1.Buka program microsoft visual basic 6.0 -> Standard EXE -> OK maka akan tampil form baru sesuai dengan gambar di bawah,desain form sesuai keinginan anda
Beri nama form tersebut : frmUtama
2.Setelah form selesai di rubah namanya tambahkan component Mscomctl.Ocx dengan cara
Klik Project -> Components -> Microsoft Windows Common Controls 6.0 -> lalu klik OK
Contoh seperti gambar di bawah
2.Setelah form selesai di rubah namanya tambahkan component Mscomctl.Ocx dengan cara
Klik Project -> Components -> Microsoft Windows Common Controls 6.0 -> lalu klik OK
Contoh seperti gambar di bawah
3.Setelah component sukses di tambahkan langkah selanjutnya adalah menambah Command Button,Textbox,Listview,Picture Box
disini saya menggunakan desain yang sangat sederhana,desain bisa anda rubah sendiri sesuai kreatifitas anda ^^
- Tambahkan Listview kedalam form dan beri nama lvScan
disini saya menggunakan desain yang sangat sederhana,desain bisa anda rubah sendiri sesuai kreatifitas anda ^^
- Tambahkan Listview kedalam form dan beri nama lvScan
yang saya lingkari merah adalah listview yang telah di tambahkan ke dalam form.
setelah itu setting listview dengan cara
Klik Listview -> Disebelah kanan bawah ada kotak properties -> Custom
lalu ikuti settingan seperti pada gambar di bawah ini
Lalu pada tab Column Headers klik insert column
- Column 1 beri nama : Virus Name
- Column 2 beri nama : Path
- Column 3 beri nama : Checksum Virus
- Column 4 beri nama : Status Virus
lalu klik Ok
Tambahkan picture box buat picture box itu sekecil mungkin dan beri nama sIcon
Setting :
Appearance : Flat
Auto Redraw : True
Border Style : None
Visible : False
Tambahkan Textbox ke dalam form dengan nama txtPath
Setting :
Appearance : Flat
Border Style : None
Tambahkan Command Button dengan nama cmdBrowse di samping Textbox yang telah di buat tadi
Setting :
Caption : ...
Masukan Code ini ke dalam cmdBrowse
- Column 1 beri nama : Virus Name
- Column 2 beri nama : Path
- Column 3 beri nama : Checksum Virus
- Column 4 beri nama : Status Virus
lalu klik Ok
Tambahkan picture box buat picture box itu sekecil mungkin dan beri nama sIcon
Setting :
Appearance : Flat
Auto Redraw : True
Border Style : None
Visible : False
Tambahkan Textbox ke dalam form dengan nama txtPath
Setting :
Appearance : Flat
Border Style : None
Tambahkan Command Button dengan nama cmdBrowse di samping Textbox yang telah di buat tadi
Setting :
Caption : ...
Masukan Code ini ke dalam cmdBrowse
Spoiler:
Code:
Dim Pathnya As String
Pathnya = ""
Pathnya = BrowseFolder("Pilih folder yang akan di Scan:", Me)
If Pathnya <> "" Then
txtPath.Text = Pathnya
End If
Dim Pathnya As String
Pathnya = ""
Pathnya = BrowseFolder("Pilih folder yang akan di Scan:", Me)
If Pathnya <> "" Then
txtPath.Text = Pathnya
End If
Code di atas berfungsi untuk membuka kotak dialog yang berisi path" yang ada di dalam komputer lalu mencetaknya ke dalam textbox yang bernama txtPath
Tambahkan label dengan nama default
Setting :
Caption : Dir Scanned
Tambahkan label dengan nama lblDirScan
Setting :
Caption : 0
Tambahkan label dengan nama default
Setting :
Caption : Detected
Tambahkan label dengan nama lblFileDet
Setting :
Caption : 0
Tambahkan label dengan nama default
Setting :
Caption : File Scanned
Tambahkan label dengan nama lblFileScan
Setting :
Caption : 0
Tambahkan Textbox dengan nama txtFileScan
Setting :
Multiline : True
Scroll Bar : 2-Vertical
Tambahkan Command Button dengan nama cmdScan
Setting :
Caption : &Scan
Spoiler:
'Code:
If cmdScan.Caption = "Scan" Then
Pathnya = txtPath.Text
If Mid(Pathnya, 2, 1) <> ":" Or Pathnya = "" Then
MsgBox "Direktori Tidak Ditemukan", vbCritical, "Error"
Exit Sub
Else
lvScan.Enabled = False
cmdEnable False, False, False
clear_log
cmdScan.Caption = "Stop"
StopScan = False
FindFilesEx txtPath.Text, CBool(chkSubDir.Value)
MsgBox "Scan finished !" & vbNewLine & vbNewLine & "Total Dir Scanned = " & lblDirScan.Caption & _
vbNewLine & "Total File Scanned = " & lblFileScan.Caption & vbNewLine & "Total File Detected = " & lblFileDet.Caption, vbInformation, "Finish"
If lblFileDet.Caption <> "0" Then
cmdEnable True, True, True
Else
cmdEnable False, False, True
End If
lvScan.Enabled = True
cmdScan.Caption = "Scan"
End If
Else
cmdScan.Caption = "Scan"
StopScan = True
End If
If cmdScan.Caption = "Scan" Then
Pathnya = txtPath.Text
If Mid(Pathnya, 2, 1) <> ":" Or Pathnya = "" Then
MsgBox "Direktori Tidak Ditemukan", vbCritical, "Error"
Exit Sub
Else
lvScan.Enabled = False
cmdEnable False, False, False
clear_log
cmdScan.Caption = "Stop"
StopScan = False
FindFilesEx txtPath.Text, CBool(chkSubDir.Value)
MsgBox "Scan finished !" & vbNewLine & vbNewLine & "Total Dir Scanned = " & lblDirScan.Caption & _
vbNewLine & "Total File Scanned = " & lblFileScan.Caption & vbNewLine & "Total File Detected = " & lblFileDet.Caption, vbInformation, "Finish"
If lblFileDet.Caption <> "0" Then
cmdEnable True, True, True
Else
cmdEnable False, False, True
End If
lvScan.Enabled = True
cmdScan.Caption = "Scan"
End If
Else
cmdScan.Caption = "Scan"
StopScan = True
End If
fungsi kode di atas adalah untuk memulai scan pada antivirus
Tambahkan Command Button dengan nama cmdAction
Setting :
Caption : &Delete
Tambahkan Command Button dengan nama cmdAction
Setting :
Caption : &Quarantine
Tambahkan Command Button dengan nama cmdViewQ
Setting :
Caption : &View Quarantine File
Tambahkan Command Button dengan nama cmdAction
Setting :
Caption : &Delete
Tambahkan kode ini di dalamnya
Spoiler:
'Code:
Dim DftrFile As String
DftrFile = GetSelected(lvScan)
If DftrFile = "" Then
MsgBox "No Detected File(s) Selected", vbCritical, ""
Exit Sub
End If
Select Case Index
Case 0
clean = Action(DftrFile, lvScan, "D")
MsgBox clean & " File(s) has been deleted"
Case 1
clean = Action(DftrFile, lvScan, "Q")
MsgBox clean & " File(s) has been quarantine"
End Select
Dim DftrFile As String
DftrFile = GetSelected(lvScan)
If DftrFile = "" Then
MsgBox "No Detected File(s) Selected", vbCritical, ""
Exit Sub
End If
Select Case Index
Case 0
clean = Action(DftrFile, lvScan, "D")
MsgBox clean & " File(s) has been deleted"
Case 1
clean = Action(DftrFile, lvScan, "Q")
MsgBox clean & " File(s) has been quarantine"
End Select
Fungsi di atas adalah fungsi untuk menghapus/mengkarantina file yang terdeteksi
Tambahkan Command Button dengan nama cmdAction
Setting :
Caption : &Quarantine
Tambahkan Command Button dengan nama cmdViewQ
Setting :
Caption : &View Quarantine File
Lalu masukan code ini ke dalamnya
Spoiler:
Me.hide
frmquarantine.show
frmquarantine.show
Code di atas berfungsi untuk memunculkan form quarantine dan meng enabled form utama
nah selesai untuk memasukan control ke dalam formnya
contoh form yang telah selesai.
