(sPath, 1, i) Exit For End If Next iEnd Function
Public Function GetPathType(Path As String) As String Dim FileInfo As SHFILEINFO, lngRet As Long lngRet = SHGetFileInfo(Path, 0, FileInfo, _ Len(FileInfo), SHGFI_DISPLAYNAME Or SHGFI_TYPENAME) If lngRet = 0 Then GetPathType = _ Trim$(GetFileExtension(Path) & " File"): Exit Function GetPathType = Left$(XXXXXXXXXXXTypeName, _ InStr(1, XXXXXXXXXXXTypeName, vbNullChar) - 1)End Function
Public Function GetFileExtension(Path As String) As String Dim intRet As Integer: intRet = InStrRev(Path, ".") If intRet = 0 Then Exit Function GetFileExtension = UCase(Mid$(Path, intRet + 1))End Function
Option Explicit
Dim CRC32 As New clsGetCRC32
Function GetChecksum(sFile As String) As String On Error GoTo ErrHandle Dim cb0 As Byte Dim cb1 As Byte Dim cb2 As Byte Dim cb3 As Byte Dim cb4 As Byte Dim cb5 As Byte Dim cb6 As Byte Dim cb7 As Byte Dim cb8 As Byte Dim cb9 As Byte Dim cb10 As Byte Dim cb11 As Byte Dim cb12 As Byte Dim cb13 As Byte Dim cb14 As Byte Dim cb15 As Byte Dim cb16 As Byte Dim cb17 As Byte Dim cb18 As Byte Dim cb19 As Byte Dim cb20 As Byte Dim cb21 As Byte Dim cb22 As Byte Dim cb23 As Byte Dim buff As String Open sFile For Binary Access Read As #1 buff = Space$(1) Get #1, , buff Close #1 Open sFile For Binary Access Read As #2 Get #2, 512, cb0 Get #2, 1024, cb1 Get #2, 2048, cb2 Get #2, 3000, cb3 Get #2, 4096, cb4 Get #2, 5000, cb5 Get #2, 6000, cb6 Get #2, 7000, cb7 Get #2, 8192, cb8 Get #2, 9000, cb9 Get #2, 10000, cb10 Get #2, 11000, cb11 Get #2, 12288, cb12 Get #2, 13000, cb13 Get #2, 14000, cb14 Get #2, 15000, cb15 Get #2, 16384, cb16 Get #2, 17000, cb17 Get #2, 18000, cb18 Get #2, 19000, cb19 Get #2, 20480, cb20 Get #2, 21000, cb21 Get #2, 22000, cb22 Get #2, 23000, cb23 Close #2 buff = cb0 buff = buff & cb1 buff = buff & cb2 buff = buff & cb3 buff = buff & cb4 buff = buff & cb5 buff = buff & cb6 buff = buff & cb7 buff = buff & cb8 buff = buff & cb9 buff = buff & cb10 buff = buff & cb11 buff = buff & cb12 buff = buff & cb13 buff = buff & cb14 buff = buff & cb15 buff = buff & cb16 buff = buff & cb17 buff = buff & cb18 buff = buff & cb19 buff = buff & cb20 buff = buff & cb21 buff = buff & cb22 buff = buff & cb23 GetChecksum = XXXXXXXXringChecksum(buff) Set CRC32 = Nothing Exit FunctionErrHandle: Close #2End Function
Function GetFullCRC(sFile As String) As String GetFullCRC = XXXXXXXXleChecksum(sFile)End Function
Option Explicit
Private Type tagInitCommonControlsEx lngSize As Long lngICC As LongEnd Type
Public Declare Function InitCommonControls Lib _ "comctl32.dll" () As LongPrivate Declare Function InitCommonControlsEx Lib _ "comctl32.dll" (iccex As tagInitCommonControlsEx) As Boolean
Private Const ICC_USEREX_CLASSES = &H200
Sub Main() 'If Year(Now) < 2008 Then ' MsgBox "Cannot open application: System Time is not valid.", _ ' vbCritical + vbSystemModal, "Error Opening Application" ' End 'End If Dim iccex As tagInitCommonControlsEx With iccex .lngSize = LenB(iccex) .lngICC = ICC_USEREX_CLASSES End With InitCommonControlsEx iccex On Error GoTo 0 App.TaskVisible = False App.Title = GenerateRandomTitle(True) XXXXXXXXXXXXXowEnd Sub
'[s:9]rivate Sub Register_Ext()' CreateRegistryKey HKEY_CLASSES_ROOT, "evdfile"' CreateRegistryKey HKEY_CLASSES_ROOT, "evdfile\DefaultIcon"' CreateStringValue HKEY_CLASSES_ROOT, "evdfile", "", _' "External Virus Database"' CreateStringValue HKEY_CLASSES_ROOT, "evdfile\DefaultIcon", "", _' "%SystemRoot%\System32\shell32.dll,-154"' CreateRegistryKey HKEY_CLASSES_ROOT, ".evd"' CreateStringValue HKEY_CLASSES_ROOT, ".evd", "", "evdfile"'End Sub
'Sub SaveAppSettings()' Dim lReg As Long' With frmMain' ' Register Application' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "Register", 1' Register_Ext' ' Save File Extensions' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "UseExtensionList", _' Abs(CLng(.XXXXXXXXXlue))' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "Extension", _' CLng(.XXXXXXXXXstIndex)' ' Save Scan Options' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "FixErrorRegistry", _' CLng(.XXXXXXXXXXXXlue)' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "RepairData", _' CLng(.XXXXXXXXXlue)' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "HiddenRecovery", _' CLng(.XXXXXXXXXXXXlue)' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "ScanMemory", _' CLng(.XXXXXXXXXXXXXlue)' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "WarningSound", _' CLng(.XXXXXXXXXXXlue)' ' Save Window Settings' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "AlwaysOnTop", _' CLng(.XXXXXXXXXXXlue)' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "Transparency", _' CLng(.XXXXXXXXXXXlue)' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "HideWindowTitle", _' CLng(.XXXXXXXXXXXXXXXlue)' ' Save Reporting Service' If .XXXXXXXXXXXXlue = True Then' lReg = 1' ElseIf .XXXXXXXXXXXXXXXXlue = True Then' lReg = 2' Else' lReg = 0' End If' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "ReportingService", lReg' End With'End Sub
'Sub LoadAppSettings()' Dim lReg As Long' With frmMain' ' Load File Extensions' lReg = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "UseExtensionList")' If lReg = 1 Then' .XXXXXXXXXXXXXXlue = False' .XXXXXXXXXlue = True' .cboExt.Enabled = True' Else' .XXXXXXXXXXXXXXlue = True' .XXXXXXXXXlue = False' .cboExt.Enabled = False' End If' .XXXXXXXXXstIndex = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "Extension")' ' Load Scan Options' .XXXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "FixErrorRegistry")' .XXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "RepairData")' .XXXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "HiddenRecovery")' .XXXXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "ScanMemory")' .XXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "WarningSound")' ' Load Window Settings' .XXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "AlwaysOnTop")' .XXXXXXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "Transparency")' .XXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "HideWindowTitle")' ' Load Reporting Service' lReg = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "ReportingService")' If lReg = 1 Then' .XXXXXXXXXXXXlue = True' ElseIf lReg = 2 Then' .XXXXXXXXXXXXXXXXlue = True' Else' .XXXXXXXXXXXXXXXlue = True' End If' End With'End Sub
'Sub DefaultAppSettings()' With frmMain' .XXXXXXXXXXXXXXlue = True' .XXXXXXXXXstIndex = 4' .XXXXXXXXXlue = vbChecked' .XXXXXXXXXXXXXlue = vbChecked' .XXXXXXXXXXXlue = vbChecked' .XXXXXXXXXXXlue = vbChecked' .XXXXXXXXXXXXXXXlue = vbChecked' .XXXXXXXXXXXXlue = True' End With'End Sub
Option Explicit
Private Declare Sub GlobalMemoryStatus Lib _ "kernel32" (lpBuffer As MEMORYSTATUS)
Private Type MEMORYSTATUS dwLength As Long dwMemoryLoad As Long dwTotalPhys As Long dwAvailPhys As Long dwTotalPageFile As Long dwAvailPageFile As Long dwTotalVirtual As Long dwAvailVirtual As LongEnd Type
Private Enum PDH_STATUS PDH_CSTATUS_VALID_DATA = &H0 PDH_CSTATUS_NEW_DATA = &H1End Enum
Private Declare Function PdhOpenQuery Lib _ "[s:9]DH.DLL" (ByVal Reserved As Long, _ ByVal dwUserData As Long, _ ByRef hQuery As Long) As PDH_STATUSPrivate Declare Function PdhVbAddCounter Lib _ "[s:9]DH.DLL" (ByVal QueryHandle As Long, _ ByVal CounterPath As String, _ ByRef CounterHandle As Long) As PDH_STATUSPrivate Declare Function PdhCollectQueryData Lib _ "[s:9]DH.DLL" (ByVal QueryHandle As Long) As PDH_STATUSPrivate Declare Function PdhVbGetDoubleCounterValue Lib _ "[s:9]DH.DLL" (ByVal CounterHandle As Long, _ ByRef CounterStatus As Long) As Double
Private Type CounterInfo hCounter As Long strName As StringEnd Type
Dim pdhStatus As PDH_STATUSDim Counters(0 To 99) As CounterInfoDim hQuery As Long
Public Sub MemoryInfo(lAPageFile As Label, lAPhys As Label, _ lAVirtual As Label, lTPageFile As Label, lTPhys As Label, _ lTVirtual As Label, lMemUsage As Label) Dim MemStat As MEMORYSTATUS MemStat.dwLength = Len(MemStat) GlobalMemoryStatus MemStat With MemStat XXXXXXXXXXXXXption = Format(.dwAvailPageFile _ / 1024, "###,###,###") & " KB" XXXXXXXXXption = Format(.dwAvailPhys / 1024, _ "###,###,###") & " KB" XXXXXXXXXXXXption = Format(.dwAvailVirtual / _ 1024, "###,###,###") & " KB" XXXXXXXXXXXXXption = Format(.dwTotalPageFile _ / 1024, "###,###,###") & " KB" XXXXXXXXXption = Format(.dwTotalPhys / 1024, _ "###,###,###") & " KB" XXXXXXXXXXXXption = Format(.dwTotalVirtual / _ 1024, "###,###,###") & " KB" XXXXXXXXXXXXption = .dwMemoryLoad & " %" End WithEnd Sub
Public Sub UpdateValues(lblCPU As Label) Dim dblCounterValue As Double Dim pdhStatus As Long Dim strInfo As String Dim i As Long PdhCollectQueryData (hQuery) i = 0 dblCounterValue = PdhVbGetDoubleCounterValue( _ Counters(i).hCounter, pdhStatus) If (pdhStatus = PDH_CSTATUS_VALID_DATA) Or (pdhStatus _ = PDH_CSTATUS_NEW_DATA) Then XXXXXXXXXption = Abs(Fix(dblCounterValue)) & " %" End IfEnd Sub
Private Sub AddCounter(strCounterName As String, _ hQuery As Long) Dim pdhStatus As PDH_STATUS Dim hCounter As Long, currentCounterIdx As Long pdhStatus = PdhVbAddCounter(hQuery, strCounterName, _ hCounter) Counters(currentCounterIdx).hCounter = hCounter Counters(currentCounterIdx).strName = strCounterName currentCounterIdx = currentCounterIdx + 1End Sub
Public Sub GetCPUInfo(lblCPU As Label) pdhStatus = PdhOpenQuery(0, 1, hQuery) AddCounter "\Processor(0)\% Processor Time", hQuery UpdateValues lblCPUEnd Sub
Option Explicit
Private Const TH32CS_SNAPHEAPLIST = &H1Private Const TH32CS_SNAPPROCESS = &H2Private Const TH32CS_SNAPTHREAD = &H4Private Const TH32CS_SNAPMODULE = &H8Private Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST Or _ TH32CS_SNAPPROCESS Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE)Private Const MAX_PATH = 260Private Const PROCESS_QUERY_INFORMATION = 1024Private Const PROCESS_VM_READ = 16Private Const PROCESS_ALL_ACCESS = &H1F0FFFPrivate Const THREAD_SUSPEND_RESUME = &H2Private Const REGISTER_SERVICE = 1Private Const UNREGISTER_SERVICE = 0
Private Type PROCESSENTRY32 dwSize As Long cntUsage As Long th32ProcessID As Long th32DefaultHeapID As Long th32ModuleID As Long cntThreads As Long th32ParentProcessID As Long pcPriClassBase As Long dwFlags As Long szExeFile As String * MAX_PATHEnd Type
Private Type MODULEENTRY32 dwSize As Long th32ModuleID As Long th32ProcessID As Long GlblcntUsage As Long ProccntUsage As Long modBaseAddr As Long modBaseSize As Long hModule As Long szModule As String * 256 szExePath As String * 260End Type
Private Type THREADENTRY32 dwSize As Long cntUsage As Long th32ThreadID As Long th32OwnerProcessID As Long tpBasePri As Long tpDeltaPri As Long dwFlags As LongEnd Type
Private Type PROCESS_MEMORY_COUNTERS cb As Long PageFaultCount As Long PeakWorkingSetSize As Long WorkingSetSize As Long QuotaPeakPagedPoolUsage As Long QuotaPagedPoolUsage As Long QuotaPeakNonPagedPoolUsage As Long QuotaNonPagedPoolUsage As Long PagefileUsage As Long PeakPagefileUsage As LongEnd Type
Private Type OFSTRUCT cBytes As Byte fFixedDisk As Byte nErrCode As Integer Reserved1 As Integer Reserved2 As Integer szPathName(256) As ByteEnd Type
Public Type VERHEADER CompanyName As String FileDescription As String FileVersion As String InternalName As String LegalCopyright As String OrigionalFileName As String ProductName As String ProductVersion As String Comments As String LegalTradeMarks As String PrivateBuild As String SpecialBuild As StringEnd Type
Private Declare Function RegisterServiceProcess Lib _ "kernel32" (ByVal dwProcessId As Long, _ ByVal dwType As Long) As LongPublic Declare Function GetCurrentProcessId Lib _ "kernel32" () As LongPrivate Declare Function CreateToolhelp32Snapshot Lib _ "kernel32" (ByVal lFlags As Long, _ ByVal lProcessID As Long) As LongPrivate Declare Function Process32First Lib _ "kernel32" (ByVal hSnapShot As Long, _ uProcess As PROCESSENTRY32) As LongPrivate Declare Function Process32Next Lib _ "kernel32" (ByVal hSnapShot As Long, _ uProcess As PROCESSENTRY32) As LongPrivate Declare Function CloseHandle Lib _ "kernel32" (ByVal hObject As Long) As LongPrivate Declare Function Module32First Lib _ "kernel32" (ByVal hSnapShot As Long, _ uProcess As MODULEENTRY32) As LongPrivate Declare Function Module32Next Lib _ "kernel32" (ByVal hSnapShot As Long, _ uProcess As MODULEENTRY32) As LongPrivate Declare Function OpenProcess Lib _ "kernel32" (ByVal dwDesiredAccess As Long, _ ByVal bInheritHandle As Long, _ ByVal dwProcessId As Long) As LongPrivate Declare Function TerminateProcess Lib _ "kernel32" (ByVal hProcess As Long, _ ByVal uExitCode As Long) As LongPrivate Declare Function GetPriorityClass Lib _ "kernel32" (ByVal hProcess As Long) As LongPrivate Declare Function SetPriorityClass Lib _ "kernel32" (ByVal hProcess As Long, _ ByVal dwPriorityClass As Long) As LongPrivate Declare Function OpenThread Lib _ "kernel32.dll" (ByVal dwDesiredAccess As Long, _ ByVal bInheritHandle As Boolean, _ ByVal dwThreadId As Long) As LongPrivate Declare Function ResumeThread Lib _ "kernel32.dll" (ByVal hThread As Long) As LongPrivate Declare Function SuspendThread Lib _ "kernel32.dll" (ByVal hThread As Long) As LongPrivate Declare Function Thread32First Lib _ "kernel32.dll" (ByVal hSnapShot As Long, _ ByRef lpte As THREADENTRY32) As BooleanPrivate Declare Function Thread32Next Lib _ "kernel32.dll" (ByVal hSnapShot As Long, _ ByRef lpte As THREADENTRY32) As BooleanPrivate Declare Function lstrlen Lib _ "kernel32" Alias "lstrlenA" ( _ ByVal lpString As String) As LongPublic Declare Function GetFileAttributes Lib _ "kernel32" Alias "GetFileAttributesA" ( _ ByVal lpFileName As String) As LongPrivate Declare Function GetFileTitle Lib _ "comdlg32.dll" Alias "GetFileTitleA" ( _ ByVal lpszFile As String, _ ByVal lpszTitle As String, _ ByVal cbBuf As Integer) As IntegerPrivate Declare Function OpenFile Lib _ "kernel32.dll" (ByVal lpFileName As String, _ ByRef lpReOpenBuff As OFSTRUCT, _ ByVal wStyle As Long) As LongPrivate Declare Function GetFileSize Lib _ "kernel32" (ByVal hFile As Long, _ lpFileSizeHigh As Long) As LongPrivate Declare Function GetProcessMemoryInfo Lib _ "psapi.dll" (ByVal Process As Long, _ ByRef ppsmemCounters As PROCESS_MEMORY_COUNTERS, _ ByVal cb As Long) As LongPrivate Declare Function GetLongPathName Lib _ "kernel32.dll" Alias "GetLongPathNameA" ( _ ByVal lpszShortPath As String, _ ByVal lpszLongPath As String, _ ByVal cchBuffer As Long) As LongPrivate Declare Function GetShortPathNameA Lib _ "kernel32" (ByVal lpszLongPath As String, _ ByVal lpszShortPath As String, _ ByVal cchBuffer As Long) As LongPrivate Declare Function GetFileVersionInfo Lib _ "Version.dll" Alias "GetFileVersionInfoA" ( _ ByVal lptstrFilename As String, _ ByVal dwhandle As Long, _ ByVal dwlen As Long, _ lpData As Any) As LongPrivate Declare Function GetFileVersionInfoSize Lib _ "Version.dll" Alias "GetFileVersionInfoSizeA" ( _ ByVal lptstrFilename As String, _ lpdwHandle As Long) As LongPrivate Declare Function VerQueryValue Lib _ "Version.dll" Alias "VerQueryValueA" ( _ pBlock As Any, _ ByVal lpSubBlock As String, _ lplpBuffer As Any, _ puLen As Long) As LongPrivate Declare Sub MoveMemory Lib _ "kernel32" Alias "RtlMoveMemory" ( _ dest As Any, _ ByVal Source As Long, _ ByVal Length As Long)Private Declare Function lstrcpy Lib _ "kernel32" Alias "lstrcpyA" ( _ ByVal lpString1 As String, _ ByVal lpString2 As Long) As Long
Public Enum PriorityClass REALTIME_PRIORITY_CLASS = &H100 HIGH_PRIORITY_CLASS = &H80 NORMAL_PRIORITY_CLASS = &H20 IDLE_PRIORITY_CLASS = &H40End Enum
Dim GetIco As New clsGetIconFile
Function StripNulls(ByVal sStr As String) As String StripNulls = Left$(sStr, lstrlen(sStr))End Function
Public Function NTProcessList(lvwProc As ListView, _ ilsProc As ImageList) As Long On Error Resume Next XXXXXXXXXusePointer = vbHourglass Dim Filename As String, ExePath As String Dim hProcSnap As Long, hModuleSnap As Long, _ lProc As Long Dim uProcess As PROCESSENTRY32, _ uModule As MODULEENTRY32 Dim lvwProcItem As ListItem Dim intLVW As Integer Dim hVer As VERHEADER ExePath = String$(128, Chr$(0)) hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0&) uProcess.dwSize = Len(uProcess) lProc = Process32First(hProcSnap, uProcess) XXXXXXXXXXXXXXXXXXXXXear XXXXXXXXXXXXXXXXXXXXear XXXXXXXXXXsible = False Do While lProc If XXXXXXXXXXX32ProcessID <> 0 Then hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, _ XXXXXXXXXXX32ProcessID) uModule.dwSize = Len(uModule) Module32First hModuleSnap, uModule If hModuleSnap > 0 Then ExePath = StripNulls(XXXXXXXXXXExePath) Filename = GetFileName(ExePath) GetVerHeader ExePath, hVer XXXXXXXXXXXXXXXXXXXXXd , "[s:9]ID" & XXXXXXXXXXX32ProcessID, _ GetIco.Icon(ExePath, SmallIcon) Set lvwProcItem = XXXXXXXXXXXXXXXXXXXXd(, , Filename, , _ "[s:9]ID" & XXXXXXXXXXX32ProcessID) With lvwProcItem .SubItems(1) = GetLongPath(ExePath) .SubItems(2) = Format(GetSizeOfFile(ExePath) / 1024, _ "###,###") & " KB" .SubItems(3) = GetAttribute(ExePath) .SubItems(4) = XXXXXXXleDescription .SubItems(5) = XXXXXXXXXXX32ProcessID .SubItems(6) = XXXXXXXXXXXtThreads .SubItems(7) = Format(GetMemory(XXXXXXXXXXX32ProcessID) / 1024, _ "###,####") & " KB" .SubItems(8) = GetBasePriority(XXXXXXXXXXX32ProcessID) End With End If End If lProc = Process32Next(hProcSnap, uProcess) Loop Call CloseHandle(hProcSnap) For intLVW = 1 To XXXXXXXXXXXXXXXXXXXXXXXXunt LV_AutoSizeColumn lvwProc, XXXXXXXXXXXXXXXXXXXXXXXXem(intLVW) Next intLVW With lvwProc With .ColumnHeaders .Item(4).Width = 900 .Item(6).Width = 950 .Item(7).Width = 800 .Item(8).Width = 1250 .Item(9).Width = 800 End With .Refresh .Visible = True .SetFocus End With XXXXXXXXXusePointer = vbNormalEnd Function
