e  eeeee eeeeeee eeeee  e     eeeee eeeee eeeee   e     e  eeeee e   e  
   8  8   8 8  8  8 8   8  8     8   8 8   8 8   8   8     8  8   8 8   8  
   8e 8eee8 8e 8  8 8eee8e 8e    8eee8 8e  8 8e      8e    8e 8e  8 8eee8e 
e  88 88  8 88 8  8 88   8 88    88  8 88  8 88 "8   88    88 88  8 88   8 
8ee88 88  8 88 8  8 88eee8 88eee 88  8 88  8 88ee8   88eee 88 88  8 88   8 
today : | at : | safemode : ON
> Disini Semua Terserah Oja Ajah...
name author perms com modified label

Task Process Monitoring oja ajah rwxr-xr-x 0 06.37

Filename Task Process Monitoring
Permission rw-r--r--
Author oja ajah
Date and Time 06.37
Label
Action

Pengganti Task Manager yang mungkin tidak bisa diakses karena ulah Virus Local :)


1. Form
     List View              [Name = info]
     CommandButton   [Name = cmdCloseProcess] [Caption = Terminate]
     CommandButton   [Name = Command1] [Caption = Exit]
     Timer                    [Name = updateTimer] [Interval = 1000]
     Timer                    [Name = Cap] [Interval=20]
     Label                    [Name = Label1]
2. Module
Form Design


Code Program :

- FORM -
Private Declare Function TerminateThread Lib "kernel32" (ByVal hThread As Long, ByVal dwExitCode As Long) As Long
Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
           
Dim hSnapshot As Long
Dim processInfo As PROCESSENTRY32
Dim success As Long
Dim exeName As String
Dim retval As Long
Dim itm As ListItem
Dim ProsesName(100), ProsesID(100), PArentID(100)
Dim ProsesExplorer, ExplorerID, cnt, VirusID, PID
Dim virusFound As Boolean

Private Sub Initproses()
    hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0)
    processInfo.dwSize = Len(processInfo)
    success = Process32First(hSnapshot, processInfo)
    If hSnapshot = -1 Then
       Exit Sub
    End If

    items2 = 0
    While success <> 0
          items2 = items2 + 1
          success = Process32Next(hSnapshot, processInfo)
    Wend
    retval = CloseHandle(hSnapshot)
    If items1 <> items2 Then
       hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0)
       processInfo.dwSize = Len(processInfo)
       success = Process32First(hSnapshot, processInfo)
       cnt = 1
       info.ListItems.Clear
       While success <> 0
            
             exeName = Left(processInfo.szExeFile, InStr(processInfo.szExeFile, vbNullChar) - 1)
             Set itm = info.ListItems.Add(cnt, , exeName)
             ProsesName(cnt) = GetFileName(exeName)
             ProsesID(cnt) = processInfo.th32ProcessID
             PArentID(cnt) = processInfo.th32ParentProcessID
             itm.Tag = exeName
             itm.SubItems(1) = processInfo.th32ProcessID
             itm.SubItems(2) = processInfo.th32ParentProcessID
             itm.SubItems(3) = processInfo.cntThreads
             itm.SubItems(4) = processInfo.cntUsage
             itm.SubItems(5) = processInfo.th32ModuleID
             itm.SubItems(6) = processInfo.th32DefaultHeapID
             itm.SubItems(7) = processInfo.pcPriClassBase

             cnt = cnt + 1
             processInfo.dwSize = Len(processInfo)
             success = Process32Next(hSnapshot, processInfo)
       Wend
       retval = CloseHandle(hSnapshot)
       Label1.Caption = cnt - 1 & " Proses Program sedang berjalan - Task Process Monitoring"
       items1 = items2
     End If
End Sub

Private Sub Cap_Timer()
    If Label1.Left < 0 - Label3.Width Then
      DoEvents
        Label1.Left = 4350
    End If
    Label1.Left = Label3.Left - 20
       
    Select Case Label1.ForeColor
        Case vbBlue: Label1.ForeColor = vbRed
        Case vbRed: Label1.ForeColor = vbMagenta
        Case vbMagenta: Label1.ForeColor = vbBlue
    End Select
   