lalu klik kanan pada form masukan kode di bawah ini
Spoiler:
/Code:
Private Sub lvScan_ItemCheck(ByVal Item As MSComctlLib.ListItem)
UnSelect lvScan, "Di Karantina"
UnSelect lvScan, "Di Hapus"
End Sub
Private Function cmdEnable(hapus As Boolean, Quarantine As Boolean, openQuarantine As Boolean)
cmdAction(0).Enabled = hapus
cmdAction(1).Enabled = Quarantine
cmdViewQ.Enabled = openQuarantine
End Function
Private Function clear_log()
lblDirScan.Caption = 0
lblFileScan.Caption = 0
lblFileDet.Caption = 0
lvScan.ListItems.Clear
jumlahDir = 0
jumlahFile = 0
jumlahVirus = 0
End Function
Private Sub lvScan_ItemCheck(ByVal Item As MSComctlLib.ListItem)
UnSelect lvScan, "Di Karantina"
UnSelect lvScan, "Di Hapus"
End Sub
Private Function cmdEnable(hapus As Boolean, Quarantine As Boolean, openQuarantine As Boolean)
cmdAction(0).Enabled = hapus
cmdAction(1).Enabled = Quarantine
cmdViewQ.Enabled = openQuarantine
End Function
Private Function clear_log()
lblDirScan.Caption = 0
lblFileScan.Caption = 0
lblFileDet.Caption = 0
lvScan.ListItems.Clear
jumlahDir = 0
jumlahFile = 0
jumlahVirus = 0
End Function
lalu di Form_load() masukan kode ini
Spoiler:
'Code:
On Error Resume Next
MkDir "Quarantine"
BuildDatabase
On Error Resume Next
MkDir "Quarantine"
BuildDatabase
Lalu buatlah 1 module dengan nama modAPI
Lalu tambahkan code di bawah ini
Spoiler:
'Code:
Public Declare Function FindFirstFile Lib "kernel32" Alias "FindFirstFileA" (ByVal lpFileName As String, lpFindFileData As WIN32_FIND_DATA) As Long
Public Declare Function FindNextFile Lib "kernel32" Alias "FindNextFileA" (ByVal hFindFile As Long, lpFindFileData As WIN32_FIND_DATA) As Long
Public Declare Function FindClose Lib "kernel32" (ByVal hFindFile As Long) As Long
Public Declare Function PathIsDirectory Lib "shlwapi.dll" Alias "PathIsDirectoryA" (ByVal pszPath As String) As Long
Public Declare Function CopyFile Lib "kernel32.dll" Alias "CopyFileA" (ByVal lpExistingFileName As String, ByVal lpNewFileName As String, ByVal bFailIfExists As Long) As Long
Public Declare Function MoveFile Lib "kernel32.dll" Alias "MoveFileA" (ByVal lpExistingFileName As String, ByVal lpNewFileName As String) As Long
Public Declare Function DeleteFile Lib "kernel32" Alias "DeleteFileA" (ByVal lpFileName As String) As Long
Public Declare Function PathFileExists Lib "shlwapi.dll" Alias "PathFileExistsA" (ByVal pszPath As String) As Long
Public Declare Function GetSystemDirectory Lib "kernel32.dll" Alias "GetSystemDirectoryA" (ByVal lpBuffer As String, ByVal nSize As Long) As Long
Public Declare Function GetWindowsDirectory Lib "kernel32.dll" Alias "GetWindowsDirectoryA" (ByVal lpBuffer As String, ByVal nSize As Long) As Long
Public Declare Function SHGetPathFromIDList Lib "shell32.dll" Alias "SHGetPathFromIDListA" (ByVal pidl As Long, ByVal pszPath As String) As Long
Public Declare Function SHBrowseForFolder Lib "shell32.dll" Alias "SHBrowseForFolderA" (lpBrowseInfo As BROWSEINFO) As Long
Private Declare Function RealizePalette Lib "gdi32" (ByVal hDC As Long) As Long
Public Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, lpSecurityAttributes As Any, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long
Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Public Declare Function GetFileSize Lib "kernel32" (ByVal hFile As Long, lpFileSizeHigh As Long) As Long
Public Declare Function VirtualAlloc Lib "kernel32" (lpAddress As Any, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long
Public Declare Function ReadFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToRead As Long, lpNumberOfBytesRead As Long, lpOverlapped As Any) As Long
Public Declare Function WriteFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToWrite As Long, lpNumberOfBytesWritten As Long, lpOverlapped As Any) As Long
Public Declare Function SetFilePointer Lib "kernel32" (ByVal hFile As Long, ByVal lDistanceToMove As Long, lpDistanceToMoveHigh As Long, ByVal dwMoveMethod As Long) As Long
Public Declare Function SetEndOfFile Lib "kernel32" (ByVal hFile As Long) As Long
Public Const GENERIC_READ = &H80000000
Public Const GENERIC_WRITE = &H40000000
Public Const FILE_SHARE_READ = &H1
Public Const OPEN_EXISTING = 3
Public Const FILE_ATTRIBUTE_NORMAL = &H80
Public Const INVALID_HANDLE_VALUE = -1
Public Const FILE_END = 2
Public Const FILE_BEGIN = 0
Public Const FILE_CURRENT = 1
Public Const LWA_COLORKEY = &H1
Public Const GWL_EXSTYLE = (-20)
Public Const WS_EX_LAYERED = &H80000
Public Const MAX_PATH = 260
Public Const SW_SHOWNORMAL = 1
Public Type FileTime
dwLowDateTime As Long
dwHighDateTime As Long
End Type
Public Type WIN32_FIND_DATA
dwFileAttributes As Long
ftCreationTime As FileTime
ftLastAccessTime As FileTime
ftLastWriteTime As FileTime
nFileSizeHigh As Long
nFileSizeLow As Long
dwReserved0 As Long
dwReserved1 As Long
cFileName As String * MAX_PATH
cAlternate As String * 14
End Type
Type BROWSEINFO
hOwner As Long
pidlRoot As Long
pszDisplayName As String
lpszTitle As String
ulFlags As Long
lpfn As Long
lParam As Long
iImage As Long
End Type
'untuk browse folder
Public Function BrowseFolder(ByVal aTitle As String, ByVal aForm As Form) As String
Dim bInfo As BROWSEINFO
Dim rtn&, pidl&, path$, pos%
Dim BrowsePath As String
bInfo.hOwner = aForm.hWnd
bInfo.lpszTitle = aTitle
bInfo.ulFlags = &H1
pidl& = SHBrowseForFolder(bInfo)
path = Space(512)
t = SHGetPathFromIDList(ByVal pidl&, ByVal path)
pos% = InStr(path$, Chr$(0))
BrowseFolder = Left(path$, pos - 1)
If Right$(Browse, 1) = "\" Then
BrowseFolder = BrowseFolder
Else
BrowseFolder = BrowseFolder + "\"
End If