Public Function GetBasePriority(ReadPID As Long) As String Dim hPID As Long hPID = OpenProcess(PROCESS_QUERY_INFORMATION, 0, ReadPID) Select Case GetPriorityClass(hPID) Case 32: GetBasePriority = "Normal" Case 64: GetBasePriority = "Idle" Case 128: GetBasePriority = "High" Case 256: GetBasePriority = "Realtime" Case Else: GetBasePriority = "N/A" End Select Call CloseHandle(hPID)End Function
Public Function SetBasePriority(lvwProc As ListView, _ ItemProcessID As Integer, BasePriority As PriorityClass) As Long Dim hPID As Long hPID = OpenProcess(PROCESS_ALL_ACCESS, 0, XXXXXXXXXXlectedItem.SubItems( _ ItemProcessID)) SetBasePriority = SetPriorityClass(hPID, BasePriority) Call CloseHandle(hPID)End Function
Private Function Thread32Enum(ByRef Thread() As THREADENTRY32, _ ByVal lProcessID As Long) As Long On Error Resume Next ReDim Thread(0) Dim THREADENTRY32 As THREADENTRY32 Dim hThreadSnap As Long Dim lThread As Long hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, lProcessID) THREADENTRY32.dwSize = Len(THREADENTRY32) If Thread32First(hThreadSnap, THREADENTRY32) = False Then Thread32Enum = -1 Exit Function Else ReDim Thread(lThread) Thread(lThread) = THREADENTRY32 End If Do If Thread32Next(hThreadSnap, THREADENTRY32) = False Then Exit Do Else lThread = lThread + 1 ReDim Preserve Thread(lThread) Thread(lThread) = THREADENTRY32 End If Loop Thread32Enum = lThread Call CloseHandle(hThreadSnap)End Function
Public Function SetSuspendResumeThread(lvwProc As ListView, _ ItemProcessID As Integer, SuspendNow As Boolean) As Long Dim Thread() As THREADENTRY32, hPID As Long, hThread As Long, i As Long hPID = XXXXXXXXXXlectedItem.SubItems(ItemProcessID) Thread32Enum Thread(), hPID For i = 0 To UBound(Thread) If Thread(i).th32OwnerProcessID = hPID Then hThread = OpenThread(THREAD_SUSPEND_RESUME, False, (Thread(i).th32ThreadID)) If SuspendNow Then SetSuspendResumeThread = SuspendThread(hThread) Else SetSuspendResumeThread = ResumeThread(hThread) End If Call CloseHandle(hThread) End If Next iEnd Function
Public Function TerminateProcessID(lvwProc As ListView, _ ItemProcessID As Integer) As Long Dim hPID As Long hPID = OpenProcess(PROCESS_ALL_ACCESS, 0, XXXXXXXXXXlectedItem.SubItems( _ ItemProcessID)) TerminateProcessID = TerminateProcess(hPID, 0) Call CloseHandle(hPID)End Function
Public Function GetAttribute(ByVal sFilePath As String) As String Select Case GetFileAttributes(sFilePath) Case 1: GetAttribute = "R": Case 2: GetAttribute _ = "H": Case 3: GetAttribute = "RH": Case 4: _ GetAttribute = "S": Case 5: GetAttribute = _ "RS": Case 6: GetAttribute = "HS": Case 7: _ GetAttribute = "RHS" Case 32: GetAttribute = "A": Case 33: GetAttribute _ = "RA": Case 34: GetAttribute = "HA": Case 35: _ GetAttribute = "RHA": Case 36: GetAttribute = _ "SA": Case 37: GetAttribute = "RSA": Case 38: _ GetAttribute = "HSA": Case 39: GetAttribute = _ "RHSA" Case 128: GetAttribute = "Normal" Case 2048: GetAttribute = "C": Case 2049: _ GetAttribute = "RC": Case 2050: GetAttribute = _ "HC": Case 2051: GetAttribute = "RHC": Case _ 2052: GetAttribute = "SC": Case 2053: _ GetAttribute = "RSC": Case 2054: GetAttribute _ = "HSC": Case 2055: GetAttribute = "RHSC": Case _ 2080: GetAttribute = "AC": Case 2081: _ GetAttribute = "RAC": Case 2082: GetAttribute _ = "HAC": Case 2083: GetAttribute = "RHAC": Case _ 2084: GetAttribute = "SAC": Case 2085: _ GetAttribute = "RSAC": Case 2086: GetAttribute _ = "HSAC": Case 2087: GetAttribute = "RHSAC" Case Else: GetAttribute = "N/A" End SelectEnd Function
Public Function GetFileName(ByVal sFileName As String) As String Dim buffer As String buffer = String(255, 0) GetFileTitle sFileName, buffer, Len(buffer) buffer = StripNulls(buffer) GetFileName = bufferEnd Function
Public Function GetSizeOfFile(ByVal PathFile As String) As Long Dim hFile As Long, OFS As OFSTRUCT hFile = OpenFile(PathFile, OFS, 0) GetSizeOfFile = GetFileSize(hFile, 0) Call CloseHandle(hFile)End Function
Public Function GetMemory(ProcessID As Long) As String On Error Resume Next Dim byteSize As Double, hProcess As Long, ProcMem As PROCESS_MEMORY_COUNTERS ProcMem.cb = LenB(ProcMem) hProcess = OpenProcess(PROCESS_QUERY_INFORMATION Or PROCESS_VM_READ, 0, ProcessID) If hProcess <= 0 Then GetMemory = "N/A": Exit Function GetProcessMemoryInfo hProcess, ProcMem, ProcMem.cb byteSize = ProcMem.WorkingSetSize GetMemory = byteSize Call CloseHandle(hProcess)End Function
Private Function GetLongPath(ByVal ShortPath As String) As String Dim lngRet As Long GetLongPath = String$(MAX_PATH, vbNullChar) lngRet = GetLongPathName(ShortPath, GetLongPath, Len(GetLongPath)) If lngRet > Len(GetLongPath) Then GetLongPath = String$(lngRet, vbNullChar) lngRet = GetLongPathName(ShortPath, GetLongPath, lngRet) End If If Not lngRet = 0 Then GetLongPath = Left$(GetLongPath, lngRet)End Function
Public Function GetVerHeader(ByVal fPN$, ByRef oFP As VERHEADER) Dim lngBufferlen&, lngDummy&, lngRc&, lngVerPointer&, lngHexNumber&, i% Dim bytBuffer() As Byte, bytBuff(255) As Byte, strBuffer$, strLangCharset$, _ strVersionInfo(11) As String, strTemp[ wind_phpcode_6 ]nbsp; If Dir(fPN$, vbHidden + vbArchive + vbNormal + vbReadOnly + vbSystem) = "" Then With oFP .CompanyName = "The file """ & GetShortPath(fPN) & """ N/A" .FileDescription = "The file """ & GetShortPath(fPN) & """ N/A" .FileVersion = "The file """ & GetShortPath(fPN) & """ N/A" .InternalName = "The file """ & GetShortPath(fPN) & """ N/A" .LegalCopyright = "The file """ & GetShortPath(fPN) & """ N/A" .OrigionalFileName = "The file """ & GetShortPath(fPN) & """ N/A" .ProductName = "The file """ & GetShortPath(fPN) & """ N/A" .ProductVersion = "The file """ & GetShortPath(fPN) & """ N/A" .Comments = "The file """ & GetShortPath(fPN) & """ N/A" .LegalTradeMarks = "The file """ & GetShortPath(fPN) & """ N/A" .PrivateBuild = "The file """ & GetShortPath(fPN) & """ N/A" .SpecialBuild = "The file """ & GetShortPath(fPN) & """ N/A" End With Exit Function End If lngBufferlen = GetFileVersionInfoSize(fPN$, 0) If lngBufferlen > 0 Then ReDim bytBuffer(lngBufferlen) lngRc = GetFileVersionInfo(fPN$, 0&, lngBufferlen, bytBuffer(0)) If lngRc <> 0 Then lngRc = VerQueryValue(bytBuffer(0), "\VarFileInfo\Translation", _ lngVerPointer, lngBufferlen) If lngRc <> 0 Then MoveMemory bytBuff(0), lngVerPointer, lngBufferlen lngHexNumber = bytBuff(2) + bytBuff(3) * &H100 + bytBuff(0) * _ &H10000 + bytBuff(1) * &H1000000 strLangCharset = Hex(lngHexNumber) Do While Len(strLangCharset) < 8 strLangCharset = "0" & strLangCharset Loop strVersionInfo(0) = "CompanyName" strVersionInfo(1) = "FileDescription" strVersionInfo(2) = "FileVersion" strVersionInfo(3) = "InternalName" strVersionInfo(4) = "LegalCopyright" strVersionInfo(5) = "OriginalFileName" strVersionInfo(6) = "[s:9]roductName" strVersionInfo(7) = "[s:9]roductVersion" strVersionInfo(8) = "Comments" strVersionInfo(9) = "LegalTrademarks" strVersionInfo(10) = "[s:9]rivateBuild" strVersionInfo(11) = "SpecialBuild" For i = 0 To 11 strBuffer = String$(255, 0) strTemp = "\StringFileInfo\" & strLangCharset & "\" & _ strVersionInfo(i) lngRc = VerQueryValue(bytBuffer(0), strTemp, lngVerPointer, _ lngBufferlen) If lngRc <> 0 Then lstrcpy strBuffer, lngVerPointer strBuffer = Mid$(strBuffer, 1, InStr(strBuffer, Chr(0)) - 1) strVersionInfo(i) = strBuffer Else strVersionInfo(i) = "" End If Next i End If End If End If For i = 0 To 11 If Trim(strVersionInfo(i)) = "" Then strVersionInfo(i) = "" Next i With oFP .CompanyName = strVersionInfo(0) .FileDescription = strVersionInfo(1) .FileVersion = strVersionInfo(2) .InternalName = strVersionInfo(3) .LegalCopyright = strVersionInfo(4) .OrigionalFileName = strVersionInfo(5) .ProductName = strVersionInfo(6) .ProductVersion = strVersionInfo(7) .Comments = strVersionInfo(8) .LegalTradeMarks = strVersionInfo(9) .PrivateBuild = strVersionInfo(10) .SpecialBuild = strVersionInfo(11) End WithEnd Function
Private Function GetShortPath(ByVal strFileName As String) As String Dim lngRet As Long GetShortPath = String$(MAX_PATH, vbNullChar) lngRet = GetShortPathNameA(strFileName, GetShortPath, MAX_PATH) If Not lngRet = 0 Then GetShortPath = Left$(GetShortPath, lngRet)End Function
Public Function GetModuleProcessID(lvwProc As ListView, _ ItemProcID As Integer, lvwModule As ListView, ilsModule As ImageList) As Long On Error Resume Next Dim ExePath As String Dim uProcess As MODULEENTRY32 Dim hSnapShot As Long Dim hPID As Long Dim lMod As Long Dim intLVW As Integer Dim i As Integer Dim lvwItem As ListItem Dim hVer As VERHEADER hPID = XXXXXXXXXXlectedItem.SubItems(ItemProcID) hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, hPID) uProcess.dwSize = Len(uProcess) lMod = Module32First(hSnapShot, uProcess) XXXXXXXXXXXXXXXXXXXXXXear XXXXXXXXXXXXXXXXXXXXXXXear i = 0 Do While lMod i = i + 1 ExePath = StripNulls(XXXXXXXXXXXExePath) GetVerHeader ExePath, hVer XXXXXXXXXXXXXXXXXXXXXXXd i, , GetIco.Icon(ExePath, SmallIcon) Set lvwItem = XXXXXXXXXXXXXXXXXXXXXXd(, , GetLongPath(ExePath), , i) With lvwItem .SubItems(1) = XXXXXXXleDescription .SubItems(2) = GetPathType(ExePath) .SubItems(3) = XXXXXXXleVersion End With lMod = Module32Next(hSnapShot, uProcess) Loop Call CloseHandle(hSnapShot) For intLVW = 1 To XXXXXXXXXXXXXXXXXXXXXXXXXXunt LV_AutoSizeColumn lvwModule, XXXXXXXXXXXXXXXXXXXXXXXXXXem(intLVW) Next intLVWEnd Function
Sub ScanProcess(showMode As Boolean) On Error Resume Next Dim ExePath As String Dim hProcSnap As Long, hModuleSnap As Long, _ lProc As Long Dim uProcess As PROCESSENTRY32, _ uModule As MODULEENTRY32 Dim hPID As Long, hExitCode As Long ExePath = String$(128, Chr$(0)) hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0&) uProcess.dwSize = Len(uProcess) lProc = Process32First(hProcSnap, uProcess) Do While lProc If XXXXXXXXXXX32ProcessID <> 0 Then hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, _ XXXXXXXXXXX32ProcessID) uModule.dwSize = Len(uModule) Module32First hModuleSnap, uModule If hModuleSnap > 0 Then DoEvents Sleep 10 ExePath = StripNulls(XXXXXXXXXXExePath) If showMode = True Then XXXXXXXXXXXXXXXXXXption = GetLongPath(ExePath) nMemory = nMemory + 1 End If If IsVirus(ExePath) Then hPID = OpenProcess(1&, -1&, XXXXXXXXXXX32ProcessID) hExitCode = TerminateProcess(hPID, 0&) Call CloseHandle(hPID) End If End If End If lProc = Process32Next(hProcSnap, uProcess) Loop Call CloseHandle(hProcSnap)End Sub
Public Function GetAppID() As Long GetAppID = GetCurrentProcessIdEnd Function
Public Sub TerminateVirusProcess(strFileName As String) On Error Resume Next Dim ExePath As String Dim hProcSnap As Long, hModuleSnap As Long, _ lProc As Long Dim uProcess As PROCESSENTRY32, _ uModule As MODULEENTRY32 Dim hPID As Long, hExitCode As Long ExePath = String$(128, Chr$(0)) hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0&) uProcess.dwSize = Len(uProcess) lProc = Process32First(hProcSnap, uProcess) Do While lProc If XXXXXXXXXXX32ProcessID <> 0 Then hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, _ XXXXXXXXXXX32ProcessID) uModule.dwSize = Len(uModule) Module32First hModuleSnap, uModule If hModuleSnap > 0 Then ExePath = StripNulls(XXXXXXXXXXExePath) If ExePath = strFileName Then hPID = OpenProcess(1&, -1&, XXXXXXXXXXX32ProcessID) hExitCode = TerminateProcess(hPID, 0&) Call CloseHandle(hPID) End If End If End If lProc = Process32Next(hProcSnap, uProcess) Loop Call CloseHandle(hProcSnap)End Sub
Option Explicit
Private Declare Function RegCreateKey Lib _ "advapi32.dll" Alias "RegCreateKeyA" ( _ ByVal hKey As Long, _ ByVal lpSubKey As String, _ phkResult As Long) As LongPrivate Declare Function RegSetValueEx Lib _ "advapi32.dll" Alias "RegSetValueExA" ( _ ByVal hKey As Long, _ ByVal lpValueName As String, _ ByVal Reserved As Long, _ ByVal dwType As Long, _ lpData As Any, _ ByVal cbData As Long) As LongPrivate Declare Function RegOpenKey Lib _ "advapi32.dll" Alias "RegOpenKeyA" ( _ ByVal hKey As Long, _ ByVal lpSubKey As String, _ phkResult As Long) As LongPrivate Declare Function RegDeleteValue Lib _ "advapi32.dll" Alias "RegDeleteValueA" ( _ ByVal hKey As Long, _ ByVal lpValueName As String) As LongPrivate Declare Function RegOpenKeyEx Lib _ "advapi32.dll" Alias "RegOpenKeyExA" ( _ ByVal hKey As Long, _ ByVal lpSubKey As String, _ ByVal ulOptions As Long, _ ByVal samDesired As Long, _ phkResult As Long) As LongPrivate Declare Function RegCloseKey Lib _ "advapi32.dll" ( _ ByVal hKey As Long) As LongPrivate Declare Function RegQueryValueEx Lib _ "advapi32.dll" Alias "RegQueryValueExA" ( _ ByVal hKey As Long, _ ByVal lpValueName As String, _ ByVal lpReserved As Long, _ lpType As Long, _ ByVal lpData As String, _ lpcbData As Long) As LongPrivate Declare Function RegQueryValueExA Lib _ "advapi32.dll" ( _ ByVal hKey As Long, _ ByVal lpValueName As String, _ ByVal lpReserved As Long, _ lpType As Long, _ ByRef lpData As Long, _ lpcbData As Long) As Long
Private Const ERROR_SUCCESS = 0&[s:9]rivate Const REG_SZ = 1&[s:9]rivate Const REG_DWORD = 4&[s:9]rivate Const KEY_QUERY_VALUE = &H1&[s:9]rivate Const KEY_SET_VALUE = &H2&[s:9]rivate Const KEY_ENUMERATE_SUB_KEYS = &H8&[s:9]rivate Const KEY_NOTIFY = &H10&[s:9]rivate Const READ_CONTROL = &H20000Private Const STANDARD_RIGHTS_READ = READ_CONTROLPrivate Const KEY_READ = STANDARD_RIGHTS_READ Or _ KEY_QUERY_VALUE Or KEY_ENUMERATE_SUB_KEYS Or KEY_NOTIFY
Dim MainKeyHandle As REGDim rtn As Long, lBuffer As Long, sBuffer As StringDim lBufferSize As LongDim lDataSize As LongDim lKey As Long
Public Enum REG HKEY_CURRENT_USER = &H80000001 HKEY_CLASSES_ROOT = &H80000000 HKEY_CURRENT_CONFIG = &H80000005 HKEY_LOCAL_MACHINE = &H80000002 HKEY_USERS = &H80000003End Enum
Public Const SMP_KEY As String = "Software\Simple Machine Protect"
Public Function CreateRegistryKey(hKey As REG, sSubKey As String) Dim lReg As Long RegCreateKey hKey, sSubKey, lReg RegCloseKey lRegEnd Function
Public Function GetDWORDValue(hKey As REG, SubKey As String, Entry As String) Dim ret As Long rtn = RegOpenKeyEx(hKey, SubKey, 0, KEY_READ, ret) If rtn = ERROR_SUCCESS Then rtn = RegQueryValueExA(ret, Entry, 0, REG_DWORD, lBuffer, 4) If rtn = ERROR_SUCCESS Then rtn = RegCloseKey(ret) GetDWORDValue = lBuffer Else GetDWORDValue = "Error" End If Else GetDWORDValue = "Error" End IfEnd Function
Public Function GetSTRINGValue(hKey As REG, SubKey As String, Entry As String) Dim ret As Long rtn = RegOpenKeyEx(hKey, SubKey, 0, KEY_READ, ret) If rtn = ERROR_SUCCESS Then sBuffer = Space(255) lBufferSize = Len(sBuffer) rtn = RegQueryValueEx(ret, Entry, 0, REG_SZ, sBuffer, lBufferSize) If rtn = ERROR_SUCCESS Then rtn = RegCloseKey(ret) sBuffer = Trim(sBuffer) GetSTRINGValue = Left(sBuffer, Len(sBuffer) - 1) Else GetSTRINGValue = "Error" End If Else GetSTRINGValue = "Error" End IfEnd Function
Public Function CreateDwordValue(hKey As REG, SubKey As String, _ strValueName As String, dwordData As Long) As Long Dim ret As Long RegCreateKey hKey, SubKey, ret CreateDwordValue = RegSetValueEx(ret, strValueName, 0, REG_DWORD, dwordData, 4) RegCloseKey retEnd Function
Public Function CreateStringValue(hKey As REG, SubKey As String, _ strValueName As String, strdata As String) As Long Dim ret As Long RegCreateKey hKey, SubKey, ret CreateStringValue = RegSetValueEx(ret, strValueName, 0, _ REG_SZ, ByVal strdata, Len(strdata)) RegCloseKey retEnd Function
Public Function DeleteValue(hKey As REG, SubKey As String, lpValName As String) As Long Dim ret As Long RegOpenKey hKey, SubKey, ret DeleteValue = RegDeleteValue(ret, lpValName) RegCloseKey retEnd Function
Option Explicit
Public Declare Function ShellExecute Lib "shell32.dll" Alias "ShellExecuteA" (ByVal hwnd As Long, ByVal lpOperation As String, ByVal lpFile As String, ByVal lpParameters As String, ByVal lpDirectory As String, ByVal nShowCmd As Long) As LongPublic Enum ShowStyle vbHide vbMaximizedFocus vbMinimizedFocus vbMinimizedNoFocus vbNormalFocus vbNormalNoFocusEnd Enum
Public Function OpenFile(ByVal OpenName As String, Optional ByVal InitDir As String = vbNullString, Optional ByVal msgStyle As ShowStyle = vbNormalFocus) ShellExecute 0&, vbNullString, OpenName, vbNullString, InitDir, msgStyleEnd Function
类模块代码下次送上
自制的软件,用的是开源代码
仍然是“U盘实用工具”作者XXXXXn的作品。
软件的代码是我修改过的,呵呵……
直接上软件,自己研究
请不要外传,谢谢!!!