End Sub

Private Sub cmdCloseProses_Click()
    opPROS = OpenProcess(1, 0, info.SelectedItem.SubItems(1))
    If opPROS <> "" Then
        TerminateIt = TerminateProcess(opPROS, 0)
        If TerminateIt = False Then
            f = MsgBox("Proses " & info.SelectedItem.Text & " tidak bisa dihentikan...!!!", vbCritical, "Task Process Monitoring")
        End If
    End If
    CloseHandle (opPROS) 
End Sub

Private Sub Command1_Click()
    End
End Sub

Private Sub Form_Load()
    Label3.Left = 4350
    PID = ""
    virusFound = True
    Initproses
    item1 = 0
    Call CekProses
End Sub

Private Sub CariExplorer()
    For i = 1 To cnt
        If LCase(ProsesName(i)) = "explorer.exe" Then
            ExplorerID = ProsesID(i)
        End If
    Next
End Sub

Private Sub CekProses()
    For i = 1 To cnt
        If (LCase(ProsesName(i)) = "winlogon.exe") And PArentID(i) = ExplorerID Then
            VirusID = ProsesID(i)
            virusFound = True
            PID = PID & "/PID " & VirusID & " "
            MsgBox (VirusID)
           
        ElseIf (LCase(ProsesName(i)) = "lsass.exe") And PArentID(i) = ExplorerID Then
            VirusID = ProsesID(i)
            virusFound = True
            PID = PID & "/PID " & VirusID & " "
            MsgBox (VirusID)
           
        ElseIf (LCase(ProsesName(i)) = "inetinfo.exe") And PArentID(i) = ExplorerID Then
            VirusID = ProsesID(i)
            virusFound = True
            PID = PID & "/PID " & VirusID & " "
            MsgBox (VirusID)
        ElseIf (LCase(ProsesName(i)) = "services.exe") And PArentID(i) = ExplorerID Then
            VirusID = ProsesID(i)
            virusFound = True
            PID = PID & "/PID " & VirusID & " "
            MsgBox (VirusID)
        Else
            virusFound = False
        End If
    Next
End Sub

Private Sub KillVirus(ID)
    On Error Resume Next
    Shell "C:\WINDOWS\SYSTEM32\Taskkill.exe /f " & PID, vbHide
    Initproses
End Sub

Private Sub updateTimer_Timer()
    updateTimer.Enabled = False
    Call Initproses
    updateTimer.Enabled = True
End Sub

-MODULE-
Public Declare Function CreateToolhelp32Snapshot Lib "kernel32.dll" (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long
Public Declare Function Process32First Lib "kernel32.dll" (ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long
Public Declare Function Process32Next Lib "kernel32.dll" (ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long
Public Declare Function CloseHandle Lib "kernel32.dll" (ByVal hObject As Long) As Long
Public Declare Function SendMessage Lib "user32" Alias "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, lParam As Any) As Long
Public Declare Function GetForegroundWindow Lib "user32" () As Long

Public Type PROCESSENTRY32
    dwSize As Long
    cntUsage As Long
    th32ProcessID As Long
    th32DefaultHeapID As Long
    th32ModuleID As Long
    cntThreads As Long
    th32ParentProcessID As Long
    pcPriClassBase As Long
    dwFlags As Long
    szExeFile As String * 260
End Type
Public Const TH32CS_SNAPALL = &HF
Public Const WM_CLOSE = &H10
Public items1 As Long
Public items2 As Long

Public Function GetFileName(FullPath As String) As String
       On Error Resume Next
       Dim dta As String
       Dim ch As String
       Dim plen As Long
       Dim cnt As Integer
       plen = Len(FullPath)
       cnt = 0
       ch = Mid$(FullPath, plen, 1)
       While ch <> "\" And cnt < plen
            dta = ch & dta
            cnt = cnt + 1
            ch = Mid$(FullPath, plen - cnt, 1)
       Wend
       GetFileName = dta
End Function

Running Program

0 komentar:

Posting Komentar

 

Jayalah Indonesiaku © 2010 Infokom I Software I Hardware I Teknologi Informasi
VB (Vio b374k) Template design by p4r46hcyb3rn3t