If Right(BrowseFolder, 2) = "\\" Then BrowseFolder = Left(BrowseFolder, Len(BrowseFolder) - 1)
If BrowseFolder = "\" Then BrowseFolder = ""
End Function
Public Function StripNulls(ByVal OriginalStr As String) As String
If (InStr(OriginalStr, Chr$(0)) > 0) Then
OriginalStr = Left$(OriginalStr, InStr(OriginalStr, Chr(0)) - 1)
End If
StripNulls = OriginalStr
End Function
'fungsi untuk menentukan file script atau bukan
Public Function IsScript(Filename As String) As Boolean
IsScript = False
ext = Split("|vbs|vbe", "|")
For i = 1 To UBound(ext)
If LCase(Right(Filename, 3)) = LCase(ext(i)) Then IsScript = True
Next
End Function
Public Declare Function FindFirstFile Lib "kernel32" Alias "FindFirstFileA" (ByVal lpFileName As String, lpFindFileData As WIN32_FIND_DATA) As Long
Public Declare Function FindNextFile Lib "kernel32" Alias "FindNextFileA" (ByVal hFindFile As Long, lpFindFileData As WIN32_FIND_DATA) As Long
Public Declare Function FindClose Lib "kernel32" (ByVal hFindFile As Long) As Long
Public Declare Function PathIsDirectory Lib "shlwapi.dll" Alias "PathIsDirectoryA" (ByVal pszPath As String) As Long
Public Declare Function CopyFile Lib "kernel32.dll" Alias "CopyFileA" (ByVal lpExistingFileName As String, ByVal lpNewFileName As String, ByVal bFailIfExists As Long) As Long
Public Declare Function MoveFile Lib "kernel32.dll" Alias "MoveFileA" (ByVal lpExistingFileName As String, ByVal lpNewFileName As String) As Long
Public Declare Function DeleteFile Lib "kernel32" Alias "DeleteFileA" (ByVal lpFileName As String) As Long
Public Declare Function PathFileExists Lib "shlwapi.dll" Alias "PathFileExistsA" (ByVal pszPath As String) As Long
Public Declare Function GetSystemDirectory Lib "kernel32.dll" Alias "GetSystemDirectoryA" (ByVal lpBuffer As String, ByVal nSize As Long) As Long
Public Declare Function GetWindowsDirectory Lib "kernel32.dll" Alias "GetWindowsDirectoryA" (ByVal lpBuffer As String, ByVal nSize As Long) As Long
Public Declare Function SHGetPathFromIDList Lib "shell32.dll" Alias "SHGetPathFromIDListA" (ByVal pidl As Long, ByVal pszPath As String) As Long
Public Declare Function SHBrowseForFolder Lib "shell32.dll" Alias "SHBrowseForFolderA" (lpBrowseInfo As BROWSEINFO) As Long
Private Declare Function RealizePalette Lib "gdi32" (ByVal hDC As Long) As Long
Public Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, lpSecurityAttributes As Any, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long
Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Public Declare Function GetFileSize Lib "kernel32" (ByVal hFile As Long, lpFileSizeHigh As Long) As Long
Public Declare Function VirtualAlloc Lib "kernel32" (lpAddress As Any, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long
Public Declare Function ReadFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToRead As Long, lpNumberOfBytesRead As Long, lpOverlapped As Any) As Long
Public Declare Function WriteFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToWrite As Long, lpNumberOfBytesWritten As Long, lpOverlapped As Any) As Long
Public Declare Function SetFilePointer Lib "kernel32" (ByVal hFile As Long, ByVal lDistanceToMove As Long, lpDistanceToMoveHigh As Long, ByVal dwMoveMethod As Long) As Long
Public Declare Function SetEndOfFile Lib "kernel32" (ByVal hFile As Long) As Long
Public Const GENERIC_READ = &H80000000
Public Const GENERIC_WRITE = &H40000000
Public Const FILE_SHARE_READ = &H1
Public Const OPEN_EXISTING = 3
Public Const FILE_ATTRIBUTE_NORMAL = &H80
Public Const INVALID_HANDLE_VALUE = -1
Public Const FILE_END = 2
Public Const FILE_BEGIN = 0
Public Const FILE_CURRENT = 1
Public Const LWA_COLORKEY = &H1
Public Const GWL_EXSTYLE = (-20)
Public Const WS_EX_LAYERED = &H80000
Public Const MAX_PATH = 260
Public Const SW_SHOWNORMAL = 1
Public Type FileTime
dwLowDateTime As Long
dwHighDateTime As Long
End Type
Public Type WIN32_FIND_DATA
dwFileAttributes As Long
ftCreationTime As FileTime
ftLastAccessTime As FileTime
ftLastWriteTime As FileTime
nFileSizeHigh As Long
nFileSizeLow As Long
dwReserved0 As Long
dwReserved1 As Long
cFileName As String * MAX_PATH
cAlternate As String * 14
End Type
Type BROWSEINFO
hOwner As Long
pidlRoot As Long
pszDisplayName As String
lpszTitle As String
ulFlags As Long
lpfn As Long
lParam As Long
iImage As Long
End Type
'untuk browse folder
Public Function BrowseFolder(ByVal aTitle As String, ByVal aForm As Form) As String
Dim bInfo As BROWSEINFO
Dim rtn&, pidl&, path$, pos%
Dim BrowsePath As String
bInfo.hOwner = aForm.hWnd
bInfo.lpszTitle = aTitle
bInfo.ulFlags = &H1
pidl& = SHBrowseForFolder(bInfo)
path = Space(512)
t = SHGetPathFromIDList(ByVal pidl&, ByVal path)
pos% = InStr(path$, Chr$(0))
BrowseFolder = Left(path$, pos - 1)
If Right$(Browse, 1) = "\" Then
BrowseFolder = BrowseFolder
Else
BrowseFolder = BrowseFolder + "\"
End If
If Right(BrowseFolder, 2) = "\\" Then BrowseFolder = Left(BrowseFolder, Len(BrowseFolder) - 1)
If BrowseFolder = "\" Then BrowseFolder = ""
End Function
Public Function StripNulls(ByVal OriginalStr As String) As String
If (InStr(OriginalStr, Chr$(0)) > 0) Then
OriginalStr = Left$(OriginalStr, InStr(OriginalStr, Chr(0)) - 1)
End If
StripNulls = OriginalStr
End Function
'fungsi untuk menentukan file script atau bukan
Public Function IsScript(Filename As String) As Boolean
IsScript = False
ext = Split("|vbs|vbe", "|")
For i = 1 To UBound(ext)
If LCase(Right(Filename, 3)) = LCase(ext(i)) Then IsScript = True
Next
End Function
Code di atas adalah Fungsi API yang di butuhkan untuk antivirus
Buat 1 module dengan nama modChecksum
masukan code di bawah ini.