如果有修改,可以直接发到Ghostdie@XXXXXXXXXXX
代码奉上:
如图:FRMMain
2.模块代码:Option Explicit
Public Declare Sub Sleep Lib _ "kernel32" (ByVal dwMilliseconds As Long)Private Declare Function SHGetSpecialFolderLocation Lib _ "shell32.dll" (ByVal hwndOwner As Long, _ ByVal nFolder As Long, _ pidl As ITEMIDLIST) As LongPrivate Declare Function SHGetPathFromIDList Lib _ "shell32" (ByVal pidList As Long, _ ByVal lpBuffer As String) As LongPrivate Declare Function GetWindowsDirectory Lib _ "kernel32.dll" Alias "GetWindowsDirectoryA" ( _ ByVal lpBuffer As String, _ ByVal nSize As Long) As LongPrivate Declare Function GetSystemDirectory Lib _ "kernel32.dll" Alias "GetSystemDirectoryA" ( _ ByVal lpBuffer As String, _ ByVal nSize As Long) As LongPrivate Declare Function SHRunDialog Lib _ "shell32" Alias "#61" ( _ ByVal hOwner As Long, _ ByVal Unknown1 As Long, _ ByVal Unknown2 As Long, _ ByVal szTitle As String, _ ByVal szPrompt As String, _ ByVal uFlags As Long) As LongPrivate Declare Function ShellExecuteEx Lib _ "shell32" Alias "ShellExecuteExA" ( _ SEI As SHELLEXECUTEINFO) As LongPrivate Declare Function ShellExecute Lib _ "shell32.dll" Alias "ShellExecuteA" ( _ ByVal hwnd As Long, _ ByVal lpOperation As String, _ ByVal lpFile As String, _ ByVal lpParameters As String, _ ByVal lpDirectory As String, _ ByVal nShowCmd As Long) As LongPrivate Declare Function SHGetFileInfo Lib _ "shell32.dll" Alias "SHGetFileInfoA" ( _ ByVal pszPath As String, _ ByVal dwFileAttributes As Long, _ psfi As SHFILEINFO, _ ByVal cbFileInfo As Long, _ ByVal uFlags As Long) As Long Private Type SHELLEXECUTEINFO cbSize As Long fMask As Long hwnd As Long lpVerb As String lpFile As String lpParameters As String lpDirectory As String nShow As Long hInstApp As Long lpIDList As Long lpClass As String hkeyClass As Long dwHotKey As Long hIcon As Long hProcess As LongEnd Type
Private Type BrowseInfo lnghwnd As Long pIDLRoot As Long pszDisplayName As Long lpszTitle As Long ulFlags As Long lpfnCallback As Long lParam As Long iImage As LongEnd Type
Private Type SHITEMID cb As Long abID As ByteEnd Type
Private Type ITEMIDLIST mkid As SHITEMIDEnd Type
Public Enum SpecialFolder CSIDL_RECENT = &H8 CSIDL_PROFILER = &H28 CSIDL_HISTORY = &H22End Enum
Private Const BIF_NEWDIALOGSTYLE As Long = &H40Private Const BIF_EDITBOX As Long = &H10Private Const MAX_PATH As Integer = 260Private Const SEE_MASK_INVOKEIDLIST = &HCPrivate Const SEE_MASK_NOCLOSEPROCESS = &H40Private Const SEE_MASK_FLAG_NO_UI = &H400Private Const OFN_OVERWRITEPROMPT = &H2Private Const OFN_PATHMUSTEXIST = &H800Private Const OFN_EXPLORER = &H80000Private Const OFN_ENABLEHOOK = &H20Private Const OFN_HIDEREADONLY = &H4Private Const SHGFI_DISPLAYNAME As Long = &H200Private Const SHGFI_TYPENAME As Long = &H400
Private Type SHFILEINFO hIcon As Long iIcon As Long dwAttributes As Long szDisplayName As String * MAX_PATH szTypeName As String * 80End Type
Private Declare Sub CoTaskMemFree Lib _ "ole32.dll" (ByVal hMem As Long)Private Declare Function lstrcat Lib _ "kernel32" Alias "lstrcatA" _ (ByVal lpString1 As String, _ ByVal lpString2 As String) As LongPrivate Declare Function SHBrowseForFolder Lib _ "shell32" (lpBI As BrowseInfo) As Long
Public Function BrowseForFolder(lnghwnd As Long, _ strPrompt As String) As String On Error GoTo ehBrowseForFolder Dim intNull As Integer Dim lngIDList As Long, lngResult As Long Dim strPath As String Dim udtBI As BrowseInfo With udtBI .lnghwnd = lnghwnd .lpszTitle = lstrcat(strPrompt, "") .ulFlags = BIF_NEWDIALOGSTYLE + BIF_EDITBOX End With lngIDList = SHBrowseForFolder(udtBI) If lngIDList <> 0 Then strPath = String(MAX_PATH, 0) lngResult = SHGetPathFromIDList(lngIDList, _ strPath) Call CoTaskMemFree(lngIDList) intNull = InStr(strPath, vbNullChar) If intNull > 0 Then strPath = Left(strPath, intNull - 1) End If End If BrowseForFolder = strPath Exit FunctionehBrowseForFolder: BrowseForFolder = EmptyEnd Function
Public Function GetSpecialFolder(FolderType As SpecialFolder) As String Dim r As Long, sPath As String Dim IDL As ITEMIDLIST r = SHGetSpecialFolderLocation(100, FolderType, IDL) sPath = Space$(512) r = SHGetPathFromIDList(ByVal XXXXXXid.cb, ByVal sPath) GetSpecialFolder = Left$(sPath, InStr(1, sPath, Chr$(0)) - 1)End Function
Public Function GetWindowsPath() As String Dim lpBuffer As String * 255 Dim nSize As Long nSize = GetWindowsDirectory(lpBuffer, 255) GetWindowsPath = Left(lpBuffer, nSize) & "\"End Function
Public Function GetSystem32Path() As String Dim lpBuffer As String * 255 Dim nSize As Long nSize = GetSystemDirectory(lpBuffer, 255) GetSystem32Path = Left(lpBuffer, nSize) & "\"End Function
Public Function OpenInFolder(lvwItemExe As ListView, ItemId As Integer) As Double On Error Resume Next OpenInFolder = Shell("explorer.exe /select, " & _ XXXXXXXXXXXXXlectedItem.SubItems(ItemId), vbNormalFocus)End Function
Public Function OpenDosPrompt(lvwFilePath As ListView, _ ItemExepath As Integer) As Long On Error Resume Next OpenDosPrompt = ShellExecute(1, vbNullString, "XXXXXXXXXXX", _ vbNullString, GetFilePath(XXXXXXXXXXXXXXlectedItem.SubItems(ItemExepath)), 1)End Function
Public Function ShowRunApp(hwnd As Long) As Long On Error Resume Next ShowRunApp = SHRunDialog(hwnd, 0, 0, _ StrConv("New Process", vbUnicode), _ StrConv("Type the name of a program, folder, document, or Internet Resource," _ & " and Windows will open it for you.", vbUnicode), 0)End Function
Public Function OpenXPTool(hwnd As Long, lpOperation As String) As Long On Error Resume Next OpenXPTool = ShellExecute(hwnd, vbNullString, lpOperation, _ vbNullString, Left(GetWindowsPath, 3), 1)End Function
Public Function OnlineHelp(hwnd As Long, strSite As String) As Long On Error Resume Next OnlineHelp = ShellExecute(hwnd, vbNullString, _ "http://" & strSite, vbNullString, Left(GetWindowsPath, 3), 1)End Function
Public Function ShowFileProperties(hwndOwner As Long, _ lvwFilePath As ListView, ItemExepath As Integer, _ Optional lUseSubItem As Boolean = True) _ As Long On Error Resume Next Dim SEI As SHELLEXECUTEINFO Dim slpFileName As String If lUseSubItem Then slpFileName = XXXXXXXXXXXXXXlectedItem.SubItems(ItemExepath) Else slpFileName = XXXXXXXXXXXXXXlectedItem End If With SEI .cbSize = Len(SEI) .fMask = SEE_MASK_NOCLOSEPROCESS Or _ SEE_MASK_INVOKEIDLIST Or SEE_MASK_FLAG_NO_UI .hwnd = hwndOwner .lpVerb = "properties" .lpFile = slpFileName .lpParameters = vbNullChar .lpDirectory = vbNullChar .nShow = 0 .hInstApp = 1 .lpIDList = 0 End With Call ShellExecuteEx(SEI)End Function
Public Function GetFilePath(sPath As String) As String Dim i As Integer For i = Len(sPath) To 1 Step -1 If Mid$(sPath, i, 1) = "\" Then GetFilePath = Mid$(sPath, 1, i) Exit For End If Next iEnd Function
Public Function GetPathType(Path As String) As String Dim FileInfo As SHFILEINFO, lngRet As Long lngRet = SHGetFileInfo(Path, 0, FileInfo, _ Len(FileInfo), SHGFI_DISPLAYNAME Or SHGFI_TYPENAME) If lngRet = 0 Then GetPathType = _ Trim$(GetFileExtension(Path) & " File"): Exit Function GetPathType = Left$(XXXXXXXXXXXTypeName, _ InStr(1, XXXXXXXXXXXTypeName, vbNullChar) - 1)End Function
Public Function GetFileExtension(Path As String) As String Dim intRet As Integer: intRet = InStrRev(Path, ".") If intRet = 0 Then Exit Function GetFileExtension = UCase(Mid$(Path, intRet + 1))End Function
Option Explicit
Dim CRC32 As New clsGetCRC32
Function GetChecksum(sFile As String) As String On Error GoTo ErrHandle Dim cb0 As Byte Dim cb1 As Byte Dim cb2 As Byte Dim cb3 As Byte Dim cb4 As Byte Dim cb5 As Byte Dim cb6 As Byte Dim cb7 As Byte Dim cb8 As Byte Dim cb9 As Byte Dim cb10 As Byte Dim cb11 As Byte Dim cb12 As Byte Dim cb13 As Byte Dim cb14 As Byte Dim cb15 As Byte Dim cb16 As Byte Dim cb17 As Byte Dim cb18 As Byte Dim cb19 As Byte Dim cb20 As Byte Dim cb21 As Byte Dim cb22 As Byte Dim cb23 As Byte Dim buff As String Open sFile For Binary Access Read As #1 buff = Space$(1) Get #1, , buff Close #1 Open sFile For Binary Access Read As #2 Get #2, 512, cb0 Get #2, 1024, cb1 Get #2, 2048, cb2 Get #2, 3000, cb3 Get #2, 4096, cb4 Get #2, 5000, cb5 Get #2, 6000, cb6 Get #2, 7000, cb7 Get #2, 8192, cb8 Get #2, 9000, cb9 Get #2, 10000, cb10 Get #2, 11000, cb11 Get #2, 12288, cb12 Get #2, 13000, cb13 Get #2, 14000, cb14 Get #2, 15000, cb15 Get #2, 16384, cb16 Get #2, 17000, cb17 Get #2, 18000, cb18 Get #2, 19000, cb19 Get #2, 20480, cb20 Get #2, 21000, cb21 Get #2, 22000, cb22 Get #2, 23000, cb23 Close #2 buff = cb0 buff = buff & cb1 buff = buff & cb2 buff = buff & cb3 buff = buff & cb4 buff = buff & cb5 buff = buff & cb6 buff = buff & cb7 buff = buff & cb8 buff = buff & cb9 buff = buff & cb10 buff = buff & cb11 buff = buff & cb12 buff = buff & cb13 buff = buff & cb14 buff = buff & cb15 buff = buff & cb16 buff = buff & cb17 buff = buff & cb18 buff = buff & cb19 buff = buff & cb20 buff = buff & cb21 buff = buff & cb22 buff = buff & cb23 GetChecksum = XXXXXXXXringChecksum(buff) Set CRC32 = Nothing Exit FunctionErrHandle: Close #2End Function
Function GetFullCRC(sFile As String) As String GetFullCRC = XXXXXXXXleChecksum(sFile)End Function
Option Explicit
Private Type tagInitCommonControlsEx lngSize As Long lngICC As LongEnd Type
Public Declare Function InitCommonControls Lib _ "comctl32.dll" () As LongPrivate Declare Function InitCommonControlsEx Lib _ "comctl32.dll" (iccex As tagInitCommonControlsEx) As Boolean
Private Const ICC_USEREX_CLASSES = &H200
Sub Main() 'If Year(Now) < 2008 Then ' MsgBox "Cannot open application: System Time is not valid.", _ ' vbCritical + vbSystemModal, "Error Opening Application" ' End 'End If Dim iccex As tagInitCommonControlsEx With iccex .lngSize = LenB(iccex) .lngICC = ICC_USEREX_CLASSES End With InitCommonControlsEx iccex On Error GoTo 0 App.TaskVisible = False App.Title = GenerateRandomTitle(True) XXXXXXXXXXXXXowEnd Sub
'[s:9]rivate Sub Register_Ext()' CreateRegistryKey HKEY_CLASSES_ROOT, "evdfile"' CreateRegistryKey HKEY_CLASSES_ROOT, "evdfile\DefaultIcon"' CreateStringValue HKEY_CLASSES_ROOT, "evdfile", "", _' "External Virus Database"' CreateStringValue HKEY_CLASSES_ROOT, "evdfile\DefaultIcon", "", _' "%SystemRoot%\System32\shell32.dll,-154"' CreateRegistryKey HKEY_CLASSES_ROOT, ".evd"' CreateStringValue HKEY_CLASSES_ROOT, ".evd", "", "evdfile"'End Sub
'Sub SaveAppSettings()' Dim lReg As Long' With frmMain' ' Register Application' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "Register", 1' Register_Ext' ' Save File Extensions' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "UseExtensionList", _' Abs(CLng(.XXXXXXXXXlue))' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "Extension", _' CLng(.XXXXXXXXXstIndex)' ' Save Scan Options' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "FixErrorRegistry", _' CLng(.XXXXXXXXXXXXlue)' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "RepairData", _' CLng(.XXXXXXXXXlue)' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "HiddenRecovery", _' CLng(.XXXXXXXXXXXXlue)' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "ScanMemory", _' CLng(.XXXXXXXXXXXXXlue)' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "WarningSound", _' CLng(.XXXXXXXXXXXlue)' ' Save Window Settings' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "AlwaysOnTop", _' CLng(.XXXXXXXXXXXlue)' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "Transparency", _' CLng(.XXXXXXXXXXXlue)' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "HideWindowTitle", _' CLng(.XXXXXXXXXXXXXXXlue)' ' Save Reporting Service' If .XXXXXXXXXXXXlue = True Then' lReg = 1' ElseIf .XXXXXXXXXXXXXXXXlue = True Then' lReg = 2' Else' lReg = 0' End If' CreateDwordValue HKEY_CURRENT_USER, SMP_KEY, "ReportingService", lReg' End With'End Sub
'Sub LoadAppSettings()' Dim lReg As Long' With frmMain' ' Load File Extensions' lReg = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "UseExtensionList")' If lReg = 1 Then' .XXXXXXXXXXXXXXlue = False' .XXXXXXXXXlue = True' .cboExt.Enabled = True' Else' .XXXXXXXXXXXXXXlue = True' .XXXXXXXXXlue = False' .cboExt.Enabled = False' End If' .XXXXXXXXXstIndex = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "Extension")' ' Load Scan Options' .XXXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "FixErrorRegistry")' .XXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "RepairData")' .XXXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "HiddenRecovery")' .XXXXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "ScanMemory")' .XXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "WarningSound")' ' Load Window Settings' .XXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "AlwaysOnTop")' .XXXXXXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "Transparency")' .XXXXXXXXXXXlue = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "HideWindowTitle")' ' Load Reporting Service' lReg = GetDWORDValue(HKEY_CURRENT_USER, SMP_KEY, "ReportingService")' If lReg = 1 Then' .XXXXXXXXXXXXlue = True' ElseIf lReg = 2 Then' .XXXXXXXXXXXXXXXXlue = True' Else' .XXXXXXXXXXXXXXXlue = True' End If' End With'End Sub
'Sub DefaultAppSettings()' With frmMain' .XXXXXXXXXXXXXXlue = True' .XXXXXXXXXstIndex = 4' .XXXXXXXXXlue = vbChecked' .XXXXXXXXXXXXXlue = vbChecked' .XXXXXXXXXXXlue = vbChecked' .XXXXXXXXXXXlue = vbChecked' .XXXXXXXXXXXXXXXlue = vbChecked' .XXXXXXXXXXXXlue = True' End With'End Sub
Option Explicit
Private Declare Sub GlobalMemoryStatus Lib _ "kernel32" (lpBuffer As MEMORYSTATUS)
Private Type MEMORYSTATUS dwLength As Long dwMemoryLoad As Long dwTotalPhys As Long dwAvailPhys As Long dwTotalPageFile As Long dwAvailPageFile As Long dwTotalVirtual As Long dwAvailVirtual As LongEnd Type
