API tools faq
paste
Advertisement
UpdateSoft

Antivirus

UpdateSoft
Mar 22nd, 2019
294
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 16.02 KB | None | 0 0
raw download clone embed print report
  1. Imports System
  2. Imports System.ComponentModel
  3. Imports System.Diagnostics
  4. Imports System.Drawing
  5. Imports System.IO
  6. Imports System.Runtime.CompilerServices
  7. Imports System.Security.Cryptography
  8. Imports System.Text
  9. Imports Microsoft.VisualBasic
  10. Imports Microsoft.VisualBasic.CompilerServices
  11. Imports System.Windows.Forms
  12. Imports System.Net
  13. Imports System.Data
  14. Imports System.Collections.Generic
  15. Imports System.Threading
  16.  
  17. Public Class Form1
  18.  
  19. #Region "Values"
  20. Dim ipv4Stats As System.Net.NetworkInformation.IPv4InterfaceStatistics
  21. Dim netstats As System.Net.NetworkInformation.NetworkInterface
  22. Private DrivesList As List(Of String)
  23. Public WM_DEVICECHANGE As Integer = &H219
  24. Shared files As Integer
  25. Shared progr As Integer
  26. Shared scanbox As String
  27. Shared cc As Integer
  28. Shared infected As Integer
  29. Shared filePath As String
  30. Shared fileStream As FileStream
  31. Shared streamWriter As StreamWriter
  32. Shared P As String
  33. Shared F As String
  34. Shared par As String
  35. Shared array As String()
  36. Shared filesarr As String()
  37. Shared workiscompleted As Boolean = False
  38. Shared Scan As Integer
  39. #End Region
  40.  
  41. #Region "Bools"
  42. Public ScanOnPlugIn As Boolean
  43. Public DelAutorun As Boolean
  44. #End Region
  45.  
  46. Public Enum ScanType
  47. PathScan = 0
  48. FileScan = 1
  49. Binaries = 2
  50. RemScan = 3
  51. End Enum
  52.  
  53. #Region "HexTypes"
  54. Dim KeyboardHook As String() = {"48 6F 6F 6B 43 61 6C 6C 62 61 63 6B", "47 65 74 41 73 79 6E 63 4B 65 79 53 74 61 74 65"}
  55. Dim Rats As String() = {"44 61 72 6B 63 6F 6D 65 74", "43 79 62 65 72 47 61 74 65", "42 6C 61 63 6B 73 68 61 64 65 73", "4A 53 70 79", "4E 61 6E 6F 43 6F 72 65", "6C 65 67 61 63 79 4C 69 6E 6B", "49 6D 6D 69 6E 65 6E 74 20 4D 6F 6E 69 74 6F 72"}
  56. #End Region
  57.  
  58. Public WithEvents ScanThread As BackgroundWorker
  59. Public Enum WM_DEVICECHANGE_WParams As Integer
  60. DeviceInserted = &H8000
  61. DeviceRemoved = &H8004
  62. End Enum
  63. Public Sub WriteToLog(ByVal msg As String)
  64. If Not System.IO.Directory.Exists(Application.StartupPath & "\Log\") Then
  65. System.IO.Directory.CreateDirectory(Application.StartupPath & "\Log\")
  66. End If
  67. Try
  68. Dim fs As FileStream = New FileStream(Application.StartupPath & "\Log\Log.txt", FileMode.OpenOrCreate, FileAccess.ReadWrite)
  69. Dim s As StreamWriter = New StreamWriter(fs)
  70. s.Close()
  71. fs.Close()
  72. Dim fs1 As FileStream = New FileStream(Application.StartupPath & "\Log\Log.txt", FileMode.Append, FileAccess.Write)
  73. Dim s1 As StreamWriter = New StreamWriter(fs1)
  74. s1.Write(msg & vbCrLf)
  75. s1.Close()
  76. fs1.Close()
  77. Catch exception1 As Exception
  78. ProjectData.SetProjectError(exception1)
  79. Dim ex As Exception = exception1
  80. ProjectData.ClearProjectError()
  81. End Try
  82. End Sub
  83. Protected Overrides Sub WndProc(ByRef w As System.Windows.Forms.Message)
  84. If w.Msg = WM_DEVICECHANGE Then
  85. Select Case w.WParam
  86. Case WM_DEVICECHANGE_WParams.DeviceInserted
  87. For Each Drive As DriveInfo In DriveInfo.GetDrives()
  88. If Drive.IsReady AndAlso Not DrivesList.Contains(Drive.Name) Then
  89. If DelAutorun = True Then
  90. If IsAutorunExists(Drive.Name) Then
  91. DeleteAutorun(Drive.Name)
  92. Else
  93. End If
  94. End If
  95. If ScanOnPlugIn = True Then
  96. RemovableScan(Drive.Name)
  97. Else
  98. Exit Sub
  99. End If
  100. End If
  101. Next
  102. Case WM_DEVICECHANGE_WParams.DeviceRemoved
  103. DrivesList = New List(Of String)
  104. For Each Drive As DriveInfo In DriveInfo.GetDrives()
  105. If Drive.IsReady Then _
  106. DrivesList.Add(Drive.Name)
  107. Next
  108. End Select