Spoiler:
'Code:
Public Function GetChecksum(FilePath As String) As String
Dim CheckSum(1 To 2) As String
CheckSum(1) = CalcBinary(FilePath, 499, 4500)
CheckSum(2) = CalcBinary(FilePath, 499, 4000)
GetChecksum = CheckSum(1) & CheckSum(2)
End Function
Public Function CalcBinary(ByVal lpFileName As String, ByVal lpByteCount As Long, Optional ByVal StartByte As Long = 0) As String
On Error GoTo err
Dim Bin() As Byte
Dim ByteSum As Long
Dim i As Long
ReDim Bin(lpByteCount) As Byte
Open lpFileName For Binary As #1
If StartByte = 0 Then
Get #1, , Bin
Else
Get #1, StartByte, Bin
End If
Close #1
For i = 0 To lpByteCount
ByteSum = ByteSum + Bin(i) ^ 2
Next i
CalcBinary = Hex$(ByteSum)
Exit Function
err:
CalcBinary = "00"
End Function
Public Function GetChecksum(FilePath As String) As String
Dim CheckSum(1 To 2) As String
CheckSum(1) = CalcBinary(FilePath, 499, 4500)
CheckSum(2) = CalcBinary(FilePath, 499, 4000)
GetChecksum = CheckSum(1) & CheckSum(2)
End Function
Public Function CalcBinary(ByVal lpFileName As String, ByVal lpByteCount As Long, Optional ByVal StartByte As Long = 0) As String
On Error GoTo err
Dim Bin() As Byte
Dim ByteSum As Long
Dim i As Long
ReDim Bin(lpByteCount) As Byte
Open lpFileName For Binary As #1
If StartByte = 0 Then
Get #1, , Bin
Else
Get #1, StartByte, Bin
End If
Close #1
For i = 0 To lpByteCount
ByteSum = ByteSum + Bin(i) ^ 2
Next i
CalcBinary = Hex$(ByteSum)
Exit Function
err:
CalcBinary = "00"
End Function
potongan code di atas di gunakan untuk meng kalkulasi checksum
buat 1 module lagi dengan nama modDatabase
lalu tambahkan code di bawah ini.
Spoiler:
'Code:
Public VirusDB(5), IconDB(48), Bahaya(5) As String
Public Sub BuildDatabase()
Call Checksum_DB
Call IconCompare_DB
Call Script_DB
End Sub
Private Sub Checksum_DB()
VirusDB(1) = "Alman.A|8911D290F723"
VirusDB(2) = "Malingsi.A|A6292EA60230"
VirusDB(3) = "Conficker.A|9EC112ABB2F3"
VirusDB(4) = "N4B3.A|B5CCD36CDB98"
VirusDB(5) = "N4B3.B|A1FE6D6DBE07"
End Sub
Public Sub IconCompare_DB()
On Error Resume Next
IconDB(1) = "20938B2"
IconDB(2) = "19F4ED6"
IconDB(3) = "133BE0B"
IconDB(4) = "18EDEAE"
IconDB(5) = "1EF89C2"
IconDB(6) = "1C915FF"
IconDB(7) = "24563C4"
IconDB(8) = "1B2DB74"
IconDB(9) = "208EA72"
IconDB(10) = "22A064D"
IconDB(11) = "19B64EE"
IconDB(12) = "1D4B7E1"
IconDB(13) = "2087762"
IconDB(14) = "29C7258"
IconDB(15) = "1B18705"
IconDB(16) = "1B5FCAB"
IconDB(17) = "126D4CF"
IconDB(18) = "1C58E5C"
IconDB(19) = "15D7730"
IconDB(20) = "1FB82B7"
IconDB(21) = "112763E"
IconDB(22) = "2165AF9"
IconDB(23) = "25F46BE"
IconDB(24) = "206556B"
IconDB(25) = "22A8D69"
IconDB(26) = "19237F8"
IconDB(27) = "15022B4"
IconDB(28) = "1D8B4EB"
IconDB(29) = "1DBC1EA"
IconDB(30) = "2333F5D"
IconDB(31) = "1F37C2F"
IconDB(32) = "1C9CCA4"
IconDB(33) = "1DFDFB4"
IconDB(34) = "1C1283E"
IconDB(35) = "1F6598C"
IconDB(36) = "27F4C1A"
IconDB(37) = "22F92E0"
IconDB(38) = "191DBDC"
IconDB(39) = "27BFE4A"
IconDB(40) = "20E0907"
IconDB(46) = "2FA4C88"
IconDB(47) = "25AA630"
IconDB(48) = "1DE28E2"
End Sub
Public Sub Script_DB()
On Error Resume Next
Bahaya(1) = "Scripting.FileSystemObject|Wscript.ScriptFullName|WScript.Shell|.regwrite|.copy"
Bahaya(2) = "Wscript.ScriptFullName|createobject|strreverse|.regwrite"
Bahaya(3) = "createobject|Wscript.ScriptFullName|.regwrite|[autorun]"
Bahaya(4) = "createobject|Wscript.ScriptFullName|specialfolder|.regwrite"
Bahaya(5) = "chr(asc(mid(|createobject|Wscript.ScriptFullName|.GetFolder|.RegWrite"
End Sub
Public VirusDB(5), IconDB(48), Bahaya(5) As String
Public Sub BuildDatabase()
Call Checksum_DB
Call IconCompare_DB
Call Script_DB
End Sub
Private Sub Checksum_DB()
VirusDB(1) = "Alman.A|8911D290F723"
VirusDB(2) = "Malingsi.A|A6292EA60230"
VirusDB(3) = "Conficker.A|9EC112ABB2F3"
VirusDB(4) = "N4B3.A|B5CCD36CDB98"
VirusDB(5) = "N4B3.B|A1FE6D6DBE07"
End Sub
Public Sub IconCompare_DB()
On Error Resume Next
IconDB(1) = "20938B2"
IconDB(2) = "19F4ED6"
IconDB(3) = "133BE0B"
IconDB(4) = "18EDEAE"
IconDB(5) = "1EF89C2"
IconDB(6) = "1C915FF"
IconDB(7) = "24563C4"
IconDB(8) = "1B2DB74"
IconDB(9) = "208EA72"
IconDB(10) = "22A064D"
IconDB(11) = "19B64EE"
IconDB(12) = "1D4B7E1"
IconDB(13) = "2087762"
IconDB(14) = "29C7258"
IconDB(15) = "1B18705"
IconDB(16) = "1B5FCAB"
IconDB(17) = "126D4CF"
IconDB(18) = "1C58E5C"
IconDB(19) = "15D7730"
IconDB(20) = "1FB82B7"
IconDB(21) = "112763E"
IconDB(22) = "2165AF9"
IconDB(23) = "25F46BE"
IconDB(24) = "206556B"
IconDB(25) = "22A8D69"
IconDB(26) = "19237F8"
IconDB(27) = "15022B4"
IconDB(28) = "1D8B4EB"
IconDB(29) = "1DBC1EA"
IconDB(30) = "2333F5D"
IconDB(31) = "1F37C2F"
IconDB(32) = "1C9CCA4"
IconDB(33) = "1DFDFB4"
IconDB(34) = "1C1283E"
IconDB(35) = "1F6598C"
IconDB(36) = "27F4C1A"
IconDB(37) = "22F92E0"
IconDB(38) = "191DBDC"
IconDB(39) = "27BFE4A"
IconDB(40) = "20E0907"
IconDB(46) = "2FA4C88"
IconDB(47) = "25AA630"