Private Enum PDH_STATUS PDH_CSTATUS_VALID_DATA = &H0 PDH_CSTATUS_NEW_DATA = &H1End Enum
Private Declare Function PdhOpenQuery Lib _ "[s:9]DH.DLL" (ByVal Reserved As Long, _ ByVal dwUserData As Long, _ ByRef hQuery As Long) As PDH_STATUSPrivate Declare Function PdhVbAddCounter Lib _ "[s:9]DH.DLL" (ByVal QueryHandle As Long, _ ByVal CounterPath As String, _ ByRef CounterHandle As Long) As PDH_STATUSPrivate Declare Function PdhCollectQueryData Lib _ "[s:9]DH.DLL" (ByVal QueryHandle As Long) As PDH_STATUSPrivate Declare Function PdhVbGetDoubleCounterValue Lib _ "[s:9]DH.DLL" (ByVal CounterHandle As Long, _ ByRef CounterStatus As Long) As Double
Private Type CounterInfo hCounter As Long strName As StringEnd Type
Dim pdhStatus As PDH_STATUSDim Counters(0 To 99) As CounterInfoDim hQuery As Long
Public Sub MemoryInfo(lAPageFile As Label, lAPhys As Label, _ lAVirtual As Label, lTPageFile As Label, lTPhys As Label, _ lTVirtual As Label, lMemUsage As Label) Dim MemStat As MEMORYSTATUS MemStat.dwLength = Len(MemStat) GlobalMemoryStatus MemStat With MemStat XXXXXXXXXXXXXption = Format(.dwAvailPageFile _ / 1024, "###,###,###") & " KB" XXXXXXXXXption = Format(.dwAvailPhys / 1024, _ "###,###,###") & " KB" XXXXXXXXXXXXption = Format(.dwAvailVirtual / _ 1024, "###,###,###") & " KB" XXXXXXXXXXXXXption = Format(.dwTotalPageFile _ / 1024, "###,###,###") & " KB" XXXXXXXXXption = Format(.dwTotalPhys / 1024, _ "###,###,###") & " KB" XXXXXXXXXXXXption = Format(.dwTotalVirtual / _ 1024, "###,###,###") & " KB" XXXXXXXXXXXXption = .dwMemoryLoad & " %" End WithEnd Sub
Public Sub UpdateValues(lblCPU As Label) Dim dblCounterValue As Double Dim pdhStatus As Long Dim strInfo As String Dim i As Long PdhCollectQueryData (hQuery) i = 0 dblCounterValue = PdhVbGetDoubleCounterValue( _ Counters(i).hCounter, pdhStatus) If (pdhStatus = PDH_CSTATUS_VALID_DATA) Or (pdhStatus _ = PDH_CSTATUS_NEW_DATA) Then XXXXXXXXXption = Abs(Fix(dblCounterValue)) & " %" End IfEnd Sub
Private Sub AddCounter(strCounterName As String, _ hQuery As Long) Dim pdhStatus As PDH_STATUS Dim hCounter As Long, currentCounterIdx As Long pdhStatus = PdhVbAddCounter(hQuery, strCounterName, _ hCounter) Counters(currentCounterIdx).hCounter = hCounter Counters(currentCounterIdx).strName = strCounterName currentCounterIdx = currentCounterIdx + 1End Sub
Public Sub GetCPUInfo(lblCPU As Label) pdhStatus = PdhOpenQuery(0, 1, hQuery) AddCounter "\Processor(0)\% Processor Time", hQuery UpdateValues lblCPUEnd Sub
Option Explicit
Private Const TH32CS_SNAPHEAPLIST = &H1Private Const TH32CS_SNAPPROCESS = &H2Private Const TH32CS_SNAPTHREAD = &H4Private Const TH32CS_SNAPMODULE = &H8Private Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST Or _ TH32CS_SNAPPROCESS Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE)Private Const MAX_PATH = 260Private Const PROCESS_QUERY_INFORMATION = 1024Private Const PROCESS_VM_READ = 16Private Const PROCESS_ALL_ACCESS = &H1F0FFFPrivate Const THREAD_SUSPEND_RESUME = &H2Private Const REGISTER_SERVICE = 1Private Const UNREGISTER_SERVICE = 0
Private Type PROCESSENTRY32 dwSize As Long cntUsage As Long th32ProcessID As Long th32DefaultHeapID As Long th32ModuleID As Long cntThreads As Long th32ParentProcessID As Long pcPriClassBase As Long dwFlags As Long szExeFile As String * MAX_PATHEnd Type
Private Type MODULEENTRY32 dwSize As Long th32ModuleID As Long th32ProcessID As Long GlblcntUsage As Long ProccntUsage As Long modBaseAddr As Long modBaseSize As Long hModule As Long szModule As String * 256 szExePath As String * 260End Type
Private Type THREADENTRY32 dwSize As Long cntUsage As Long th32ThreadID As Long th32OwnerProcessID As Long tpBasePri As Long tpDeltaPri As Long dwFlags As LongEnd Type
Private Type PROCESS_MEMORY_COUNTERS cb As Long PageFaultCount As Long PeakWorkingSetSize As Long WorkingSetSize As Long QuotaPeakPagedPoolUsage As Long QuotaPagedPoolUsage As Long QuotaPeakNonPagedPoolUsage As Long QuotaNonPagedPoolUsage As Long PagefileUsage As Long PeakPagefileUsage As LongEnd Type
Private Type OFSTRUCT cBytes As Byte fFixedDisk As Byte nErrCode As Integer Reserved1 As Integer Reserved2 As Integer szPathName(256) As ByteEnd Type
Public Type VERHEADER CompanyName As String FileDescription As String FileVersion As String InternalName As String LegalCopyright As String OrigionalFileName As String ProductName As String ProductVersion As String Comments As String LegalTradeMarks As String PrivateBuild As String SpecialBuild As StringEnd Type
Private Declare Function RegisterServiceProcess Lib _ "kernel32" (ByVal dwProcessId As Long, _ ByVal dwType As Long) As LongPublic Declare Function GetCurrentProcessId Lib _ "kernel32" () As LongPrivate Declare Function CreateToolhelp32Snapshot Lib _ "kernel32" (ByVal lFlags As Long, _ ByVal lProcessID As Long) As LongPrivate Declare Function Process32First Lib _ "kernel32" (ByVal hSnapShot As Long, _ uProcess As PROCESSENTRY32) As LongPrivate Declare Function Process32Next Lib _ "kernel32" (ByVal hSnapShot As Long, _ uProcess As PROCESSENTRY32) As LongPrivate Declare Function CloseHandle Lib _ "kernel32" (ByVal hObject As Long) As LongPrivate Declare Function Module32First Lib _ "kernel32" (ByVal hSnapShot As Long, _ uProcess As MODULEENTRY32) As LongPrivate Declare Function Module32Next Lib _ "kernel32" (ByVal hSnapShot As Long, _ uProcess As MODULEENTRY32) As LongPrivate Declare Function OpenProcess Lib _ "kernel32" (ByVal dwDesiredAccess As Long, _ ByVal bInheritHandle As Long, _ ByVal dwProcessId As Long) As LongPrivate Declare Function TerminateProcess Lib _ "kernel32" (ByVal hProcess As Long, _ ByVal uExitCode As Long) As LongPrivate Declare Function GetPriorityClass Lib _ "kernel32" (ByVal hProcess As Long) As LongPrivate Declare Function SetPriorityClass Lib _ "kernel32" (ByVal hProcess As Long, _ ByVal dwPriorityClass As Long) As LongPrivate Declare Function OpenThread Lib _ "kernel32.dll" (ByVal dwDesiredAccess As Long, _ ByVal bInheritHandle As Boolean, _ ByVal dwThreadId As Long) As LongPrivate Declare Function ResumeThread Lib _ "kernel32.dll" (ByVal hThread As Long) As LongPrivate Declare Function SuspendThread Lib _ "kernel32.dll" (ByVal hThread As Long) As LongPrivate Declare Function Thread32First Lib _ "kernel32.dll" (ByVal hSnapShot As Long, _ ByRef lpte As THREADENTRY32) As BooleanPrivate Declare Function Thread32Next Lib _ "kernel32.dll" (ByVal hSnapShot As Long, _ ByRef lpte As THREADENTRY32) As BooleanPrivate Declare Function lstrlen Lib _ "kernel32" Alias "lstrlenA" ( _ ByVal lpString As String) As LongPublic Declare Function GetFileAttributes Lib _ "kernel32" Alias "GetFileAttributesA" ( _ ByVal lpFileName As String) As LongPrivate Declare Function GetFileTitle Lib _ "comdlg32.dll" Alias "GetFileTitleA" ( _ ByVal lpszFile As String, _ ByVal lpszTitle As String, _ ByVal cbBuf As Integer) As IntegerPrivate Declare Function OpenFile Lib _ "kernel32.dll" (ByVal lpFileName As String, _ ByRef lpReOpenBuff As OFSTRUCT, _ ByVal wStyle As Long) As LongPrivate Declare Function GetFileSize Lib _ "kernel32" (ByVal hFile As Long, _ lpFileSizeHigh As Long) As LongPrivate Declare Function GetProcessMemoryInfo Lib _ "psapi.dll" (ByVal Process As Long, _ ByRef ppsmemCounters As PROCESS_MEMORY_COUNTERS, _ ByVal cb As Long) As LongPrivate Declare Function GetLongPathName Lib _ "kernel32.dll" Alias "GetLongPathNameA" ( _ ByVal lpszShortPath As String, _ ByVal lpszLongPath As String, _ ByVal cchBuffer As Long) As LongPrivate Declare Function GetShortPathNameA Lib _ "kernel32" (ByVal lpszLongPath As String, _ ByVal lpszShortPath As String, _ ByVal cchBuffer As Long) As LongPrivate Declare Function GetFileVersionInfo Lib _ "Version.dll" Alias "GetFileVersionInfoA" ( _ ByVal lptstrFilename As String, _ ByVal dwhandle As Long, _ ByVal dwlen As Long, _ lpData As Any) As LongPrivate Declare Function GetFileVersionInfoSize Lib _ "Version.dll" Alias "GetFileVersionInfoSizeA" ( _ ByVal lptstrFilename As String, _ lpdwHandle As Long) As LongPrivate Declare Function VerQueryValue Lib _ "Version.dll" Alias "VerQueryValueA" ( _ pBlock As Any, _ ByVal lpSubBlock As String, _ lplpBuffer As Any, _ puLen As Long) As LongPrivate Declare Sub MoveMemory Lib _ "kernel32" Alias "RtlMoveMemory" ( _ dest As Any, _ ByVal Source As Long, _ ByVal Length As Long)Private Declare Function lstrcpy Lib _ "kernel32" Alias "lstrcpyA" ( _ ByVal lpString1 As String, _ ByVal lpString2 As Long) As Long
Public Enum PriorityClass REALTIME_PRIORITY_CLASS = &H100 HIGH_PRIORITY_CLASS = &H80 NORMAL_PRIORITY_CLASS = &H20 IDLE_PRIORITY_CLASS = &H40End Enum
Dim GetIco As New clsGetIconFile
Function StripNulls(ByVal sStr As String) As String StripNulls = Left$(sStr, lstrlen(sStr))End Function
Public Function NTProcessList(lvwProc As ListView, _ ilsProc As ImageList) As Long On Error Resume Next XXXXXXXXXusePointer = vbHourglass Dim Filename As String, ExePath As String Dim hProcSnap As Long, hModuleSnap As Long, _ lProc As Long Dim uProcess As PROCESSENTRY32, _ uModule As MODULEENTRY32 Dim lvwProcItem As ListItem Dim intLVW As Integer Dim hVer As VERHEADER ExePath = String$(128, Chr$(0)) hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0&) uProcess.dwSize = Len(uProcess) lProc = Process32First(hProcSnap, uProcess) XXXXXXXXXXXXXXXXXXXXXear XXXXXXXXXXXXXXXXXXXXear XXXXXXXXXXsible = False Do While lProc If XXXXXXXXXXX32ProcessID <> 0 Then hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, _ XXXXXXXXXXX32ProcessID) uModule.dwSize = Len(uModule) Module32First hModuleSnap, uModule If hModuleSnap > 0 Then ExePath = StripNulls(XXXXXXXXXXExePath) Filename = GetFileName(ExePath) GetVerHeader ExePath, hVer XXXXXXXXXXXXXXXXXXXXXd , "[s:9]ID" & XXXXXXXXXXX32ProcessID, _ GetIco.Icon(ExePath, SmallIcon) Set lvwProcItem = XXXXXXXXXXXXXXXXXXXXd(, , Filename, , _ "[s:9]ID" & XXXXXXXXXXX32ProcessID) With lvwProcItem .SubItems(1) = GetLongPath(ExePath) .SubItems(2) = Format(GetSizeOfFile(ExePath) / 1024, _ "###,###") & " KB" .SubItems(3) = GetAttribute(ExePath) .SubItems(4) = XXXXXXXleDescription .SubItems(5) = XXXXXXXXXXX32ProcessID .SubItems(6) = XXXXXXXXXXXtThreads .SubItems(7) = Format(GetMemory(XXXXXXXXXXX32ProcessID) / 1024, _ "###,####") & " KB" .SubItems(8) = GetBasePriority(XXXXXXXXXXX32ProcessID) End With End If End If lProc = Process32Next(hProcSnap, uProcess) Loop Call CloseHandle(hProcSnap) For intLVW = 1 To XXXXXXXXXXXXXXXXXXXXXXXXunt LV_AutoSizeColumn lvwProc, XXXXXXXXXXXXXXXXXXXXXXXXem(intLVW) Next intLVW With lvwProc With .ColumnHeaders .Item(4).Width = 900 .Item(6).Width = 950 .Item(7).Width = 800 .Item(8).Width = 1250 .Item(9).Width = 800 End With .Refresh .Visible = True .SetFocus End With XXXXXXXXXusePointer = vbNormalEnd Function
Public Function GetBasePriority(ReadPID As Long) As String Dim hPID As Long hPID = OpenProcess(PROCESS_QUERY_INFORMATION, 0, ReadPID) Select Case GetPriorityClass(hPID) Case 32: GetBasePriority = "Normal" Case 64: GetBasePriority = "Idle" Case 128: GetBasePriority = "High" Case 256: GetBasePriority = "Realtime" Case Else: GetBasePriority = "N/A" End Select Call CloseHandle(hPID)End Function
Public Function SetBasePriority(lvwProc As ListView, _ ItemProcessID As Integer, BasePriority As PriorityClass) As Long Dim hPID As Long hPID = OpenProcess(PROCESS_ALL_ACCESS, 0, XXXXXXXXXXlectedItem.SubItems( _ ItemProcessID)) SetBasePriority = SetPriorityClass(hPID, BasePriority) Call CloseHandle(hPID)End Function
Private Function Thread32Enum(ByRef Thread() As THREADENTRY32, _ ByVal lProcessID As Long) As Long On Error Resume Next ReDim Thread(0) Dim THREADENTRY32 As THREADENTRY32 Dim hThreadSnap As Long Dim lThread As Long hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, lProcessID) THREADENTRY32.dwSize = Len(THREADENTRY32) If Thread32First(hThreadSnap, THREADENTRY32) = False Then Thread32Enum = -1 Exit Function Else ReDim Thread(lThread) Thread(lThread) = THREADENTRY32 End If Do If Thread32Next(hThreadSnap, THREADENTRY32) = False Then Exit Do Else lThread = lThread + 1 ReDim Preserve Thread(lThread) Thread(lThread) = THREADENTRY32 End If Loop Thread32Enum = lThread Call CloseHandle(hThreadSnap)End Function
Public Function SetSuspendResumeThread(lvwProc As ListView, _ ItemProcessID As Integer, SuspendNow As Boolean) As Long Dim Thread() As THREADENTRY32, hPID As Long, hThread As Long, i As Long hPID = XXXXXXXXXXlectedItem.SubItems(ItemProcessID) Thread32Enum Thread(), hPID For i = 0 To UBound(Thread) If Thread(i).th32OwnerProcessID = hPID Then hThread = OpenThread(THREAD_SUSPEND_RESUME, False, (Thread(i).th32ThreadID)) If SuspendNow Then SetSuspendResumeThread = SuspendThread(hThread) Else SetSuspendResumeThread = ResumeThread(hThread) End If Call CloseHandle(hThread) End If Next iEnd Function
Public Function TerminateProcessID(lvwProc As ListView, _ ItemProcessID As Integer) As Long Dim hPID As Long hPID = OpenProcess(PROCESS_ALL_ACCESS, 0, XXXXXXXXXXlectedItem.SubItems( _ ItemProcessID)) TerminateProcessID = TerminateProcess(hPID, 0) Call CloseHandle(hPID)End Function