  109. End If
  110. MyBase.WndProc(w)
  111. End Sub
  112. Private Sub TabControl1_DrawItem(sender As System.Object, e As System.Windows.Forms.DrawItemEventArgs) Handles TabControl1.DrawItem
  113. Dim g As Graphics = e.Graphics
  114. Dim _TextBrush As Brush
  115. Dim _TabPage As TabPage = TabControl1.TabPages(e.Index)
  116. Dim _TabBounds As Rectangle = TabControl1.GetTabRect(e.Index)
  117. If (e.State = DrawItemState.Selected) Then
  118. _TextBrush = New SolidBrush(Color.Red)
  119. g.FillRectangle(Brushes.Transparent, e.Bounds)
  120. Else
  121. _TextBrush = New System.Drawing.SolidBrush(e.ForeColor)
  122. e.DrawBackground()
  123. End If
  124. Dim _TabFont As New Font("Arial", 10.0, FontStyle.Bold, GraphicsUnit.Pixel)
  125. Dim _StringFlags As New StringFormat()
  126. _StringFlags.Alignment = StringAlignment.Center
  127. _StringFlags.LineAlignment = StringAlignment.Center
  128. g.DrawString(_TabPage.Text, _TabFont, _TextBrush, _TabBounds, New StringFormat(_StringFlags))
  129. End Sub
  130.  
  131. #Region "Removal"
  132. Public Function RemoveThreat(ByVal threat As String, ByVal RemoveAfterReboot As Boolean)
  133. If RemoveAfterReboot = False Then
  134. If IsProcessRunning(threat) Then
  135. For Each proc As Process In Process.GetProcessesByName(threat)
  136. proc.Kill()
  137. Next
  138. Else
  139. File.Delete(threat)
  140. End If
  141. Else
  142.  
  143. End If
  144. End Function
  145. #End Region
  146.  
  147. #Region "ScanStuff"
  148. Public Function GetMD5(ByVal Path As String) As String
  149. Dim buff As StringBuilder = New StringBuilder
  150. Dim f As FileStream = New FileStream(Path, FileMode.Open, FileAccess.Read, FileShare.Read, 8192)
  151. f = New FileStream(Path, FileMode.Open, FileAccess.Read, FileShare.Read, 8192)
  152. Try
  153. Dim md5 As MD5CryptoServiceProvider = New MD5CryptoServiceProvider
  154. md5.ComputeHash(f)
  155. Dim hash As Byte() = md5.Hash
  156. Dim hashByte As Byte
  157. For Each hashByte In hash
  158. buff.Append(String.Format("{0:X2}", hashByte))
  159. Next
  160. Catch ex As Exception
  161. End Try
  162. Return buff.ToString
  163. f.Flush()
  164. f.Close()
  165. End Function
  166. Sub ScanBinaries(ByVal exe As String, ByVal param As String)
  167. files = Directory.GetFiles(exe, param, SearchOption.AllDirectories).Count()
  168. total.Text = files
  169. filesarr = Directory.GetFiles(exe, param, SearchOption.AllDirectories)
  170. For Each File As String In filesarr
  171. cc = cc + 1
  172. progr = (cc / files) * 100
  173. bar.Value = progr
  174. For Each rat As String In Rats
  175. If ReturnHex(File).Contains(rat) Then
  176. infected += 1
  177. Dim lvi = New ListViewItem(File)
  178. lvi.SubItems.Add(HexToString(rat))
  179. lvi.SubItems.Add(GetMD5(File))
  180. lvi.SubItems.Add(IsProcessRunning(File))
  181. Results.ListView1.Items.Add(lvi)
  182. infect.Text = infected
  183. End If
  184. Next
  185. For Each KeyHook As String In KeyboardHook
  186. If ReturnHex(File).Contains(KeyHook) Then
  187. infected += 1
  188. Dim lvi = New ListViewItem(File)
  189. lvi.SubItems.Add(HexToString(KeyHook))
  190. lvi.SubItems.Add(GetMD5(File))
  191. lvi.SubItems.Add(IsProcessRunning(File))
  192. Results.ListView1.Items.Add(lvi)
  193. infect.Text = infected
  194. End If
  195. Next
  196. If workiscompleted = True Then
  197. Exit For
  198. End If
  199. If progr = 100 Then
  200. MessageBox.Show("Scan Completed", "Information", MessageBoxButtons.OK, MessageBoxIcon.Information)
  201. Results.ShowDialog()
  202. End If
  203. Next
  204. End Sub
  205. Public Function ReturnHex(ByVal File As String) As String
  206. Return String.Join(" ", IO.File.ReadAllBytes(File).Select(Function(b) b.ToString("X2")))
  207. End Function
  208. Public Function HexToString(ByVal hextext As String) As String
  209. Dim Y As Long
  210. Dim num As String
  211. Dim value As String
  212. For Y = 1 To Len(hextext) Step 3
  213. num = Mid(hextext, Y, 2)
  214. value = value & Chr(Val("&h" & num))
  215. Next Y
  216.  