IconDB(48) = "1DE28E2"
End Sub
Public Sub Script_DB()
On Error Resume Next
Bahaya(1) = "Scripting.FileSystemObject|Wscript.ScriptFullName|WScript.Shell|.regwrite|.copy"
Bahaya(2) = "Wscript.ScriptFullName|createobject|strreverse|.regwrite"
Bahaya(3) = "createobject|Wscript.ScriptFullName|.regwrite|[autorun]"
Bahaya(4) = "createobject|Wscript.ScriptFullName|specialfolder|.regwrite"
Bahaya(5) = "chr(asc(mid(|createobject|Wscript.ScriptFullName|.GetFolder|.RegWrite"
End Sub
potongan code di atas adalah database pada antivirusnya
buat lagi 1 buah module dengan nama modQuar
masukan code yang ada di bawah ini
Spoiler:
Code:
Option Explicit
Public Function EncodeFile(SourceFile As String, DestFile As String)
Dim ByteArray() As Byte, Filenr As Integer
Filenr = FreeFile
Open SourceFile For Binary As #Filenr
ReDim ByteArray(0 To LOF(Filenr) - 1)
Get #Filenr, , ByteArray()
Close #Filenr
Call Coder(ByteArray())
If (PathFileExists(DestFile)) <> 0 Then DeleteFile DestFile
Open DestFile For Binary As #Filenr
Put #Filenr, , ByteArray()
Close #Filenr
End Function
Public Function DecodeFile(SourceFile As String, DestFile As String)
Dim ByteArray() As Byte, Filenr As Integer
Filenr = FreeFile
Open SourceFile For Binary As #Filenr
ReDim ByteArray(0 To LOF(Filenr) - 1)
Get #Filenr, , ByteArray()
Close #Filenr
Call DeCoder(ByteArray())
If (PathFileExists(DestFile)) <> 0 Then DeleteFile DestFile
Open DestFile For Binary As #Filenr
Put #Filenr, , ByteArray()
Close #Filenr
End Function
Private Sub Coder(ByteArray() As Byte)
Dim x As Long
Dim Value As Integer
Value = 0
For x = 0 To UBound(ByteArray)
Value = Value + ByteArray(x)
If Value > 255 Then Value = Value - 256
ByteArray(x) = Value
Next
End Sub
Private Sub DeCoder(ByteArray() As Byte)
Dim x As Long
Dim Value As Integer
Dim newValue As Integer
newValue = 0
For x = 0 To UBound(ByteArray)
Value = newValue
newValue = ByteArray(x)
Value = ByteArray(x) - Value
If Value < 0 Then Value = Value + 256 ByteArray(x) = Value Next End Sub
Code di atas adalah code untuk enkripsi/dekripsi pada virus yang akan di karantina
Buat lagi 1 module dengan nama modHeuristic
lalu masukan code di bawah ini
Spoiler:
'Code:
Private Declare Function ExtractIconEx Lib "shell32.dll" Alias "ExtractIconExA" (ByVal lpszFile As String, ByVal nIconIndex As Long, ByRef phiconLarge As Long, ByRef phiconSmall As Long, ByVal nIcons As Long) As Long
Private Declare Function DestroyIcon Lib "user32.dll" (ByVal hIcon As Long) As Long
Private Declare Function DrawIconEx Lib "user32" (ByVal hDC As Long, ByVal xLeft As Long, ByVal yTop As Long, ByVal hIcon As Long, ByVal cxWidth As Long, ByVal cyWidth As Long, ByVal istepIfAniCur As Long, ByVal hbrFlickerFreeDraw As Long, ByVal diFlags As Long) As Boolean
Private Declare Function ExtractIcon Lib "shell32.dll" Alias "ExtractIconA" (ByVal hInst As Long, ByVal lpszExefileName As String, ByVal nIconIndex As Long) As Long
Private Const DI_MASK = &H1
Private Const DI_IMAGE = &H2
Private Const DI_NORMAL = &H3
Private Const DI_COMPAT = &H4
Private Const DI_DEFAULTSIZE = &H8
Private Const SHGFI_DISPLAYNAME = &H200
Private Const SHGFI_EXETYPE = &H2000
Private Const SHGFI_SYSICONINDEX = &H4000
Private Const SHGFI_LARGEICON = &H0
Private Const SHGFI_SMALLICON = &H1
Private Const ILD_TRANSPARENT = &H1
Private Const SHGFI_SHELLICONSIZE = &H4
Private Const SHGFI_TYPENAME = &H400
Private Const BASIC_SHGFI_FLAGS = SHGFI_TYPENAME Or SHGFI_SHELLICONSIZE Or SHGFI_SYSICONINDEX Or SHGFI_DISPLAYNAME Or SHGFI_EXETYPE
Private SIconInfo As SHFILEINFO
Private SectionHeaders() As IMAGE_SECTION_HEADER
Dim i As Integer
Dim j As Integer
Public Function CekHeuristic(Filename As String)
CekHeuristic = ""
On Error GoTo hError
Dim hFile As Long, bRW As Long
Dim DOSheader As IMAGE_DOS_HEADER
Dim NTHeaders As IMAGE_NT_HEADERS
Dim Filedata As String
DOS_HEADER_INFO = ""
NT_HEADERS_INFO = ""
hFile = CreateFile(Filename, ByVal (GENERIC_READ Or GENERIC_WRITE), FILE_SHARE_READ, ByVal 0&, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, ByVal 0)
ReadFile hFile, DOSheader, Len(DOSheader), bRW, ByVal 0&
SetFilePointer hFile, DOSheader.e_lfanew, 0, 0
ReadFile hFile, NTHeaders, Len(NTHeaders), bRW, ByVal 0&
If NTHeaders.Signature <> IMAGE_NT_SIGNATURE Then
If IsScript(Filename) = True Then
Open Filename For Binary As #1
Filedata = Space$(LOF(1))
Get #1, , Filedata
Close #1
CekHeuristic = CekHeur(Filedata)
End If
Exit Function
End If
CekHeuristic = CekIconBinary(Filename)
hError:
End Function
Private Function CekHeur(Data As String)
Dim hsl, asl As Integer
strasli = LCase(Replace(Data, vbNewLine, "$"))
For i = 1 To UBound(Bahaya)
hsl = 0
strData = Split(Bahaya(i), "|")
asl = 0
For k = 0 To UBound(strData)
xxx = LCase(strData(k))
If InStr(strasli, xxx) > 0 Then hsl = hsl + 1
asl = asl + 1
Next
If hsl = asl Then
CekHeur = "Malicious-Script"