Public Function GetAttribute(ByVal sFilePath As String) As String Select Case GetFileAttributes(sFilePath) Case 1: GetAttribute = "R": Case 2: GetAttribute _ = "H": Case 3: GetAttribute = "RH": Case 4: _ GetAttribute = "S": Case 5: GetAttribute = _ "RS": Case 6: GetAttribute = "HS": Case 7: _ GetAttribute = "RHS" Case 32: GetAttribute = "A": Case 33: GetAttribute _ = "RA": Case 34: GetAttribute = "HA": Case 35: _ GetAttribute = "RHA": Case 36: GetAttribute = _ "SA": Case 37: GetAttribute = "RSA": Case 38: _ GetAttribute = "HSA": Case 39: GetAttribute = _ "RHSA" Case 128: GetAttribute = "Normal" Case 2048: GetAttribute = "C": Case 2049: _ GetAttribute = "RC": Case 2050: GetAttribute = _ "HC": Case 2051: GetAttribute = "RHC": Case _ 2052: GetAttribute = "SC": Case 2053: _ GetAttribute = "RSC": Case 2054: GetAttribute _ = "HSC": Case 2055: GetAttribute = "RHSC": Case _ 2080: GetAttribute = "AC": Case 2081: _ GetAttribute = "RAC": Case 2082: GetAttribute _ = "HAC": Case 2083: GetAttribute = "RHAC": Case _ 2084: GetAttribute = "SAC": Case 2085: _ GetAttribute = "RSAC": Case 2086: GetAttribute _ = "HSAC": Case 2087: GetAttribute = "RHSAC" Case Else: GetAttribute = "N/A" End SelectEnd Function
Public Function GetFileName(ByVal sFileName As String) As String Dim buffer As String buffer = String(255, 0) GetFileTitle sFileName, buffer, Len(buffer) buffer = StripNulls(buffer) GetFileName = bufferEnd Function
Public Function GetSizeOfFile(ByVal PathFile As String) As Long Dim hFile As Long, OFS As OFSTRUCT hFile = OpenFile(PathFile, OFS, 0) GetSizeOfFile = GetFileSize(hFile, 0) Call CloseHandle(hFile)End Function
Public Function GetMemory(ProcessID As Long) As String On Error Resume Next Dim byteSize As Double, hProcess As Long, ProcMem As PROCESS_MEMORY_COUNTERS ProcMem.cb = LenB(ProcMem) hProcess = OpenProcess(PROCESS_QUERY_INFORMATION Or PROCESS_VM_READ, 0, ProcessID) If hProcess <= 0 Then GetMemory = "N/A": Exit Function GetProcessMemoryInfo hProcess, ProcMem, ProcMem.cb byteSize = ProcMem.WorkingSetSize GetMemory = byteSize Call CloseHandle(hProcess)End Function
Private Function GetLongPath(ByVal ShortPath As String) As String Dim lngRet As Long GetLongPath = String$(MAX_PATH, vbNullChar) lngRet = GetLongPathName(ShortPath, GetLongPath, Len(GetLongPath)) If lngRet > Len(GetLongPath) Then GetLongPath = String$(lngRet, vbNullChar) lngRet = GetLongPathName(ShortPath, GetLongPath, lngRet) End If If Not lngRet = 0 Then GetLongPath = Left$(GetLongPath, lngRet)End Function
Public Function GetVerHeader(ByVal fPN$, ByRef oFP As VERHEADER) Dim lngBufferlen&, lngDummy&, lngRc&, lngVerPointer&, lngHexNumber&, i% Dim bytBuffer() As Byte, bytBuff(255) As Byte, strBuffer$, strLangCharset$, _ strVersionInfo(11) As String, strTemp[ wind_phpcode_6 ]nbsp; If Dir(fPN$, vbHidden + vbArchive + vbNormal + vbReadOnly + vbSystem) = "" Then With oFP .CompanyName = "The file """ & GetShortPath(fPN) & """ N/A" .FileDescription = "The file """ & GetShortPath(fPN) & """ N/A" .FileVersion = "The file """ & GetShortPath(fPN) & """ N/A" .InternalName = "The file """ & GetShortPath(fPN) & """ N/A" .LegalCopyright = "The file """ & GetShortPath(fPN) & """ N/A" .OrigionalFileName = "The file """ & GetShortPath(fPN) & """ N/A" .ProductName = "The file """ & GetShortPath(fPN) & """ N/A" .ProductVersion = "The file """ & GetShortPath(fPN) & """ N/A" .Comments = "The file """ & GetShortPath(fPN) & """ N/A" .LegalTradeMarks = "The file """ & GetShortPath(fPN) & """ N/A" .PrivateBuild = "The file """ & GetShortPath(fPN) & """ N/A" .SpecialBuild = "The file """ & GetShortPath(fPN) & """ N/A" End With Exit Function End If lngBufferlen = GetFileVersionInfoSize(fPN$, 0) If lngBufferlen > 0 Then ReDim bytBuffer(lngBufferlen) lngRc = GetFileVersionInfo(fPN$, 0&, lngBufferlen, bytBuffer(0)) If lngRc <> 0 Then lngRc = VerQueryValue(bytBuffer(0), "\VarFileInfo\Translation", _ lngVerPointer, lngBufferlen) If lngRc <> 0 Then MoveMemory bytBuff(0), lngVerPointer, lngBufferlen lngHexNumber = bytBuff(2) + bytBuff(3) * &H100 + bytBuff(0) * _ &H10000 + bytBuff(1) * &H1000000 strLangCharset = Hex(lngHexNumber) Do While Len(strLangCharset) < 8 strLangCharset = "0" & strLangCharset Loop strVersionInfo(0) = "CompanyName" strVersionInfo(1) = "FileDescription" strVersionInfo(2) = "FileVersion" strVersionInfo(3) = "InternalName" strVersionInfo(4) = "LegalCopyright" strVersionInfo(5) = "OriginalFileName" strVersionInfo(6) = "[s:9]roductName" strVersionInfo(7) = "[s:9]roductVersion" strVersionInfo(8) = "Comments" strVersionInfo(9) = "LegalTrademarks" strVersionInfo(10) = "[s:9]rivateBuild" strVersionInfo(11) = "SpecialBuild" For i = 0 To 11 strBuffer = String$(255, 0) strTemp = "\StringFileInfo\" & strLangCharset & "\" & _ strVersionInfo(i) lngRc = VerQueryValue(bytBuffer(0), strTemp, lngVerPointer, _ lngBufferlen) If lngRc <> 0 Then lstrcpy strBuffer, lngVerPointer strBuffer = Mid$(strBuffer, 1, InStr(strBuffer, Chr(0)) - 1) strVersionInfo(i) = strBuffer Else strVersionInfo(i) = "" End If Next i End If End If End If For i = 0 To 11 If Trim(strVersionInfo(i)) = "" Then strVersionInfo(i) = "" Next i With oFP .CompanyName = strVersionInfo(0) .FileDescription = strVersionInfo(1) .FileVersion = strVersionInfo(2) .InternalName = strVersionInfo(3) .LegalCopyright = strVersionInfo(4) .OrigionalFileName = strVersionInfo(5) .ProductName = strVersionInfo(6) .ProductVersion = strVersionInfo(7) .Comments = strVersionInfo(8) .LegalTradeMarks = strVersionInfo(9) .PrivateBuild = strVersionInfo(10) .SpecialBuild = strVersionInfo(11) End WithEnd Function
Private Function GetShortPath(ByVal strFileName As String) As String Dim lngRet As Long GetShortPath = String$(MAX_PATH, vbNullChar) lngRet = GetShortPathNameA(strFileName, GetShortPath, MAX_PATH) If Not lngRet = 0 Then GetShortPath = Left$(GetShortPath, lngRet)End Function
Public Function GetModuleProcessID(lvwProc As ListView, _ ItemProcID As Integer, lvwModule As ListView, ilsModule As ImageList) As Long On Error Resume Next Dim ExePath As String Dim uProcess As MODULEENTRY32 Dim hSnapShot As Long Dim hPID As Long Dim lMod As Long Dim intLVW As Integer Dim i As Integer Dim lvwItem As ListItem Dim hVer As VERHEADER hPID = XXXXXXXXXXlectedItem.SubItems(ItemProcID) hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, hPID) uProcess.dwSize = Len(uProcess) lMod = Module32First(hSnapShot, uProcess) XXXXXXXXXXXXXXXXXXXXXXear XXXXXXXXXXXXXXXXXXXXXXXear i = 0 Do While lMod i = i + 1 ExePath = StripNulls(XXXXXXXXXXXExePath) GetVerHeader ExePath, hVer XXXXXXXXXXXXXXXXXXXXXXXd i, , GetIco.Icon(ExePath, SmallIcon) Set lvwItem = XXXXXXXXXXXXXXXXXXXXXXd(, , GetLongPath(ExePath), , i) With lvwItem .SubItems(1) = XXXXXXXleDescription .SubItems(2) = GetPathType(ExePath) .SubItems(3) = XXXXXXXleVersion End With lMod = Module32Next(hSnapShot, uProcess) Loop Call CloseHandle(hSnapShot) For intLVW = 1 To XXXXXXXXXXXXXXXXXXXXXXXXXXunt LV_AutoSizeColumn lvwModule, XXXXXXXXXXXXXXXXXXXXXXXXXXem(intLVW) Next intLVWEnd Function
Sub ScanProcess(showMode As Boolean) On Error Resume Next Dim ExePath As String Dim hProcSnap As Long, hModuleSnap As Long, _ lProc As Long Dim uProcess As PROCESSENTRY32, _ uModule As MODULEENTRY32 Dim hPID As Long, hExitCode As Long ExePath = String$(128, Chr$(0)) hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0&) uProcess.dwSize = Len(uProcess) lProc = Process32First(hProcSnap, uProcess) Do While lProc If XXXXXXXXXXX32ProcessID <> 0 Then hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, _ XXXXXXXXXXX32ProcessID) uModule.dwSize = Len(uModule) Module32First hModuleSnap, uModule If hModuleSnap > 0 Then DoEvents Sleep 10 ExePath = StripNulls(XXXXXXXXXXExePath) If showMode = True Then XXXXXXXXXXXXXXXXXXption = GetLongPath(ExePath) nMemory = nMemory + 1 End If If IsVirus(ExePath) Then hPID = OpenProcess(1&, -1&, XXXXXXXXXXX32ProcessID) hExitCode = TerminateProcess(hPID, 0&) Call CloseHandle(hPID) End If End If End If lProc = Process32Next(hProcSnap, uProcess) Loop Call CloseHandle(hProcSnap)End Sub
Public Function GetAppID() As Long GetAppID = GetCurrentProcessIdEnd Function
Public Sub TerminateVirusProcess(strFileName As String) On Error Resume Next Dim ExePath As String Dim hProcSnap As Long, hModuleSnap As Long, _ lProc As Long Dim uProcess As PROCESSENTRY32, _ uModule As MODULEENTRY32 Dim hPID As Long, hExitCode As Long ExePath = String$(128, Chr$(0)) hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0&) uProcess.dwSize = Len(uProcess) lProc = Process32First(hProcSnap, uProcess) Do While lProc If XXXXXXXXXXX32ProcessID <> 0 Then hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, _ XXXXXXXXXXX32ProcessID) uModule.dwSize = Len(uModule) Module32First hModuleSnap, uModule If hModuleSnap > 0 Then ExePath = StripNulls(XXXXXXXXXXExePath) If ExePath = strFileName Then hPID = OpenProcess(1&, -1&, XXXXXXXXXXX32ProcessID) hExitCode = TerminateProcess(hPID, 0&) Call CloseHandle(hPID) End If End If End If lProc = Process32Next(hProcSnap, uProcess) Loop Call CloseHandle(hProcSnap)End Sub
Option Explicit
Private Declare Function RegCreateKey Lib _ "advapi32.dll" Alias "RegCreateKeyA" ( _ ByVal hKey As Long, _ ByVal lpSubKey As String, _ phkResult As Long) As LongPrivate Declare Function RegSetValueEx Lib _ "advapi32.dll" Alias "RegSetValueExA" ( _ ByVal hKey As Long, _ ByVal lpValueName As String, _ ByVal Reserved As Long, _ ByVal dwType As Long, _ lpData As Any, _ ByVal cbData As Long) As LongPrivate Declare Function RegOpenKey Lib _ "advapi32.dll" Alias "RegOpenKeyA" ( _ ByVal hKey As Long, _ ByVal lpSubKey As String, _ phkResult As Long) As LongPrivate Declare Function RegDeleteValue Lib _ "advapi32.dll" Alias "RegDeleteValueA" ( _ ByVal hKey As Long, _ ByVal lpValueName As String) As LongPrivate Declare Function RegOpenKeyEx Lib _ "advapi32.dll" Alias "RegOpenKeyExA" ( _ ByVal hKey As Long, _ ByVal lpSubKey As String, _ ByVal ulOptions As Long, _ ByVal samDesired As Long, _ phkResult As Long) As LongPrivate Declare Function RegCloseKey Lib _ "advapi32.dll" ( _ ByVal hKey As Long) As LongPrivate Declare Function RegQueryValueEx Lib _ "advapi32.dll" Alias "RegQueryValueExA" ( _ ByVal hKey As Long, _ ByVal lpValueName As String, _ ByVal lpReserved As Long, _ lpType As Long, _ ByVal lpData As String, _ lpcbData As Long) As LongPrivate Declare Function RegQueryValueExA Lib _ "advapi32.dll" ( _ ByVal hKey As Long, _ ByVal lpValueName As String, _ ByVal lpReserved As Long, _ lpType As Long, _ ByRef lpData As Long, _ lpcbData As Long) As Long
Private Const ERROR_SUCCESS = 0&[s:9]rivate Const REG_SZ = 1&[s:9]rivate Const REG_DWORD = 4&[s:9]rivate Const KEY_QUERY_VALUE = &H1&[s:9]rivate Const KEY_SET_VALUE = &H2&[s:9]rivate Const KEY_ENUMERATE_SUB_KEYS = &H8&[s:9]rivate Const KEY_NOTIFY = &H10&[s:9]rivate Const READ_CONTROL = &H20000Private Const STANDARD_RIGHTS_READ = READ_CONTROLPrivate Const KEY_READ = STANDARD_RIGHTS_READ Or _ KEY_QUERY_VALUE Or KEY_ENUMERATE_SUB_KEYS Or KEY_NOTIFY
Dim MainKeyHandle As REGDim rtn As Long, lBuffer As Long, sBuffer As StringDim lBufferSize As LongDim lDataSize As LongDim lKey As Long
Public Enum REG HKEY_CURRENT_USER = &H80000001 HKEY_CLASSES_ROOT = &H80000000 HKEY_CURRENT_CONFIG = &H80000005 HKEY_LOCAL_MACHINE = &H80000002 HKEY_USERS = &H80000003End Enum
Public Const SMP_KEY As String = "Software\Simple Machine Protect"
Public Function CreateRegistryKey(hKey As REG, sSubKey As String) Dim lReg As Long RegCreateKey hKey, sSubKey, lReg RegCloseKey lRegEnd Function
Public Function GetDWORDValue(hKey As REG, SubKey As String, Entry As String) Dim ret As Long rtn = RegOpenKeyEx(hKey, SubKey, 0, KEY_READ, ret) If rtn = ERROR_SUCCESS Then rtn = RegQueryValueExA(ret, Entry, 0, REG_DWORD, lBuffer, 4) If rtn = ERROR_SUCCESS Then rtn = RegCloseKey(ret) GetDWORDValue = lBuffer Else GetDWORDValue = "Error" End If Else GetDWORDValue = "Error" End IfEnd Function
Public Function GetSTRINGValue(hKey As REG, SubKey As String, Entry As String) Dim ret As Long rtn = RegOpenKeyEx(hKey, SubKey, 0, KEY_READ, ret) If rtn = ERROR_SUCCESS Then sBuffer = Space(255) lBufferSize = Len(sBuffer) rtn = RegQueryValueEx(ret, Entry, 0, REG_SZ, sBuffer, lBufferSize) If rtn = ERROR_SUCCESS Then rtn = RegCloseKey(ret) sBuffer = Trim(sBuffer) GetSTRINGValue = Left(sBuffer, Len(sBuffer) - 1) Else GetSTRINGValue = "Error" End If Else GetSTRINGValue = "Error" End IfEnd Function
Public Function CreateDwordValue(hKey As REG, SubKey As String, _ strValueName As String, dwordData As Long) As Long Dim ret As Long RegCreateKey hKey, SubKey, ret CreateDwordValue = RegSetValueEx(ret, strValueName, 0, REG_DWORD, dwordData, 4) RegCloseKey retEnd Function
Public Function CreateStringValue(hKey As REG, SubKey As String, _ strValueName As String, strdata As String) As Long Dim ret As Long RegCreateKey hKey, SubKey, ret CreateStringValue = RegSetValueEx(ret, strValueName, 0, _ REG_SZ, ByVal strdata, Len(strdata)) RegCloseKey retEnd Function
Public Function DeleteValue(hKey As REG, SubKey As String, lpValName As String) As Long Dim ret As Long RegOpenKey hKey, SubKey, ret DeleteValue = RegDeleteValue(ret, lpValName) RegCloseKey retEnd Function
Option Explicit
Public Declare Function ShellExecute Lib "shell32.dll" Alias "ShellExecuteA" (ByVal hwnd As Long, ByVal lpOperation As String, ByVal lpFile As String, ByVal lpParameters As String, ByVal lpDirectory As String, ByVal nShowCmd As Long) As LongPublic Enum ShowStyle vbHide vbMaximizedFocus vbMinimizedFocus vbMinimizedNoFocus vbNormalFocus vbNormalNoFocusEnd Enum
Public Function OpenFile(ByVal OpenName As String, Optional ByVal InitDir As String = vbNullString, Optional ByVal msgStyle As ShowStyle = vbNormalFocus) ShellExecute 0&, vbNullString, OpenName, vbNullString, InitDir, msgStyleEnd Function
类模块代码下次送上
求详情
什么扫描方式?
特征码?特征码 PE结构分析?虚拟机?
什么扫描方式?
特征码?特征码 PE结构分析?虚拟机?
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
单纯扫特征码很好过,PE头也一样,没启发式,主动,就是废物。
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
回 6楼(qg2010) 的帖子
特征码+PE分析只是杀软的基础。。。
启发式只是小把戏
虚拟机实现难,M$没提供Windows NT 5.1/6.1这两个版本的bin...