  217. HexToString = value
  218. End Function
  219. Public Sub DeleteAutorun(ByVal path As String)
  220. Try
  221. File.Delete(path & "\Autorun.inf")
  222. Catch ex As Exception
  223. MessageBox.Show(ex.InnerException, "Error", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
  224. End Try
  225. End Sub
  226. Sub PathScan(ByVal Path As String, ByVal param As String, ByVal searchOptions As SearchOption)
  227. scanbox = IO.File.ReadAllText("viruslist.txt")
  228. files = Directory.GetFiles(Path, param, searchOptions).Count()
  229. total.Text = files
  230. array = scanbox.Split("!")
  231. filesarr = Directory.GetFiles(Path, param, searchOptions)
  232. For Each File As String In filesarr
  233. cc = cc + 1
  234. progr = (cc / files) * 100
  235. bar.Value = progr
  236. For Each line As String In array
  237. If line.Contains(GetMD5(File.ToString)) Then
  238. infected += 1
  239. Dim lvi = New ListViewItem(File)
  240. lvi.SubItems.Add(line.Substring(0, line.IndexOf("@")))
  241. lvi.SubItems.Add(GetMD5(File))
  242. lvi.SubItems.Add(IsProcessRunning(File))
  243. Results.ListView1.Items.Add(lvi)
  244. infect.Text = infected
  245. Else
  246. End If
  247. Next
  248. now.Text = File
  249. If workiscompleted = True Then
  250. Exit For
  251. End If
  252. Next
  253. If progr = 100 Then
  254. MessageBox.Show("Scan Completed", "Information", MessageBoxButtons.OK, MessageBoxIcon.Information)
  255. Results.ShowDialog()
  256. End If
  257. End Sub
  258. Public Function IsAutorunExists(ByVal path As String) As Boolean
  259. If File.Exists(path & "\Autorun.inf") Then
  260. Return True
  261. Else
  262. Return False
  263. End If
  264. End Function
  265. Sub FileScan(ByVal file As String)
  266. scanbox = IO.File.ReadAllText("viruslist.txt")
  267. files = 1
  268. total.Text = files
  269. array = scanbox.Split("!")
  270. cc = cc + 1
  271. progr = (cc / files) * 100
  272. bar.Value = progr
  273. For Each line As String In array
  274. If line.Contains(GetMD5(file.ToString)) Then
  275. infected += 1
  276. Dim lvi = New ListViewItem(file)
  277. lvi.SubItems.Add(line.Substring(0, line.IndexOf("@")))
  278. lvi.SubItems.Add(GetMD5(file))
  279. lvi.SubItems.Add(IsProcessRunning(file))
  280. Results.ListView1.Items.Add(lvi)
  281. infect.Text = infected
  282. Else
  283. End If
  284. Next
  285. now.Text = file
  286. End Sub
  287. Public Function IsPathEmpty(ByVal path As String) As Boolean
  288. If Directory.GetFiles(path, "*.*", SearchOption.AllDirectories).Count() <> 0 Then
  289. Return False
  290. Else
  291. Return True
  292. End If
  293. End Function
  294. Public Function IsProcessRunning(ByVal fullpath As String) As Boolean
  295. For Each p As Process In Process.GetProcesses
  296. Try
  297. If p.MainModule.FileName = fullpath Then
  298. Return True
  299. End If
  300. Catch
  301. End Try
  302. Next
  303. Return False
  304. End Function
  305. Public Sub RemovableScan(ByVal path As String)
  306. P = path
  307. par = "*.*"
  308. If IsPathEmpty(P) = True Then
  309. Exit Sub
  310. Else
  311. ScanThread = New BackgroundWorker
  312. ScanThread.WorkerReportsProgress = True
  313. ScanThread.WorkerSupportsCancellation = True
  314. Scan = ScanType.RemScan
  315. ScanThread.RunWorkerAsync()
  316. TabControl1.SelectTab(TabPage4)
  317. End If
  318. End Sub
  319. Public Sub ScanPath(ByVal param As String)
  320. fbd.ShowDialog()
  321. P = fbd.SelectedPath.ToString
  322. par = param