Exit Function
End If
Next
CekHeur = ""
End Function
Private Function CekIconBinary(PathFile As String)
Dim q As Integer
Dim IconIDNow As String
CekIconBinary = ""
IconIDNow = CalcIcon(PathFile)
If IconIDNow = "" Then Exit Function
For q = 1 To UBound(IconDB)
If IconDB(q) = IconIDNow Then
CekIconBinary = "Malicious-Icon"
Exit Function
End If
Next q
End Function
Private Function CalcBinary(ByVal lpFileName As String, ByVal lpByteCount As Long, Optional ByVal StartByte As Long = 0) As String
Dim Bin() As Byte
Dim ByteSum As Long
Dim i As Long
ReDim Bin(lpByteCount) As Byte
Open lpFileName For Binary As #1
If StartByte = 0 Then
Get #1, , Bin
Else
Get #1, StartByte, Bin
End If
Close #1
For i = 0 To lpByteCount
ByteSum = ByteSum + Bin(i) ^ 2
Next i
CalcBinary = Hex$(ByteSum)
End Function
Private Function CalcIcon(ByVal lpFileName As String) As String
Dim PicPath As String
Dim ByteSum As String
Dim IconExist As Long
Dim hIcon As Long
IconExist = ExtractIconEx(lpFileName, 0, ByVal 0&, hIcon, 1)
If IconExist <= 0 Then IconExist = ExtractIconEx(lpFileName, 0, hIcon, ByVal 0&, 1) If IconExist <= 0 Then Exit Function End If frmUtama.sIcon.BackColor = vbWhite DrawIconEx frmUtama.sIcon.hDC, 0, 0, hIcon, 0, 0, 0, 0, DI_NORMAL DestroyIcon hIcon PicPath = Environ$("windir") & "\tmp.tmp" SavePicture frmUtama.sIcon.Image, PicPath ByteSum = CalcBinary(PicPath, FileLen(PicPath)) DeleteFile PicPath CalcIcon = ByteSum End Function
Private Declare Function ExtractIconEx Lib "shell32.dll" Alias "ExtractIconExA" (ByVal lpszFile As String, ByVal nIconIndex As Long, ByRef phiconLarge As Long, ByRef phiconSmall As Long, ByVal nIcons As Long) As Long
Private Declare Function DestroyIcon Lib "user32.dll" (ByVal hIcon As Long) As Long
Private Declare Function DrawIconEx Lib "user32" (ByVal hDC As Long, ByVal xLeft As Long, ByVal yTop As Long, ByVal hIcon As Long, ByVal cxWidth As Long, ByVal cyWidth As Long, ByVal istepIfAniCur As Long, ByVal hbrFlickerFreeDraw As Long, ByVal diFlags As Long) As Boolean
Private Declare Function ExtractIcon Lib "shell32.dll" Alias "ExtractIconA" (ByVal hInst As Long, ByVal lpszExefileName As String, ByVal nIconIndex As Long) As Long
Private Const DI_MASK = &H1
Private Const DI_IMAGE = &H2
Private Const DI_NORMAL = &H3
Private Const DI_COMPAT = &H4
Private Const DI_DEFAULTSIZE = &H8
Private Const SHGFI_DISPLAYNAME = &H200
Private Const SHGFI_EXETYPE = &H2000
Private Const SHGFI_SYSICONINDEX = &H4000
Private Const SHGFI_LARGEICON = &H0
Private Const SHGFI_SMALLICON = &H1
Private Const ILD_TRANSPARENT = &H1
Private Const SHGFI_SHELLICONSIZE = &H4
Private Const SHGFI_TYPENAME = &H400
Private Const BASIC_SHGFI_FLAGS = SHGFI_TYPENAME Or SHGFI_SHELLICONSIZE Or SHGFI_SYSICONINDEX Or SHGFI_DISPLAYNAME Or SHGFI_EXETYPE
Private SIconInfo As SHFILEINFO
Private SectionHeaders() As IMAGE_SECTION_HEADER
Dim i As Integer
Dim j As Integer
Public Function CekHeuristic(Filename As String)
CekHeuristic = ""
On Error GoTo hError
Dim hFile As Long, bRW As Long
Dim DOSheader As IMAGE_DOS_HEADER
Dim NTHeaders As IMAGE_NT_HEADERS
Dim Filedata As String
DOS_HEADER_INFO = ""
NT_HEADERS_INFO = ""
hFile = CreateFile(Filename, ByVal (GENERIC_READ Or GENERIC_WRITE), FILE_SHARE_READ, ByVal 0&, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, ByVal 0)
ReadFile hFile, DOSheader, Len(DOSheader), bRW, ByVal 0&
SetFilePointer hFile, DOSheader.e_lfanew, 0, 0
ReadFile hFile, NTHeaders, Len(NTHeaders), bRW, ByVal 0&
If NTHeaders.Signature <> IMAGE_NT_SIGNATURE Then
If IsScript(Filename) = True Then
Open Filename For Binary As #1
Filedata = Space$(LOF(1))
Get #1, , Filedata
Close #1
CekHeuristic = CekHeur(Filedata)
End If
Exit Function
End If
CekHeuristic = CekIconBinary(Filename)
hError:
End Function
Private Function CekHeur(Data As String)
Dim hsl, asl As Integer
strasli = LCase(Replace(Data, vbNewLine, "$"))
For i = 1 To UBound(Bahaya)
hsl = 0
strData = Split(Bahaya(i), "|")
asl = 0
For k = 0 To UBound(strData)
xxx = LCase(strData(k))
If InStr(strasli, xxx) > 0 Then hsl = hsl + 1
asl = asl + 1
Next
If hsl = asl Then
CekHeur = "Malicious-Script"
Exit Function
End If
Next
CekHeur = ""
End Function
Private Function CekIconBinary(PathFile As String)
Dim q As Integer
Dim IconIDNow As String
CekIconBinary = ""
IconIDNow = CalcIcon(PathFile)
If IconIDNow = "" Then Exit Function
For q = 1 To UBound(IconDB)
If IconDB(q) = IconIDNow Then
CekIconBinary = "Malicious-Icon"
Exit Function
End If
Next q
End Function
Private Function CalcBinary(ByVal lpFileName As String, ByVal lpByteCount As Long, Optional ByVal StartByte As Long = 0) As String
Dim Bin() As Byte
Dim ByteSum As Long
Dim i As Long
ReDim Bin(lpByteCount) As Byte
Open lpFileName For Binary As #1
If StartByte = 0 Then
Get #1, , Bin
Else
Get #1, StartByte, Bin
End If
Close #1
For i = 0 To lpByteCount
ByteSum = ByteSum + Bin(i) ^ 2