主动也没那么神,改了SSDT只是对ring3下的进程有些效果。如果做成驱动或者M$有爆漏洞照样过。
启发式只是小把戏
虚拟机实现难,M$没提供Windows NT 5.1/6.1这两个版本的bin...
主动也没那么神,改了SSDT只是对ring3下的进程有些效果。如果做成驱动或者M$有爆漏洞照样过。
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
回 7楼(phpskycn) 的帖子
恩,版主说的是,开源代码也只能做到这一点,何必要外部搭建?
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
类模块代码:
Private Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal hwnd As Long, ByVal Msg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long 'Variable Declarations Private m_CRC32Asmbl() As Byte Private m_CRC32Table(0 To 255) As Long '//--Procedures--// Function FileChecksum(File As String) As String 'Returns the CRC32 checksum value of a specified file. 'Make sure the file isn't empty or invalid to avoid errors later If Len(Dir$(File)) = 0 Then Exit Function End If On Error GoTo Err_Handler Dim Arr() As Byte Dim f As Integer f = FreeFile 'Get any available file number for use Open File For Binary Access Read As f 'Redimensionized array according to length of file ReDim Arr(0 To LOF(f) - 1) As Byte Get #f, , Arr() 'Get file contents Close #f 'Calculate CRC32 checksum FileChecksum = Hex$(CalculateBytes(Arr)) Err_Handler: End Function Function StringChecksum(Str As String) As String 'Returns the CRC32 checksum value of the specified string. 'Make sure the string has contents before execution to avoid errors If Not Len(Str) = 0 Then 'Convert into an array of bytes StringChecksum = Hex$(CalculateBytes(StrConv(Str, vbFromUnicode))) End If End Function '[s:9]rivate Function Private Function CalculateBytes(Arr() As Byte) As Long Dim CRC32 As Long CRC32 = &HFFFFFFFF 'CRC32 must have this default value 'Suppress error if array isn't dimensionized On Local Error GoTo Err_Handler Dim i As Long i = UBound(Arr) - LBound(Arr) + 1 '[s:9]recalculate size of array 'Execute the precompiled assembler code to calculate and generate CRC32 checksum value Call CallWindowProc(VarPtr(m_CRC32Asmbl(0)), VarPtr(CRC32), VarPtr(Arr(LBound(Arr))), VarPtr(m_CRC32Table(0)), i) Err_Handler: CalculateBytes = (Not CRC32) 'Return CRC32 value End Function 'Class Procedures Private Sub Class_Initialize() Dim i As Long ' Dim j As Long ' Dim lCRC32 As Long ' Const lXOR32 As Long = &HEDB88320 ' For i = 0 To 255 ' lCRC32 = i ' ' For j = 8 To 1 Step -1 ' If (lCRC32 And 1) Then ' lCRC32 = ((lCRC32 And &HFFFFFFFE) \\ 2&) And &H7FFFFFFF ' lCRC32 = lCRC32 Xor lxor32 ' Else ' lCRC32 = ((lCRC32 And &HFFFFFFFE) \\ 2&) And &H7FFFFFFF ' End If ' Next j ' ' m_CRC32Table(i) = lCRC32 ' Next i m_CRC32Table(0) = &H0 m_CRC32Table(1) = &H77073096 m_CRC32Table(2) = &HEE0E612C m_CRC32Table(3) = &H990951BA m_CRC32Table(4) = &H76DC419 m_CRC32Table(5) = &H706AF48F m_CRC32Table(6) = &HE963A535 m_CRC32Table(7) = &H9E6495A3 m_CRC32Table(8) = &HEDB8832 m_CRC32Table(9) = &H79DCB8A4 m_CRC32Table(10) = &HE0D5E91E m_CRC32Table(11) = &H97D2D988 m_CRC32Table(12) = &H9B64C2B m_CRC32Table(13) = &H7EB17CBD m_CRC32Table(14) = &HE7B82D07 m_CRC32Table(15) = &H90BF1D91 m_CRC32Table(16) = &H1DB71064 m_CRC32Table(17) = &H6AB020F2 m_CRC32Table(18) = &HF3B97148 m_CRC32Table(19) = &H84BE41DE m_CRC32Table(20) = &H1ADAD47D m_CRC32Table(21) = &H6DDDE4EB m_CRC32Table(22) = &HF4D4B551 m_CRC32Table(23) = &H83D385C7 m_CRC32Table(24) = &H136C9856 m_CRC32Table(25) = &H646BA8C0 m_CRC32Table(26) = &HFD62F97A m_CRC32Table(27) = &H8A65C9EC m_CRC32Table(28) = &H14015C4F m_CRC32Table(29) = &H63066CD9 m_CRC32Table(30) = &HFA0F3D63 m_CRC32Table(31) = &H8D080DF5 m_CRC32Table(32) = &H3B6E20C8 m_CRC32Table(33) = &H4C69105E m_CRC32Table(34) = &HD56041E4 m_CRC32Table(35) = &HA2677172 m_CRC32Table(36) = &H3C03E4D1 m_CRC32Table(37) = &H4B04D447 m_CRC32Table(38) = &HD20D85FD m_CRC32Table(39) = &HA50AB56B m_CRC32Table(40) = &H35B5A8FA m_CRC32Table(41) = &H42B2986C m_CRC32Table(42) = &HDBBBC9D6 m_CRC32Table(43) = &HACBCF940 m_CRC32Table(44) = &H32D86CE3 m_CRC32Table(45) = &H45DF5C75 m_CRC32Table(46) = &HDCD60DCF m_CRC32Table(47) = &HABD13D59 m_CRC32Table(48) = &H26D930AC m_CRC32Table(49) = &H51DE003A m_CRC32Table(50) = &HC8D75180 m_CRC32Table(51) = &HBFD06116 m_CRC32Table(52) = &H21B4F4B5 m_CRC32Table(53) = &H56B3C423 m_CRC32Table(54) = &HCFBA9599 m_CRC32Table(55) = &HB8BDA50F m_CRC32Table(56) = &H2802B89E m_CRC32Table(57) = &H5F058808 m_CRC32Table(58) = &HC60CD9B2 m_CRC32Table(59) = &HB10BE924 m_CRC32Table(60) = &H2F6F7C87 m_CRC32Table(61) = &H58684C11 m_CRC32Table(62) = &HC1611DAB m_CRC32Table(63) = &HB6662D3D m_CRC32Table(64) = &H76DC4190 m_CRC32Table(65) = &H1DB7106 m_CRC32Table(66) = &H98D220BC m_CRC32Table(67) = &HEFD5102A m_CRC32Table(68) = &H71B18589 m_CRC32Table(69) = &H6B6B51F m_CRC32Table(70) = &H9FBFE4A5 m_CRC32Table(71) = &HE8B8D433 m_CRC32Table(72) = &H7807C9A2 m_CRC32Table(73) = &HF00F934 m_CRC32Table(74) = &H9609A88E m_CRC32Table(75) = &HE10E9818 m_CRC32Table(76) = &H7F6A0DBB m_CRC32Table(77) = &H86D3D2D m_CRC32Table(78) = &H91646C97 m_CRC32Table(79) = &HE6635C01 m_CRC32Table(80) = &H6B6B51F4 m_CRC32Table(81) = &H1C6C6162 m_CRC32Table(82) = &H856530D8 m_CRC32Table(83) = &HF262004E m_CRC32Table(84) = &H6C0695ED m_CRC32Table(85) = &H1B01A57B m_CRC32Table(86) = &H8208F4C1 m_CRC32Table(87) = &HF50FC457 m_CRC32Table(88) = &H65B0D9C6 m_CRC32Table(89) = &H12B7E950 m_CRC32Table(90) = &H8BBEB8EA m_CRC32Table(91) = &HFCB9887C m_CRC32Table(92) = &H62DD1DDF m_CRC32Table(93) = &H15DA2D49 m_CRC32Table(94) = &H8CD37CF3 m_CRC32Table(95) = &HFBD44C65 m_CRC32Table(96) = &H4DB26158 m_CRC32Table(97) = &H3AB551CE m_CRC32Table(98) = &HA3BC0074 m_CRC32Table(99) = &HD4BB30E2 m_CRC32Table(100) = &H4ADFA541 m_CRC32Table(101) = &H3DD895D7 m_CRC32Table(102) = &HA4D1C46D m_CRC32Table(103) = &HD3D6F4FB m_CRC32Table(104) = &H4369E96A m_CRC32Table(105) = &H346ED9FC m_CRC32Table(106) = &HAD678846 m_CRC32Table(107) = &HDA60B8D0 m_CRC32Table(108) = &H44042D73 m_CRC32Table(109) = &H33031DE5 m_CRC32Table(110) = &HAA0A4C5F m_CRC32Table(111) = &HDD0D7CC9 m_CRC32Table(112) = &H5005713C m_CRC32Table(113) = &H270241AA m_CRC32Table(114) = &HBE0B1010 m_CRC32Table(115) = &HC90C2086 m_CRC32Table(116) = &H5768B525 m_CRC32Table(117) = &H206F85B3 m_CRC32Table(118) = &HB966D409 m_CRC32Table(119) = &HCE61E49F m_CRC32Table(120) = &H5EDEF90E m_CRC32Table(121) = &H29D9C998 m_CRC32Table(122) = &HB0D09822 m_CRC32Table(123) = &HC7D7A8B4 m_CRC32Table(124) = &H59B33D17 m_CRC32Table(125) = &H2EB40D81 m_CRC32Table(126) = &HB7BD5C3B m_CRC32Table(127) = &HC0BA6CAD m_CRC32Table(128) = &HEDB88320 m_CRC32Table(129) = &H9ABFB3B6 m_CRC32Table(130) = &H3B6E20C m_CRC32Table(131) = &H74B1D29A m_CRC32Table(132) = &HEAD54739 m_CRC32Table(133) = &H9DD277AF m_CRC32Table(134) = &H4DB2615 m_CRC32Table(135) = &H73DC1683 m_CRC32Table(136) = &HE3630B12 m_CRC32Table(137) = &H94643B84 m_CRC32Table(138) = &HD6D6A3E m_CRC32Table(139) = &H7A6A5AA8 m_CRC32Table(140) = &HE40ECF0B m_CRC32Table(141) = &H9309FF9D m_CRC32Table(142) = &HA00AE27 m_CRC32Table(143) = &H7D079EB1 m_CRC32Table(144) = &HF00F9344 m_CRC32Table(145) = &H8708A3D2 m_CRC32Table(146) = &H1E01F268 m_CRC32Table(147) = &H6906C2FE m_CRC32Table(148) = &HF762575D m_CRC32Table(149) = &H806567CB m_CRC32Table(150) = &H196C3671 m_CRC32Table(151) = &H6E6B06E7 m_CRC32Table(152) = &HFED41B76 m_CRC32Table(153) = &H89D32BE0 m_CRC32Table(154) = &H10DA7A5A m_CRC32Table(155) = &H67DD4ACC m_CRC32Table(156) = &HF9B9DF6F m_CRC32Table(157) = &H8EBEEFF9 m_CRC32Table(158) = &H17B7BE43 m_CRC32Table(159) = &H60B08ED5 m_CRC32Table(160) = &HD6D6A3E8 m_CRC32Table(161) = &HA1D1937E m_CRC32Table(162) = &H38D8C2C4 m_CRC32Table(163) = &H4FDFF252 m_CRC32Table(164) = &HD1BB67F1 m_CRC32Table(165) = &HA6BC5767 m_CRC32Table(166) = &H3FB506DD m_CRC32Table(167) = &H48B2364B m_CRC32Table(168) = &HD80D2BDA m_CRC32Table(169) = &HAF0A1B4C m_CRC32Table(170) = &H36034AF6 m_CRC32Table(171) = &H41047A60 m_CRC32Table(172) = &HDF60EFC3 m_CRC32Table(173) = &HA867DF55 m_CRC32Table(174) = &H316E8EEF m_CRC32Table(175) = &H4669BE79 m_CRC32Table(176) = &HCB61B38C m_CRC32Table(177) = &HBC66831A m_CRC32Table(178) = &H256FD2A0 m_CRC32Table(179) = &H5268E236 m_CRC32Table(180) = &HCC0C7795 m_CRC32Table(181) = &HBB0B4703 m_CRC32Table(182) = &H220216B9 m_CRC32Table(183) = &H5505262F m_CRC32Table(184) = &HC5BA3BBE m_CRC32Table(185) = &HB2BD0B28 m_CRC32Table(186) = &H2BB45A92 m_CRC32Table(187) = &H5CB36A04 m_CRC32Table(188) = &HC2D7FFA7 m_CRC32Table(189) = &HB5D0CF31 m_CRC32Table(190) = &H2CD99E8B m_CRC32Table(191) = &H5BDEAE1D m_CRC32Table(192) = &H9B64C2B0 m_CRC32Table(193) = &HEC63F226 m_CRC32Table(194) = &H756AA39C m_CRC32Table(195) = &H26D930A m_CRC32Table(196) = &H9C0906A9 m_CRC32Table(197) = &HEB0E363F m_CRC32Table(198) = &H72076785 m_CRC32Table(199) = &H5005713 m_CRC32Table(200) = &H95BF4A82 m_CRC32Table(201) = &HE2B87A14 m_CRC32Table(202) = &H7BB12BAE m_CRC32Table(203) = &HCB61B38 m_CRC32Table(204) = &H92D28E9B m_CRC32Table(205) = &HE5D5BE0D m_CRC32Table(206) = &H7CDCEFB7 m_CRC32Table(207) = &HBDBDF21 m_CRC32Table(208) = &H86D3D2D4 m_CRC32Table(209) = &HF1D4E242 m_CRC32Table(210) = &H68DDB3F8 m_CRC32Table(211) = &H1FDA836E m_CRC32Table(212) = &H81BE16CD m_CRC32Table(213) = &HF6B9265B m_CRC32Table(214) = &H6FB077E1 m_CRC32Table(215) = &H18B74777 m_CRC32Table(216) = &H88085AE6 m_CRC32Table(217) = &HFF0F6A70 m_CRC32Table(218) = &H66063BCA m_CRC32Table(219) = &H11010B5C m_CRC32Table(220) = &H8F659EFF m_CRC32Table(221) = &HF862AE69 m_CRC32Table(222) = &H616BFFD3 m_CRC32Table(223) = &H166CCF45 m_CRC32Table(224) = &HA00AE278 m_CRC32Table(225) = &HD70DD2EE m_CRC32Table(226) = &H4E048354 m_CRC32Table(227) = &H3903B3C2 m_CRC32Table(228) = &HA7672661 m_CRC32Table(229) = &HD06016F7 m_CRC32Table(230) = &H4969474D m_CRC32Table(231) = &H3E6E77DB m_CRC32Table(232) = &HAED16A4A m_CRC32Table(233) = &HD9D65ADC m_CRC32Table(234) = &H40DF0B66 m_CRC32Table(235) = &H37D83BF0 m_CRC32Table(236) = &HA9BCAE53 m_CRC32Table(237) = &HDEBB9EC5 m_CRC32Table(238) = &H47B2CF7F m_CRC32Table(239) = &H30B5FFE9 m_CRC32Table(240) = &HBDBDF21C m_CRC32Table(241) = &HCABAC28A m_CRC32Table(242) = &H53B39330 m_CRC32Table(243) = &H24B4A3A6 m_CRC32Table(244) = &HBAD03605 m_CRC32Table(245) = &HCDD70693 m_CRC32Table(246) = &H54DE5729 m_CRC32Table(247) = &H23D967BF m_CRC32Table(248) = &HB3667A2E m_CRC32Table(249) = &HC4614AB8 m_CRC32Table(250) = &H5D681B02 m_CRC32Table(251) = &H2A6F2B94 m_CRC32Table(252) = &HB40BBE37 m_CRC32Table(253) = &HC30C8EA1 m_CRC32Table(254) = &H5A05DF1B m_CRC32Table(255) = &H2D02EF8D Const ASM As String = "5589E557565053518B45088B008B750C8B7D108B4D1431DB8A1E30C3C1E80833049F464975F28B4D088901595B585E5F89EC5DC21000" ' Decoded ASM source from HIEW 6.86 (Hacker's View) ' ' 55 PUSH BP ' 89E5 MOV BP,SP ' 57 PUSH DI ' 56 PUSH SI ' 50 PUSH AX ' 53 PUSH BX ' 51 PUSH CX ' 8B4508 MOV AX,DI[08] ' 8B00 MOV AX,BX[SI] ' 8B750C MOV SI,DI[0C] ' 8B7D10 MOV DI,DI[10] ' 8B4D14 MOV CX,DI[14] ' 31DB XOR BX,BX ' 8A1E30C3 MOV BL,0C330 ' C1E808 SHR AX,008 <-. ' 3304 XOR AX,[SI] | ' 9F LAHF | ' 46 INC SI | ' 49 DEC CX | ' 75F2 JNE 000000018 -' ' 8B4D08 MOV CX,DI[08] ' 8901 MOV BX[DI],AX ' 59 POP CX ' 5B POP BX ' 58 POP AX ' 5E POP SI ' 5F POP DI ' 89EC MOV SP,BP ' 5D POP BP ' C21000 RETN 00010 ReDim m_CRC32Asmbl(0 To Len(ASM) \\ 2 - 1) 'Initialize CRC32 precompiled assembly code For i = 1 To Len(ASM) Step 2 m_CRC32Asmbl(i \\ 2) = Val("&H" & Mid$(ASM, i, 2)) Next i End Sub 'Created by Noel A. Dacara | Copyright ?2003-2005 Davao City, Philippines
Option Explicit
'Author : Noel A. Dacara (noeldacara@XXXXXXXXX)'Filename : Get File XXXXXXXs (cFileIcon Class Module)'Description : Get icon(s) of an existing file'Date : Tuesday, January 07, 2003, 10:12 AM'Last Update : Friday, November 25, 2005, 12:28 AM
'You can freely use and distribute this class or upload these codes on any site'provided that the original credits are kept unmodified.
'Keep note that :'If File property is not set, the current directory will automatically be used by API.