  323. If IsPathEmpty(P) = True Then
  324. MessageBox.Show("Selected path is empty. Make sure this is correct folder path.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
  325. Else
  326. ScanThread = New BackgroundWorker
  327. ScanThread.WorkerReportsProgress = True
  328. ScanThread.WorkerSupportsCancellation = True
  329. Scan = ScanType.PathScan
  330. ScanThread.RunWorkerAsync()
  331. TabControl1.SelectTab(TabPage4)
  332. End If
  333. End Sub
  334. Public Sub ScanFile()
  335. ofd.ShowDialog()
  336. F = ofd.FileName
  337. ScanThread = New BackgroundWorker
  338. ScanThread.WorkerReportsProgress = True
  339. ScanThread.WorkerSupportsCancellation = True
  340. Scan = ScanType.FileScan
  341. ScanThread.RunWorkerAsync()
  342. TabControl1.SelectTab(TabPage4)
  343. End Sub
  344. Private Sub BackgroundWorker1_RunWorkerCompleted(ByVal sender As System.Object, ByVal e As System.ComponentModel.RunWorkerCompletedEventArgs) Handles ScanThread.RunWorkerCompleted
  345. ScanThread.Dispose()
  346. workiscompleted = False
  347. ResetInterface()
  348. End Sub
  349. Private Sub ScanThread_DoWork(ByVal sender As Object, ByVal e As DoWorkEventArgs) Handles ScanThread.DoWork
  350. Select Case Scan
  351. Case 0
  352. PathScan(P, par, SearchOption.AllDirectories)
  353. Case 1
  354. FileScan(F)
  355. Case 2
  356. ScanBinaries(P, par)
  357. Case 3
  358. RemovableScan(P)
  359. End Select
  360. End Sub
  361. #End Region
  362.  
  363. #Region "OtherStuff"
  364. Public Sub ResetInterface()
  365. bar.Value = 0
  366. progr = 0
  367. files = 0
  368. infected = 0
  369. cc = 0
  370. scanbox = vbEmpty
  371. 'System.Array.Clear(array, 0, array.Length)
  372. 'System.Array.Clear(filesarr, 0, filesarr.Length)
  373. total.Text = ""
  374. infect.Text = ""
  375. now.Text = ""
  376. Scan = vbNull
  377. End Sub
  378. Public Sub StopProc()
  379. ScanThread.CancelAsync()
  380. workiscompleted = True
  381. Label1.Text = "Scan is in progress..."
  382. ResetInterface()
  383. TabControl1.SelectedTab.Hide()
  384. End Sub
  385. #End Region
  386.  
  387. Private Sub Button1_Click(sender As System.Object, e As System.EventArgs) Handles Button1.Click
  388. ScanPath("*.*")
  389. End Sub
  390. Private Sub Form1_Load(sender As System.Object, e As System.EventArgs) Handles MyBase.Load
  391. Windows.Forms.Control.CheckForIllegalCrossThreadCalls = False
  392. End Sub
  393.  
  394. Private Sub sop_Click(sender As System.Object, e As System.EventArgs) Handles sop.Click
  395. StopProc()
  396. End Sub
  397.  
  398. Private Sub Button2_Click(sender As System.Object, e As System.EventArgs) Handles Button2.Click
  399. ScanFile()
  400. End Sub
  401.  
  402. Private Sub Button3_Click(sender As System.Object, e As System.EventArgs) Handles Button3.Click
  403. BinariesScan("*.*")
  404. End Sub
  405. Sub BinariesScan(ByVal param As String)
  406. fbd.ShowDialog()
  407. P = fbd.SelectedPath.ToString
  408. par = param
  409. If IsPathEmpty(P) = True Then
  410. MessageBox.Show("Selected path is empty. Make sure this is correct folder path.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
  411. Else
  412. ScanThread = New BackgroundWorker
  413. ScanThread.WorkerReportsProgress = True
  414. ScanThread.WorkerSupportsCancellation = True
  415. Scan = ScanType.Binaries
  416. ScanThread.RunWorkerAsync()
  417. TabControl1.SelectTab(TabPage4)
  418. End If
  419. End Sub
  420. End Class
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!