Next i
CalcBinary = Hex$(ByteSum)
End Function
Private Function CalcIcon(ByVal lpFileName As String) As String
Dim PicPath As String
Dim ByteSum As String
Dim IconExist As Long
Dim hIcon As Long
IconExist = ExtractIconEx(lpFileName, 0, ByVal 0&, hIcon, 1)
If IconExist <= 0 Then IconExist = ExtractIconEx(lpFileName, 0, hIcon, ByVal 0&, 1) If IconExist <= 0 Then Exit Function End If frmUtama.sIcon.BackColor = vbWhite DrawIconEx frmUtama.sIcon.hDC, 0, 0, hIcon, 0, 0, 0, 0, DI_NORMAL DestroyIcon hIcon PicPath = Environ$("windir") & "\tmp.tmp" SavePicture frmUtama.sIcon.Image, PicPath ByteSum = CalcBinary(PicPath, FileLen(PicPath)) DeleteFile PicPath CalcIcon = ByteSum End Function
Fungsi di atas adalah fungsi untuk mengecek suatu file dengan metode heuristic icon + heuristic untuk virus VBS
Buat 1 module dengan nama modIconCompare
lalu masukan code di bawah ini
Spoiler:
'Code:
Option Explicit
Private Const SHGFI_DISPLAYNAME = &H200, SHGFI_EXETYPE = &H2000, SHGFI_SYSICONINDEX = &H4000, SHGFI_LARGEICON = &H0, SHGFI_SMALLICON = &H1, SHGFI_SHELLICONSIZE = &H4, SHGFI_TYPENAME = &H400, ILD_TRANSPARENT = &H1, BASIC_SHGFI_FLAGS = SHGFI_TYPENAME Or SHGFI_SHELLICONSIZE Or SHGFI_SYSICONINDEX Or SHGFI_DISPLAYNAME Or SHGFI_EXETYPE
Public Type SHFILEINFO
hIcon As Long: iIcon As Long: dwAttributes As Long: szDisplayName As String * MAX_PATH: szTypeName As String * 80
End Type
Private Declare Function SHGetFileInfo Lib "shell32.dll" Alias "SHGetFileInfoA" (ByVal pszPath As String, ByVal dwFileAttributes As Long, psfi As SHFILEINFO, ByVal cbSizeFileInfo As Long, ByVal uFlags As Long) As Long
Private Declare Function ImageList_Draw Lib "comctl32.dll" (ByVal himl As Long, ByVal i As Long, ByVal hdcDest As Long, ByVal x As Long, ByVal y As Long, ByVal flags As Long) As Long
Private shinfo As SHFILEINFO, sshinfo As SHFILEINFO
Private Declare Function DrawIconEx Lib "user32.dll" (ByVal hDC As Long, ByVal xLeft As Long, ByVal yTop As Long, ByVal hIcon As Long, ByVal cxWidth As Long, ByVal cyWidth As Long, ByVal istepIfAniCur As Long, ByVal hbrFlickerFreeDraw As Long, ByVal diFlags As Long) As Long
Private SIconInfo As SHFILEINFO
Public Enum IconRetrieve
ricnLarge = 32
ricnSmall = 16
End Enum
Public Sub RetrieveIcon(fName As String, DC As PictureBox, icnSize As IconRetrieve)
Dim hImgSmall, hImgLarge As Long
Debug.Print fName
Select Case icnSize
Case ricnSmall
hImgSmall = SHGetFileInfo(fName$, 0&, shinfo, Len(shinfo), BASIC_SHGFI_FLAGS Or SHGFI_SMALLICON)
Call ImageList_Draw(hImgSmall, shinfo.iIcon, DC.hDC, 0, 0, ILD_TRANSPARENT)
Case ricnLarge
hImgLarge& = SHGetFileInfo(fName$, 0&, shinfo, Len(shinfo), BASIC_SHGFI_FLAGS Or SHGFI_LARGEICON)
Call ImageList_Draw(hImgLarge, shinfo.iIcon, DC.hDC, 0, 0, ILD_TRANSPARENT)
End Select
End Sub
Public Function ExtractIcon(Filename As String, AddtoImageList As ImageList, PictureBox As PictureBox, PixelsXY As IconRetrieve, iKey As String) As Long
Dim SmallIcon As Long
Dim NewImage As ListImage
Dim IconIndex As Integer
On Error GoTo Load_New_Icon
If iKey <> "Application" And iKey <> "Shortcut" Then
ExtractIcon = AddtoImageList.ListImages(iKey).Index
Exit Function
End If
Load_New_Icon:
On Error GoTo Reset_Key
RetrieveIcon Filename, PictureBox, PixelsXY
IconIndex = AddtoImageList.ListImages.Count + 1
Set NewImage = AddtoImageList.ListImages.Add(IconIndex, iKey, PictureBox.Image)
ExtractIcon = IconIndex
Exit Function
Reset_Key:
iKey = ""
Resume
End Function
Public Sub GetLargeIcon(icPath$, pDisp As PictureBox)
Dim hImgLrg&: hImgLrg = SHGetFileInfo(icPath$, 0&, SIconInfo, Len(SIconInfo), BASIC_SHGFI_FLAGS Or SHGFI_LARGEICON)
ImageList_Draw hImgLrg, SIconInfo.iIcon, pDisp.hDC, 0, 0, ILD_TRANSPARENT
End Sub
Option Explicit
Private Const SHGFI_DISPLAYNAME = &H200, SHGFI_EXETYPE = &H2000, SHGFI_SYSICONINDEX = &H4000, SHGFI_LARGEICON = &H0, SHGFI_SMALLICON = &H1, SHGFI_SHELLICONSIZE = &H4, SHGFI_TYPENAME = &H400, ILD_TRANSPARENT = &H1, BASIC_SHGFI_FLAGS = SHGFI_TYPENAME Or SHGFI_SHELLICONSIZE Or SHGFI_SYSICONINDEX Or SHGFI_DISPLAYNAME Or SHGFI_EXETYPE
Public Type SHFILEINFO
hIcon As Long: iIcon As Long: dwAttributes As Long: szDisplayName As String * MAX_PATH: szTypeName As String * 80
End Type
Private Declare Function SHGetFileInfo Lib "shell32.dll" Alias "SHGetFileInfoA" (ByVal pszPath As String, ByVal dwFileAttributes As Long, psfi As SHFILEINFO, ByVal cbSizeFileInfo As Long, ByVal uFlags As Long) As Long
Private Declare Function ImageList_Draw Lib "comctl32.dll" (ByVal himl As Long, ByVal i As Long, ByVal hdcDest As Long, ByVal x As Long, ByVal y As Long, ByVal flags As Long) As Long
Private shinfo As SHFILEINFO, sshinfo As SHFILEINFO
Private Declare Function DrawIconEx Lib "user32.dll" (ByVal hDC As Long, ByVal xLeft As Long, ByVal yTop As Long, ByVal hIcon As Long, ByVal cxWidth As Long, ByVal cyWidth As Long, ByVal istepIfAniCur As Long, ByVal hbrFlickerFreeDraw As Long, ByVal diFlags As Long) As Long