'Credits goes to:'Makers of the great Win32 Programmer's Reference, don't know who you are but thanks.'Christoph von Wittich (Christoph@XXXXXXXXXXX), author of ApiViewer 2004 for the APIs
'Modified API DeclarationPrivate Declare Function SHGetFileInfo Lib "shell32.dll" Alias "SHGetFileInfoA" (ByVal pszPath As String, ByVal dwFileAttributes As Long, ByRef psfi As SHFILEINFO, ByVal cbFileInfo As Long, ByVal uFlags As ESHGetFileInfoFlagConstants) As LongPrivate Declare Sub OleCreatePictureIndirect Lib "oleaut32.dll" (ByRef lpPictDesc As PictDesc, ByRef riid As Guid, ByVal fOwn As Long, ByRef lplpvObj As IPictureDisp)
'API ConstantsPrivate Const ERRORAPI As Long = 0Private Const MAX_PATH As Long = 260
'API TypesPrivate Type Guid Data1 As Long Data2 As Integer Data3 As Integer Data4(0 To 7) As ByteEnd Type
Private Type PictDesc cbSizeofStruct As Long picType As Long hImage As Long xExt As Long yExt As LongEnd Type
Private Type SHFILEINFO hIcon As Long ' : icon iIcon As Long ' : icondex dwAttributes As Long ' : SFGAO_ flags szDisplayName As String * MAX_PATH ' : display name (or path) szTypeName As String * 80 ' : type nameEnd Type
'User-Defined API EnumPrivate Enum ESHGetFileInfoFlagConstants SHGFI_ATTRIBUTES = &H800 'get file attributes SHGFI_DISPLAYNAME = &H200 'get display name SHGFI_EXETYPE = &H2000 'get exe type SHGFI_ICON = &H100 'get icon handle and index SHGFI_LARGEICON = &H0 'get file's large icon SHGFI_LINKOVERLAY = &H8000 'add link overlay on the icon SHGFI_OPENICON = &H2 'get file's open icon SHGFI_SELECTED = &H10000 'blend icon with the system highlight color SHGFI_SHELLICONSIZE = &H4 'get shell-sized icon SHGFI_SMALLICON = &H1 'get file's small icon SHGFI_SYSICONINDEX = &H4000 'get icon index from system image list SHGFI_TYPENAME = &H400 'get file type description SHGFI_USEFILEATTRIBUTES = &H10 'use dwFileAttributes parameterEnd Enum
Enum EFileIconTypeConstants LargeIcon = 0 SmallIcon = 1End Enum
Enum EFileExeTypeConstants MSDosApp = 2 'MS-DOS .EXE, .COM or .BAT file NonExecutable = 0 'Nonexecutable file or an error condition Win32Console = 3 'Win32 console application WindowsApp = 1 'Windows applicationEnd Enum
'Variable DeclarationsPrivate m_File As StringPrivate m_Handle As LongPrivate m_IconType As EFileIconTypeConstantsPrivate m_OpenState As BooleanPrivate m_Overlay As BooleanPrivate m_Selected As Boolean
Property Get DisplayName(Optional File) As String'Returns the display name of the specified file. Dim p_Null As Long Dim p_Ret As Long Dim p_SHFI As SHFILEINFO If IsMissing(File) Then File = m_File End If p_Ret = SHGetFileInfo(CStr(File), 0&, p_SHFI, Len(p_SHFI), SHGFI_DISPLAYNAME) If Not p_Ret = ERRORAPI Then DisplayName = p_XXXXXXXDisplayName p_Null = InStr(1, DisplayName, vbNullChar) If p_Null > 0& Then DisplayName = Left$(DisplayName, p_Null - 1) End If End IfEnd Property
Property Get ExeType(Optional File) As EFileExeTypeConstants'Returns the display name of the specified file. Dim p_Ret As Long Dim p_SHFI As SHFILEINFO If IsMissing(File) Then File = m_File End If p_Ret = SHGetFileInfo(CStr(File), 0&, p_SHFI, Len(p_SHFI), SHGFI_EXETYPE) If p_Ret = 0 Then ExeType = NonExecutable Else If HiWord(p_Ret) > 0 Then 'NE 0x00004E45 or PE 0x00005045 ExeType = WindowsApp Else Select Case LoWord(p_Ret) Case 23117 'MZ 0x00004D5A ExeType = MSDosApp Case 17744 '[s:9]E 0x00005045 ExeType = Win32Console End Select End If End IfEnd Property
Property Get File() As String'Returns/sets the complete file path to be used. File = m_FileEnd Property
Property Let File(Value As String) m_File = ValueEnd Property
Property Get Handle() As Long'Returns/sets the icon handle to be used by the IconEx property. Handle = m_HandleEnd Property
Property Let Handle(Value As Long) m_Handle = ValueEnd Property
Property Get IconType() As EFileIconTypeConstants'Returns/sets the type of icon to retrieve. IconType = m_IconTypeEnd Property
Property Let IconType(Value As EFileIconTypeConstants) m_IconType = ValueEnd Property
Property Get Icon(Optional File, Optional IconType) As IPictureDisp'Returns the icon of the specified file. If IsMissing(File) Then File = m_File End If If IsMissing(IconType) Then IconType = m_IconType End If Dim p_Flags As ESHGetFileInfoFlagConstants Dim p_hIcon As Long Dim p_Ret As Long Dim p_SHFI As SHFILEINFO If m_IconType = LargeIcon Then p_Flags = SHGFI_ICON Or SHGFI_LARGEICON Else p_Flags = SHGFI_ICON Or SHGFI_SMALLICON End If If m_Overlay Then p_Flags = p_Flags Or SHGFI_LINKOVERLAY End If If m_Selected Then p_Flags = p_Flags Or SHGFI_SELECTED Else p_Flags = p_Flags And Not SHGFI_SELECTED End If If m_OpenState Then p_Flags = p_Flags Or SHGFI_OPENICON Else p_Flags = p_Flags And Not SHGFI_OPENICON End If p_Ret = SHGetFileInfo(CStr(File), 0&, p_SHFI, Len(p_SHFI), p_Flags) If Not p_Ret = ERRORAPI Then p_hIcon = p_SHFI.hIcon If Not p_hIcon = 0& Then Set Icon = IconEx(p_hIcon) End If End IfEnd Property
Property Get IconEx(Optional hIcon As Long) As IPictureDisp'Returns the file's icon using the specified icon handle. If hIcon = 0& Then hIcon = m_Handle If hIcon = 0& Then Exit Property End If End If Dim p_Picture As IPictureDisp Dim p_PicDesc As PictDesc Dim p_Guid As Guid p_PicDesc.cbSizeofStruct = Len(p_PicDesc) p_PicDesc.picType = vbPicTypeIcon p_PicDesc.hImage = hIcon 'IPicture GUID {7BF80980-BF32-101A-8BBB-00AA00300CAB} With p_Guid .Data1 = &H7BF80980 .Data2 = &HBF32 .Data3 = &H101A .Data4(0) = &H8B .Data4(1) = &HBB .Data4(2) = &H0 .Data4(3) = &HAA .Data4(4) = &H0 .Data4(5) = &H30 .Data4(6) = &HC .Data4(7) = &HAB End With 'From vbAccelerator... (XXXXXXXXXXXXXXXXXXXXXXXXXXXX) OleCreatePictureIndirect p_PicDesc, p_Guid, True, p_Picture Set IconEx = p_PictureEnd Property
Property Get LinkOverlay() As Boolean'Returns/sets a value to determine if a linkoverlay icon is displayed on the icon. LinkOverlay = m_OverlayEnd Property
Property Let LinkOverlay(Value As Boolean) m_Overlay = ValueEnd Property
Property Get OpenState() As Boolean'Returns/sets a value to determine if the icon will be in open state. (Ex. Folders) OpenState = m_OpenStateEnd Property
Property Let OpenState(Value As Boolean) m_OpenState = ValueEnd Property
Property Get Selected() As Boolean'Returns/sets a value to determine if the icon is in selected state. Selected = m_SelectedEnd Property
Property Let Selected(Value As Boolean) m_Selected = ValueEnd Property
Property Get TypeName(Optional File) As String'Returns the type name of the specified file. Dim p_Null As Long Dim p_Ret As Long Dim p_SHFI As SHFILEINFO If IsMissing(File) Then File = m_File End If p_Ret = SHGetFileInfo(CStr(File), 0&, p_SHFI, Len(p_SHFI), SHGFI_TYPENAME) If Not p_Ret = ERRORAPI Then TypeName = p_XXXXXXXTypeName p_Null = InStr(1, TypeName, vbNullChar) If p_Null > 0& Then TypeName = Left$(TypeName, p_Null - 1) End If End IfEnd Property
'[s:9]rivate propertiesPrivate Property Get HiWord(DWord As Long) As Long HiWord = (DWord And &HFFFF0000) \\ &H10000End Property
Private Property Get LoWord(DWord As Long) As Long If DWord And &H8000& Then LoWord = DWord Or &HFFFF0000 Else LoWord = DWord And &HFFFF& End IfEnd Property
'Created by Noel A. Dacara | Copyright ?2003-2005 Davao City, Philippines
Private Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal hwnd As Long, ByVal Msg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long 'Variable Declarations Private m_CRC32Asmbl() As Byte Private m_CRC32Table(0 To 255) As Long '//--Procedures--// Function FileChecksum(File As String) As String 'Returns the CRC32 checksum value of a specified file. 'Make sure the file isn't empty or invalid to avoid errors later If Len(Dir$(File)) = 0 Then Exit Function End If On Error GoTo Err_Handler Dim Arr() As Byte Dim f As Integer f = FreeFile 'Get any available file number for use Open File For Binary Access Read As f 'Redimensionized array according to length of file ReDim Arr(0 To LOF(f) - 1) As Byte Get #f, , Arr() 'Get file contents Close #f 'Calculate CRC32 checksum FileChecksum = Hex$(CalculateBytes(Arr)) Err_Handler: End Function Function StringChecksum(Str As String) As String 'Returns the CRC32 checksum value of the specified string. 'Make sure the string has contents before execution to avoid errors If Not Len(Str) = 0 Then 'Convert into an array of bytes StringChecksum = Hex$(CalculateBytes(StrConv(Str, vbFromUnicode))) End If End Function '[s:9]rivate Function Private Function CalculateBytes(Arr() As Byte) As Long Dim CRC32 As Long CRC32 = &HFFFFFFFF 'CRC32 must have this default value 'Suppress error if array isn't dimensionized On Local Error GoTo Err_Handler Dim i As Long i = UBound(Arr) - LBound(Arr) + 1 '[s:9]recalculate size of array 'Execute the precompiled assembler code to calculate and generate CRC32 checksum value Call CallWindowProc(VarPtr(m_CRC32Asmbl(0)), VarPtr(CRC32), VarPtr(Arr(LBound(Arr))), VarPtr(m_CRC32Table(0)), i) Err_Handler: CalculateBytes = (Not CRC32) 'Return CRC32 value End Function 'Class Procedures Private Sub Class_Initialize() Dim i As Long ' Dim j As Long ' Dim lCRC32 As Long ' Const lXOR32 As Long = &HEDB88320 ' For i = 0 To 255 ' lCRC32 = i ' ' For j = 8 To 1 Step -1 ' If (lCRC32 And 1) Then ' lCRC32 = ((lCRC32 And &HFFFFFFFE) \\ 2&) And &H7FFFFFFF ' lCRC32 = lCRC32 Xor lxor32 ' Else ' lCRC32 = ((lCRC32 And &HFFFFFFFE) \\ 2&) And &H7FFFFFFF ' End If ' Next j ' ' m_CRC32Table(i) = lCRC32 ' Next i m_CRC32Table(0) = &H0 m_CRC32Table(1) = &H77073096 m_CRC32Table(2) = &HEE0E612C m_CRC32Table(3) = &H990951BA m_CRC32Table(4) = &H76DC419 m_CRC32Table(5) = &H706AF48F m_CRC32Table(6) = &HE963A535 m_CRC32Table(7) = &H9E6495A3 m_CRC32Table(8) = &HEDB8832 m_CRC32Table(9) = &H79DCB8A4 m_CRC32Table(10) = &HE0D5E91E m_CRC32Table(11) = &H97D2D988 m_CRC32Table(12) = &H9B64C2B m_CRC32Table(13) = &H7EB17CBD m_CRC32Table(14) = &HE7B82D07 m_CRC32Table(15) = &H90BF1D91 m_CRC32Table(16) = &H1DB71064 m_CRC32Table(17) = &H6AB020F2 m_CRC32Table(18) = &HF3B97148 m_CRC32Table(19) = &H84BE41DE m_CRC32Table(20) = &H1ADAD47D m_CRC32Table(21) = &H6DDDE4EB m_CRC32Table(22) = &HF4D4B551 m_CRC32Table(23) = &H83D385C7 m_CRC32Table(24) = &H136C9856 m_CRC32Table(25) = &H646BA8C0 m_CRC32Table(26) = &HFD62F97A m_CRC32Table(27) = &H8A65C9EC m_CRC32Table(28) = &H14015C4F m_CRC32Table(29) = &H63066CD9 m_CRC32Table(30) = &HFA0F3D63 m_CRC32Table(31) = &H8D080DF5 m_CRC32Table(32) = &H3B6E20C8 m_CRC32Table(33) = &H4C69105E m_CRC32Table(34) = &HD56041E4 m_CRC32Table(35) = &HA2677172 m_CRC32Table(36) = &H3C03E4D1 m_CRC32Table(37) = &H4B04D447 m_CRC32Table(38) = &HD20D85FD m_CRC32Table(39) = &HA50AB56B m_CRC32Table(40) = &H35B5A8FA m_CRC32Table(41) = &H42B2986C m_CRC32Table(42) = &HDBBBC9D6 m_CRC32Table(43) = &HACBCF940 m_CRC32Table(44) = &H32D86CE3 m_CRC32Table(45) = &H45DF5C75 m_CRC32Table(46) = &HDCD60DCF m_CRC32Table(47) = &HABD13D59 m_CRC32Table(48) = &H26D930AC m_CRC32Table(49) = &H51DE003A m_CRC32Table(50) = &HC8D75180 m_CRC32Table(51) = &HBFD06116 m_CRC32Table(52) = &H21B4F4B5 m_CRC32Table(53) = &H56B3C423 m_CRC32Table(54) = &HCFBA9599 m_CRC32Table(55) = &HB8BDA50F m_CRC32Table(56) = &H2802B89E m_CRC32Table(57) = &H5F058808 m_CRC32Table(58) = &HC60CD9B2 m_CRC32Table(59) = &HB10BE924 m_CRC32Table(60) = &H2F6F7C87 m_CRC32Table(61) = &H58684C11 m_CRC32Table(62) = &HC1611DAB m_CRC32Table(63) = &HB6662D3D m_CRC32Table(64) = &H76DC4190 m_CRC32Table(65) = &H1DB7106 m_CRC32Table(66) = &H98D220BC m_CRC32Table(67) = &HEFD5102A m_CRC32Table(68) = &H71B18589 m_CRC32Table(69) = &H6B6B51F m_CRC32Table(70) = &H9FBFE4A5 m_CRC32Table(71) = &HE8B8D433 m_CRC32Table(72) = &H7807C9A2 m_CRC32Table(73) = &HF00F934 m_CRC32Table(74) = &H9609A88E m_CRC32Table(75) = &HE10E9818 m_CRC32Table(76) = &H7F6A0DBB m_CRC32Table(77) = &H86D3D2D m_CRC32Table(78) = &H91646C97 m_CRC32Table(79) = &HE6635C01 m_CRC32Table(80) = &H6B6B51F4 m_CRC32Table(81) = &H1C6C6162 m_CRC32Table(82) = &H856530D8 m_CRC32Table(83) = &HF262004E m_CRC32Table(84) = &H6C0695ED m_CRC32Table(85) = &H1B01A57B m_CRC32Table(86) = &H8208F4C1 m_CRC32Table(87) = &HF50FC457 m_CRC32Table(88) = &H65B0D9C6 m_CRC32Table(89) = &H12B7E950 m_CRC32Table(90) = &H8BBEB8EA m_CRC32Table(91) = &HFCB9887C m_CRC32Table(92) = &H62DD1DDF m_CRC32Table(93) = &H15DA2D49 m_CRC32Table(94) = &H8CD37CF3 m_CRC32Table(95) = &HFBD44C65 m_CRC32Table(96) = &H4DB26158 m_CRC32Table(97) = &H3AB551CE m_CRC32Table(98) = &HA3BC0074 m_CRC32Table(99) = &HD4BB30E2 m_CRC32Table(100) = &H4ADFA541 m_CRC32Table(101) = &H3DD895D7 m_CRC32Table(102) = &HA4D1C46D m_CRC32Table(103) = &HD3D6F4FB m_CRC32Table(104) = &H4369E96A m_CRC32Table(105) = &H346ED9FC m_CRC32Table(106) = &HAD678846 m_CRC32Table(107) = &HDA60B8D0 m_CRC32Table(108) = &H44042D73 m_CRC32Table(109) = &H33031DE5 m_CRC32Table(110) = &HAA0A4C5F m_CRC32Table(111) = &HDD0D7CC9 m_CRC32Table(112) = &H5005713C m_CRC32Table(113) = &H270241AA m_CRC32Table(114) = &HBE0B1010 m_CRC32Table(115) = &HC90C2086 m_CRC32Table(116) = &H5768B525 m_CRC32Table(117) = &H206F85B3 m_CRC32Table(118) = &HB966D409 m_CRC32Table(119) = &HCE61E49F m_CRC32Table(120) = &H5EDEF90E m_CRC32Table(121) = &H29D9C998 m_CRC32Table(122) = &HB0D09822 m_CRC32Table(123) = &HC7D7A8B4 m_CRC32Table(124) = &H59B33D17 m_CRC32Table(125) = &H2EB40D81 m_CRC32Table(126) = &HB7BD5C3B m_CRC32Table(127) = &HC0BA6CAD m_CRC32Table(128) = &HEDB88320 m_CRC32Table(129) = &H9ABFB3B6 m_CRC32Table(130) = &H3B6E20C m_CRC32Table(131) = &H74B1D29A m_CRC32Table(132) = &HEAD54739 m_CRC32Table(133) = &H9DD277AF m_CRC32Table(134) = &H4DB2615 m_CRC32Table(135) = &H73DC1683 m_CRC32Table(136) = &HE3630B12 m_CRC32Table(137) = &H94643B84 m_CRC32Table(138) = &HD6D6A3E m_CRC32Table(139) = &H7A6A5AA8 m_CRC32Table(140) = &HE40ECF0B m_CRC32Table(141) = &H9309FF9D m_CRC32Table(142) = &HA00AE27 m_CRC32Table(143) = &H7D079EB1 m_CRC32Table(144) = &HF00F9344 m_CRC32Table(145) = &H8708A3D2 m_CRC32Table(146) = &H1E01F268 m_CRC32Table(147) = &H6906C2FE m_CRC32Table(148) = &HF762575D m_CRC32Table(149) = &H806567CB m_CRC32Table(150) = &H196C3671 m_CRC32Table(151) = &H6E6B06E7 m_CRC32Table(152) = &HFED41B76 m_CRC32Table(153) = &H89D32BE0 m_CRC32Table(154) = &H10DA7A5A m_CRC32Table(155) = &H67DD4ACC m_CRC32Table(156) = &HF9B9DF6F m_CRC32Table(157) = &H8EBEEFF9 m_CRC32Table(158) = &H17B7BE43 m_CRC32Table(159) = &H60B08ED5 m_CRC32Table(160) = &HD6D6A3E8 m_CRC32Table(161) = &HA1D1937E m_CRC32Table(162) = &H38D8C2C4 m_CRC32Table(163) = &H4FDFF252 m_CRC32Table(164) = &HD1BB67F1 m_CRC32Table(165) = &HA6BC5767 m_CRC32Table(166) = &H3FB506DD m_CRC32Table(167) = &H48B2364B m_CRC32Table(168) = &HD80D2BDA m_CRC32Table(169) = &HAF0A1B4C m_CRC32Table(170) = &H36034AF6 m_CRC32Table(171) = &H41047A60 m_CRC32Table(172) = &HDF60EFC3 m_CRC32Table(173) = &HA867DF55 m_CRC32Table(174) = &H316E8EEF m_CRC32Table(175) = &H4669BE79 m_CRC32Table(176) = &HCB61B38C m_CRC32Table(177) = &HBC66831A m_CRC32Table(178) = &H256FD2A0 m_CRC32Table(179) = &H5268E236 m_CRC32Table(180) = &HCC0C7795 m_CRC32Table(181) = &HBB0B4703 m_CRC32Table(182) = &H220216B9 m_CRC32Table(183) = &H5505262F m_CRC32Table(184) = &HC5BA3BBE m_CRC32Table(185) = &HB2BD0B28 m_CRC32Table(186) = &H2BB45A92 m_CRC32Table(187) = &H5CB36A04 m_CRC32Table(188) = &HC2D7FFA7 m_CRC32Table(189) = &HB5D0CF31 m_CRC32Table(190) = &H2CD99E8B m_CRC32Table(191) = &H5BDEAE1D m_CRC32Table(192) = &H9B64C2B0 m_CRC32Table(193) = &HEC63F226 m_CRC32Table(194) = &H756AA39C m_CRC32Table(195) = &H26D930A m_CRC32Table(196) = &H9C0906A9 m_CRC32Table(197) = &HEB0E363F m_CRC32Table(198) = &H72076785 m_CRC32Table(199) = &H5005713 m_CRC32Table(200) = &H95BF4A82 m_CRC32Table(201) = &HE2B87A14 m_CRC32Table(202) = &H7BB12BAE m_CRC32Table(203) = &HCB61B38 m_CRC32Table(204) = &H92D28E9B m_CRC32Table(205) = &HE5D5BE0D m_CRC32Table(206) = &H7CDCEFB7 m_CRC32Table(207) = &HBDBDF21 m_CRC32Table(208) = &H86D3D2D4 m_CRC32Table(209) = &HF1D4E242 m_CRC32Table(210) = &H68DDB3F8 m_CRC32Table(211) = &H1FDA836E m_CRC32Table(212) = &H81BE16CD m_CRC32Table(213) = &HF6B9265B m_CRC32Table(214) = &H6FB077E1 m_CRC32Table(215) = &H18B74777 m_CRC32Table(216) = &H88085AE6 m_CRC32Table(217) = &HFF0F6A70 m_CRC32Table(218) = &H66063BCA m_CRC32Table(219) = &H11010B5C m_CRC32Table(220) = &H8F659EFF m_CRC32Table(221) = &HF862AE69 m_CRC32Table(222) = &H616BFFD3 m_CRC32Table(223) = &H166CCF45 m_CRC32Table(224) = &HA00AE278 m_CRC32Table(225) = &HD70DD2EE m_CRC32Table(226) = &H4E048354 m_CRC32Table(227) = &H3903B3C2 m_CRC32Table(228) = &HA7672661 m_CRC32Table(229) = &HD06016F7 m_CRC32Table(230) = &H4969474D m_CRC32Table(231) = &H3E6E77DB m_CRC32Table(232) = &HAED16A4A m_CRC32Table(233) = &HD9D65ADC m_CRC32Table(234) = &H40DF0B66 m_CRC32Table(235) = &H37D83BF0 m_CRC32Table(236) = &HA9BCAE53 m_CRC32Table(237) = &HDEBB9EC5 m_CRC32Table(238) = &H47B2CF7F m_CRC32Table(239) = &H30B5FFE9 m_CRC32Table(240) = &HBDBDF21C m_CRC32Table(241) = &HCABAC28A m_CRC32Table(242) = &H53B39330 m_CRC32Table(243) = &H24B4A3A6 m_CRC32Table(244) = &HBAD03605 m_CRC32Table(245) = &HCDD70693 m_CRC32Table(246) = &H54DE5729 m_CRC32Table(247) = &H23D967BF m_CRC32Table(248) = &HB3667A2E m_CRC32Table(249) = &HC4614AB8 m_CRC32Table(250) = &H5D681B02 m_CRC32Table(251) = &H2A6F2B94 m_CRC32Table(252) = &HB40BBE37 m_CRC32Table(253) = &HC30C8EA1 m_CRC32Table(254) = &H5A05DF1B m_CRC32Table(255) = &H2D02EF8D Const ASM As String = "5589E557565053518B45088B008B750C8B7D108B4D1431DB8A1E30C3C1E80833049F464975F28B4D088901595B585E5F89EC5DC21000" ' Decoded ASM source from HIEW 6.86 (Hacker's View) ' ' 55 PUSH BP ' 89E5 MOV BP,SP ' 57 PUSH DI ' 56 PUSH SI ' 50 PUSH AX ' 53 PUSH BX ' 51 PUSH CX ' 8B4508 MOV AX,DI[08] ' 8B00 MOV AX,BX[SI] ' 8B750C MOV SI,DI[0C] ' 8B7D10 MOV DI,DI[10] ' 8B4D14 MOV CX,DI[14] ' 31DB XOR BX,BX ' 8A1E30C3 MOV BL,0C330 ' C1E808 SHR AX,008 <-. ' 3304 XOR AX,[SI] | ' 9F LAHF | ' 46 INC SI | ' 49 DEC CX | ' 75F2 JNE 000000018 -' ' 8B4D08 MOV CX,DI[08] ' 8901 MOV BX[DI],AX ' 59 POP CX ' 5B POP BX ' 58 POP AX ' 5E POP SI ' 5F POP DI ' 89EC MOV SP,BP ' 5D POP BP ' C21000 RETN 00010 ReDim m_CRC32Asmbl(0 To Len(ASM) \\ 2 - 1) 'Initialize CRC32 precompiled assembly code For i = 1 To Len(ASM) Step 2 m_CRC32Asmbl(i \\ 2) = Val("&H" & Mid$(ASM, i, 2)) Next i End Sub 'Created by Noel A. Dacara | Copyright ?2003-2005 Davao City, Philippines
Option Explicit
'Author : Noel A. Dacara (noeldacara@XXXXXXXXX)'Filename : Get File XXXXXXXs (cFileIcon Class Module)'Description : Get icon(s) of an existing file'Date : Tuesday, January 07, 2003, 10:12 AM'Last Update : Friday, November 25, 2005, 12:28 AM
'You can freely use and distribute this class or upload these codes on any site'provided that the original credits are kept unmodified.
'Keep note that :'If File property is not set, the current directory will automatically be used by API.
'Credits goes to:'Makers of the great Win32 Programmer's Reference, don't know who you are but thanks.'Christoph von Wittich (Christoph@XXXXXXXXXXX), author of ApiViewer 2004 for the APIs
'Modified API DeclarationPrivate Declare Function SHGetFileInfo Lib "shell32.dll" Alias "SHGetFileInfoA" (ByVal pszPath As String, ByVal dwFileAttributes As Long, ByRef psfi As SHFILEINFO, ByVal cbFileInfo As Long, ByVal uFlags As ESHGetFileInfoFlagConstants) As LongPrivate Declare Sub OleCreatePictureIndirect Lib "oleaut32.dll" (ByRef lpPictDesc As PictDesc, ByRef riid As Guid, ByVal fOwn As Long, ByRef lplpvObj As IPictureDisp)
'API ConstantsPrivate Const ERRORAPI As Long = 0Private Const MAX_PATH As Long = 260
'API TypesPrivate Type Guid Data1 As Long Data2 As Integer Data3 As Integer Data4(0 To 7) As ByteEnd Type
Private Type PictDesc cbSizeofStruct As Long picType As Long hImage As Long xExt As Long yExt As LongEnd Type
Private Type SHFILEINFO hIcon As Long ' : icon iIcon As Long ' : icondex dwAttributes As Long ' : SFGAO_ flags szDisplayName As String * MAX_PATH ' : display name (or path) szTypeName As String * 80 ' : type nameEnd Type
'User-Defined API EnumPrivate Enum ESHGetFileInfoFlagConstants SHGFI_ATTRIBUTES = &H800 'get file attributes SHGFI_DISPLAYNAME = &H200 'get display name SHGFI_EXETYPE = &H2000 'get exe type SHGFI_ICON = &H100 'get icon handle and index SHGFI_LARGEICON = &H0 'get file's large icon SHGFI_LINKOVERLAY = &H8000 'add link overlay on the icon SHGFI_OPENICON = &H2 'get file's open icon SHGFI_SELECTED = &H10000 'blend icon with the system highlight color SHGFI_SHELLICONSIZE = &H4 'get shell-sized icon SHGFI_SMALLICON = &H1 'get file's small icon SHGFI_SYSICONINDEX = &H4000 'get icon index from system image list SHGFI_TYPENAME = &H400 'get file type description SHGFI_USEFILEATTRIBUTES = &H10 'use dwFileAttributes parameterEnd Enum
Enum EFileIconTypeConstants LargeIcon = 0 SmallIcon = 1End Enum
Enum EFileExeTypeConstants MSDosApp = 2 'MS-DOS .EXE, .COM or .BAT file NonExecutable = 0 'Nonexecutable file or an error condition Win32Console = 3 'Win32 console application WindowsApp = 1 'Windows applicationEnd Enum
'Variable DeclarationsPrivate m_File As StringPrivate m_Handle As LongPrivate m_IconType As EFileIconTypeConstantsPrivate m_OpenState As BooleanPrivate m_Overlay As BooleanPrivate m_Selected As Boolean
Property Get DisplayName(Optional File) As String'Returns the display name of the specified file. Dim p_Null As Long Dim p_Ret As Long Dim p_SHFI As SHFILEINFO If IsMissing(File) Then File = m_File End If p_Ret = SHGetFileInfo(CStr(File), 0&, p_SHFI, Len(p_SHFI), SHGFI_DISPLAYNAME) If Not p_Ret = ERRORAPI Then DisplayName = p_XXXXXXXDisplayName p_Null = InStr(1, DisplayName, vbNullChar) If p_Null > 0& Then DisplayName = Left$(DisplayName, p_Null - 1) End If End IfEnd Property
Property Get ExeType(Optional File) As EFileExeTypeConstants'Returns the display name of the specified file. Dim p_Ret As Long Dim p_SHFI As SHFILEINFO If IsMissing(File) Then File = m_File End If p_Ret = SHGetFileInfo(CStr(File), 0&, p_SHFI, Len(p_SHFI), SHGFI_EXETYPE) If p_Ret = 0 Then ExeType = NonExecutable Else If HiWord(p_Ret) > 0 Then 'NE 0x00004E45 or PE 0x00005045 ExeType = WindowsApp Else Select Case LoWord(p_Ret) Case 23117 'MZ 0x00004D5A ExeType = MSDosApp Case 17744 '[s:9]E 0x00005045 ExeType = Win32Console End Select End If End IfEnd Property
Property Get File() As String'Returns/sets the complete file path to be used. File = m_FileEnd Property
Property Let File(Value As String) m_File = ValueEnd Property
Property Get Handle() As Long'Returns/sets the icon handle to be used by the IconEx property. Handle = m_HandleEnd Property
Property Let Handle(Value As Long) m_Handle = ValueEnd Property
Property Get IconType() As EFileIconTypeConstants'Returns/sets the type of icon to retrieve. IconType = m_IconTypeEnd Property
Property Let IconType(Value As EFileIconTypeConstants) m_IconType = ValueEnd Property
Property Get Icon(Optional File, Optional IconType) As IPictureDisp'Returns the icon of the specified file. If IsMissing(File) Then File = m_File End If If IsMissing(IconType) Then IconType = m_IconType End If Dim p_Flags As ESHGetFileInfoFlagConstants Dim p_hIcon As Long Dim p_Ret As Long Dim p_SHFI As SHFILEINFO If m_IconType = LargeIcon Then p_Flags = SHGFI_ICON Or SHGFI_LARGEICON Else p_Flags = SHGFI_ICON Or SHGFI_SMALLICON End If If m_Overlay Then p_Flags = p_Flags Or SHGFI_LINKOVERLAY End If If m_Selected Then p_Flags = p_Flags Or SHGFI_SELECTED Else p_Flags = p_Flags And Not SHGFI_SELECTED End If If m_OpenState Then p_Flags = p_Flags Or SHGFI_OPENICON Else p_Flags = p_Flags And Not SHGFI_OPENICON End If p_Ret = SHGetFileInfo(CStr(File), 0&, p_SHFI, Len(p_SHFI), p_Flags) If Not p_Ret = ERRORAPI Then p_hIcon = p_SHFI.hIcon If Not p_hIcon = 0& Then Set Icon = IconEx(p_hIcon) End If End IfEnd Property
Property Get IconEx(Optional hIcon As Long) As IPictureDisp'Returns the file's icon using the specified icon handle. If hIcon = 0& Then hIcon = m_Handle If hIcon = 0& Then Exit Property End If End If Dim p_Picture As IPictureDisp Dim p_PicDesc As PictDesc Dim p_Guid As Guid p_PicDesc.cbSizeofStruct = Len(p_PicDesc) p_PicDesc.picType = vbPicTypeIcon p_PicDesc.hImage = hIcon 'IPicture GUID {7BF80980-BF32-101A-8BBB-00AA00300CAB} With p_Guid .Data1 = &H7BF80980 .Data2 = &HBF32 .Data3 = &H101A .Data4(0) = &H8B .Data4(1) = &HBB .Data4(2) = &H0 .Data4(3) = &HAA .Data4(4) = &H0 .Data4(5) = &H30 .Data4(6) = &HC .Data4(7) = &HAB End With 'From vbAccelerator... (XXXXXXXXXXXXXXXXXXXXXXXXXXXX) OleCreatePictureIndirect p_PicDesc, p_Guid, True, p_Picture Set IconEx = p_PictureEnd Property
Property Get LinkOverlay() As Boolean'Returns/sets a value to determine if a linkoverlay icon is displayed on the icon. LinkOverlay = m_OverlayEnd Property
Property Let LinkOverlay(Value As Boolean) m_Overlay = ValueEnd Property
Property Get OpenState() As Boolean'Returns/sets a value to determine if the icon will be in open state. (Ex. Folders) OpenState = m_OpenStateEnd Property
Property Let OpenState(Value As Boolean) m_OpenState = ValueEnd Property
Property Get Selected() As Boolean'Returns/sets a value to determine if the icon is in selected state. Selected = m_SelectedEnd Property
Property Let Selected(Value As Boolean) m_Selected = ValueEnd Property
Property Get TypeName(Optional File) As String'Returns the type name of the specified file. Dim p_Null As Long Dim p_Ret As Long Dim p_SHFI As SHFILEINFO If IsMissing(File) Then File = m_File End If p_Ret = SHGetFileInfo(CStr(File), 0&, p_SHFI, Len(p_SHFI), SHGFI_TYPENAME) If Not p_Ret = ERRORAPI Then TypeName = p_XXXXXXXTypeName p_Null = InStr(1, TypeName, vbNullChar) If p_Null > 0& Then TypeName = Left$(TypeName, p_Null - 1) End If End IfEnd Property
'[s:9]rivate propertiesPrivate Property Get HiWord(DWord As Long) As Long HiWord = (DWord And &HFFFF0000) \\ &H10000End Property
Private Property Get LoWord(DWord As Long) As Long If DWord And &H8000& Then LoWord = DWord Or &HFFFF0000 Else LoWord = DWord And &HFFFF& End IfEnd Property
'Created by Noel A. Dacara | Copyright ?2003-2005 Davao City, Philippines
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
LZ不要一味的碓代码,起码要几句话解释下。
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
回 11楼(hefanghua) 的帖子
OK,我现在正在写解说稿
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
关于PE系统的调试现在暂时失败了……正在积极调试中
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
回 14楼(asdw_15951) 的帖子
PE系统还是算了吧
根据定制状况不同差别太大…
根据定制状况不同差别太大…
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
这个代码我也有的。。。一个外国VB写的。。整个特征码定位基本没用哦~不如多看些防火墙VB也有的
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
[s:274]
楼主,能不能把代码改成C语言呢。
看起来方便一些。
看这个VB看着辛苦。
[s:275]
说一说,如何在PE中,运行这个程序。
建议在程序中加载多一些静态的库文件。
这样,就可以在比较精简的PE系统中运行了。
还要,对一些代码进行修改,指向正确的命名空间。
[s:274]
由于我也是刚开始学习,编程。想法上有点不成熟。望见解。[s:227]
楼主,能不能把代码改成C语言呢。
看起来方便一些。
看这个VB看着辛苦。
[s:275]
说一说,如何在PE中,运行这个程序。
建议在程序中加载多一些静态的库文件。
这样,就可以在比较精简的PE系统中运行了。
还要,对一些代码进行修改,指向正确的命名空间。
[s:274]
由于我也是刚开始学习,编程。想法上有点不成熟。望见解。[s:227]
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
回 18楼(sndnvaps) 的帖子
呵呵,谢谢指点……动态数据库比较不稳定……先调试一下啊
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
哦……不错……
我是学C的,但老林就是专门做B的……
就是杀一些简单的 MS-DO[.COM(标准蠕虫)而已啊
我是学C的,但老林就是专门做B的……
就是杀一些简单的 MS-DO[.COM(标准蠕虫)而已啊
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
回 楼主(asdw_15951) 的帖子
360光荣报毒
QVM发现的![A.jpg]()
QVM发现的
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
回 9楼(asdw_15951) 的帖子
本来还想弄进虚拟机测试一下
但是居然不兼容2003!!!!
系统版本号:Windows NT 5.2R2 Build3790-20120503
但是居然不兼容2003!!!!
系统版本号:Windows NT 5.2R2 Build3790-20120503
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
回 楼主(asdw_15951) 的帖子
另外:Windows Server2003 R2 SP2下不兼容
是否通过物理内存对象使用调用门提升权限?
后面还发现似乎跟DEP有关系,是不是执行了没有执行属性的页内的代码?![1.jpg]()
是否通过物理内存对象使用调用门提升权限?
后面还发现似乎跟DEP有关系,是不是执行了没有执行属性的页内的代码?
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
回 1楼(asdw_15951) 的帖子
恕我只说了 这是国外一款杀软 你不过只是简单汉化了一下吧? 源码我读过..没有任何实际意义啊。每个病毒先提取一下特征码而已。
sorry。。。曾经仿佛回复过了。。。
sorry。。。曾经仿佛回复过了。。。
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
回 25楼(wzy41718682) 的帖子
引用楼主asdw_15951于2012-04-08 21:27发表的 自制杀毒软件一份
自制的软件,用的是开源代码
仍然是“U盘实用工具”作者XXXXXn的作品。
.......
请勿挖坟!再者,你看的很清楚吗?顶楼已经明确声明“使用的是开源代码”!!
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。
回 22楼(phpskycn) 的帖子
新软正在调试,这个软已经荒废了。新软全面兼容Win2000及以上系统。并且全新加入了又龙腾工作室研发的新内核,WinPE无压力!
引用
加载评论中,请稍候...
200字以内,仅用于支线交流,主线讨论请采用回复功能。