Private SIconInfo As SHFILEINFO
Public Enum IconRetrieve
ricnLarge = 32
ricnSmall = 16
End Enum
Public Sub RetrieveIcon(fName As String, DC As PictureBox, icnSize As IconRetrieve)
Dim hImgSmall, hImgLarge As Long
Debug.Print fName
Select Case icnSize
Case ricnSmall
hImgSmall = SHGetFileInfo(fName$, 0&, shinfo, Len(shinfo), BASIC_SHGFI_FLAGS Or SHGFI_SMALLICON)
Call ImageList_Draw(hImgSmall, shinfo.iIcon, DC.hDC, 0, 0, ILD_TRANSPARENT)
Case ricnLarge
hImgLarge& = SHGetFileInfo(fName$, 0&, shinfo, Len(shinfo), BASIC_SHGFI_FLAGS Or SHGFI_LARGEICON)
Call ImageList_Draw(hImgLarge, shinfo.iIcon, DC.hDC, 0, 0, ILD_TRANSPARENT)
End Select
End Sub
Public Function ExtractIcon(Filename As String, AddtoImageList As ImageList, PictureBox As PictureBox, PixelsXY As IconRetrieve, iKey As String) As Long
Dim SmallIcon As Long
Dim NewImage As ListImage
Dim IconIndex As Integer
On Error GoTo Load_New_Icon
If iKey <> "Application" And iKey <> "Shortcut" Then
ExtractIcon = AddtoImageList.ListImages(iKey).Index
Exit Function
End If
Load_New_Icon:
On Error GoTo Reset_Key
RetrieveIcon Filename, PictureBox, PixelsXY
IconIndex = AddtoImageList.ListImages.Count + 1
Set NewImage = AddtoImageList.ListImages.Add(IconIndex, iKey, PictureBox.Image)
ExtractIcon = IconIndex
Exit Function
Reset_Key:
iKey = ""
Resume
End Function
Public Sub GetLargeIcon(icPath$, pDisp As PictureBox)
Dim hImgLrg&: hImgLrg = SHGetFileInfo(icPath$, 0&, SIconInfo, Len(SIconInfo), BASIC_SHGFI_FLAGS Or SHGFI_LARGEICON)
ImageList_Draw hImgLrg, SIconInfo.iIcon, pDisp.hDC, 0, 0, ILD_TRANSPARENT
End Sub
kode di atas di butuhkan untuk metode heuristic icon pada antivirus
Buat 1 module dengan nama modLV
lalu masukan code di bawah ini
Spoiler:
'Code:
Public Function GetSelected(TheLV As ListView)
Dim Sel As String
For i = 1 To TheLV.ListItems.Count
If TheLV.ListItems.Item(i).Checked = True Then
Sel = Sel & "|" & TheLV.ListItems.Item(i).SubItems(1)
End If
Next
GetSelected = Sel
End Function
Public Function SelectedAll(TheLV As ListView)
For i = 1 To TheLV.ListItems.Count
TheLV.ListItems.Item(i).Checked = True
Next
End Function
Public Function SelectedNone(TheLV As ListView)
For i = 1 To TheLV.ListItems.Count
TheLV.ListItems.Item(i).Checked = False
Next
End Function
Public Function GetIndex(TheLV As ListView, Data As String) As Integer
For i = 1 To TheLV.ListItems.Count
If TheLV.ListItems.Item(i).SubItems(1) = Data Then
GetIndex = i
End If
Next
End Function
Public Function UnSelect(TheLV As ListView, Data As String)
For i = 1 To TheLV.ListItems.Count
If TheLV.ListItems.Item(i).SubItems(3) = Data Then
TheLV.ListItems.Item(i).Checked = False
End If
Next
End Function
Public Function AddDetect(TheLV As ListView, FilePath As String, VirData As String)
With TheLV
If Left(VirData, 9) <> "Malicious" Then
Set lvItm = .ListItems.Add(, , Split(VirData, "|")(0), , frmUtama.ImgSmall.ListImages(1).Index)
lvItm.SubItems(1) = FilePath
lvItm.SubItems(2) = Split(VirData, "|")(1)
lvItm.SubItems(3) = "Virus File"
Else
Set lvItm = .ListItems.Add(, , VirData, , frmUtama.ImgSmall.ListImages(1).Index)
lvItm.SubItems(1) = FilePath
lvItm.SubItems(2) = GetChecksum(FilePath)
lvItm.SubItems(3) = "Virus File"
End If
End With
End Function
Public Function GetSelected(TheLV As ListView)
Dim Sel As String
For i = 1 To TheLV.ListItems.Count
If TheLV.ListItems.Item(i).Checked = True Then
Sel = Sel & "|" & TheLV.ListItems.Item(i).SubItems(1)
End If
Next
GetSelected = Sel
End Function
Public Function SelectedAll(TheLV As ListView)
For i = 1 To TheLV.ListItems.Count
TheLV.ListItems.Item(i).Checked = True
Next
End Function
Public Function SelectedNone(TheLV As ListView)
For i = 1 To TheLV.ListItems.Count
TheLV.ListItems.Item(i).Checked = False
Next
End Function
Public Function GetIndex(TheLV As ListView, Data As String) As Integer
For i = 1 To TheLV.ListItems.Count
If TheLV.ListItems.Item(i).SubItems(1) = Data Then
GetIndex = i
End If
Next
End Function
Public Function UnSelect(TheLV As ListView, Data As String)
For i = 1 To TheLV.ListItems.Count
If TheLV.ListItems.Item(i).SubItems(3) = Data Then
TheLV.ListItems.Item(i).Checked = False
End If
Next
End Function
Public Function AddDetect(TheLV As ListView, FilePath As String, VirData As String)
With TheLV
If Left(VirData, 9) <> "Malicious" Then
Set lvItm = .ListItems.Add(, , Split(VirData, "|")(0), , frmUtama.ImgSmall.ListImages(1).Index)
lvItm.SubItems(1) = FilePath
lvItm.SubItems(2) = Split(VirData, "|")(1)
lvItm.SubItems(3) = "Virus File"
Else
Set lvItm = .ListItems.Add(, , VirData, , frmUtama.ImgSmall.ListImages(1).Index)
lvItm.SubItems(1) = FilePath
lvItm.SubItems(2) = GetChecksum(FilePath)
lvItm.SubItems(3) = "Virus File"
End If
End With
End Function
Tidak ada komentar:
Posting Komentar