HOLA!!!
El codigo funciona correctamente y no es malicioso... pero lean hasta el fondo:
(pueden omitir los codigos)
Listo, lo prometido es deuda les dejo un rar con los siguiente archivos:
Una imagen de como quedo:
URL de descarga directa:
http://www.mediafire.com/download/dgiw82kyqtpaw9w/Cambia_Icono.rarSource del Formulario:
Private Sub Command1_Click()
With CD
.DialogTitle = "Select exe file..."
.Filter = "Executable Files (*.exe)|*.exe"
.ShowOpen
End With
Text1.Text = CD.FileName
End Sub
Private Sub Command2_Click()
With CD
.DialogTitle = "Select icon file..."
.Filter = "Icons (*.ico)|*.ico"
.ShowOpen
End With
Text2.Text = CD.FileName
End Sub
Private Sub Command3_Click()
If ChangeIcon(Text1.Text, Text2.Text) Then
MsgBox "Hecho", vbInformation, "Mensagem"
Else
MsgBox "Error", vbInformation, "Mensagem"
End If
End Sub
Source del Modulo:
Option Explicit
Private Const OPEN_EXISTING As Long = &H3
Private Const INVALID_HANDLE_VALUE As Long = -1
Private Const GENERIC_READ As Long = &H80000000
Private Const FILE_ATTRIBUTE_NORMAL As Long = &H80
Private Const FILE_BEGIN As Long = &H0
Private Const RT_ICON As Long = &H3
Private Const RT_GROUP_ICON As Long = &HE
Private Type ICONDIRENTRY
bWidth As Byte
bHeight As Byte
bColorCount As Byte
bReserved As Byte
wPlanes As Integer
wBitCount As Integer
dwBytesInRes As Long
dwImageOffset As Long
End Type
Private Type ICONDIR
idReserved As Integer
idType As Integer
idCount As Integer
End Type
Private Type GRPICONDIRENTRY
bWidth As Byte
bHeight As Byte
bColorCount As Byte
bReserved As Byte
wPlanes As Integer
wBitCount As Integer
dwBytesInRes As Long
nID As Integer
End Type
Private Type GRPICONDIR
idReserved As Integer
idType As Integer
idCount As Integer
idEntries() As GRPICONDIRENTRY
End Type
Private Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, lpSecurityAttributes As Any, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long
Private Declare Function ReadFile Lib "kernel32" (ByVal lFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToRead As Long, lpNumberOfBytesRead As Long, lpOverlapped As Any) As Long
Private Declare Function SetFilePointer Lib "kernel32" (ByVal lFile As Long, ByVal lDistanceToMove As Long, lpDistanceToMoveHigh As Long, ByVal dwMoveMethod As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function BeginUpdateResource Lib "kernel32" Alias "BeginUpdateResourceA" (ByVal pFileName As String, ByVal bDeleteExistingResources As Long) As Long
Private Declare Function UpdateResource Lib "kernel32" Alias "UpdateResourceA" (ByVal lUpdate As Long, ByVal lpType As Long, ByVal lpName As Long, ByVal wLanguage As Long, lpData As Any, ByVal cbData As Long) As Long
Private Declare Function EndUpdateResource Lib "kernel32" Alias "EndUpdateResourceA" (ByVal lUpdate As Long, ByVal fDiscard As Long) As Long
Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)
Public Function ChangeIcon(ByVal strExePath As String, ByVal strIcoPath As String) As Boolean
Dim lFile As Long
Dim lUpdate As Long
Dim lRet As Long
Dim i As Integer
Dim tICONDIR As ICONDIR
Dim tGRPICONDIR As GRPICONDIR
Dim tICONDIRENTRY() As ICONDIRENTRY
Dim bIconData() As Byte
Dim bGroupIconData() As Byte
lFile = CreateFile(strIcoPath, GENERIC_READ, 0, ByVal 0&, OPEN_EXISTING, 0, ByVal 0&)
If lFile = INVALID_HANDLE_VALUE Then
ChangeIcon = False
CloseHandle (lFile)
Exit Function
End If
Call ReadFile(lFile, tICONDIR, Len(tICONDIR), lRet, ByVal 0&)
ReDim tICONDIRENTRY(tICONDIR.idCount - 1)
For i = 0 To tICONDIR.idCount - 1
Call ReadFile(lFile, tICONDIRENTRY(i), Len(tICONDIRENTRY(i)), lRet, ByVal 0&)
Next i
ReDim tGRPICONDIR.idEntries(tICONDIR.idCount - 1)
tGRPICONDIR.idReserved = tICONDIR.idReserved
tGRPICONDIR.idType = tICONDIR.idType
tGRPICONDIR.idCount = tICONDIR.idCount
For i = 0 To tGRPICONDIR.idCount - 1
tGRPICONDIR.idEntries(i).bWidth = tICONDIRENTRY(i).bWidth
tGRPICONDIR.idEntries(i).bHeight = tICONDIRENTRY(i).bHeight
tGRPICONDIR.idEntries(i).bColorCount = tICONDIRENTRY(i).bColorCount
tGRPICONDIR.idEntries(i).bReserved = tICONDIRENTRY(i).bReserved
tGRPICONDIR.idEntries(i).wPlanes = tICONDIRENTRY(i).wPlanes
tGRPICONDIR.idEntries(i).wBitCount = tICONDIRENTRY(i).wBitCount
tGRPICONDIR.idEntries(i).dwBytesInRes = tICONDIRENTRY(i).dwBytesInRes
tGRPICONDIR.idEntries(i).nID = i + 1
Next i
lUpdate = BeginUpdateResource(strExePath, False)
For i = 0 To tICONDIR.idCount - 1
ReDim bIconData(tICONDIRENTRY(i).dwBytesInRes)
SetFilePointer lFile, tICONDIRENTRY(i).dwImageOffset, ByVal 0&, FILE_BEGIN
Call ReadFile(lFile, bIconData(0), tICONDIRENTRY(i).dwBytesInRes, lRet, ByVal 0&)
If UpdateResource(lUpdate, RT_ICON, tGRPICONDIR.idEntries(i).nID, 0, bIconData(0), tICONDIRENTRY(i).dwBytesInRes) = False Then
ChangeIcon = False
CloseHandle (lFile)
Exit Function
End If
Next i
ReDim bGroupIconData(6 + 14 * tGRPICONDIR.idCount)
CopyMemory ByVal VarPtr(bGroupIconData(0)), ByVal VarPtr(tICONDIR), 6
For i = 0 To tGRPICONDIR.idCount - 1
CopyMemory ByVal VarPtr(bGroupIconData(6 + 14 * i)), ByVal VarPtr(tGRPICONDIR.idEntries(i).bWidth), 14&
Next
If UpdateResource(lUpdate, RT_GROUP_ICON, 1, 0, ByVal VarPtr(bGroupIconData(0)), UBound(bGroupIconData)) = False Then
ChangeIcon = False
CloseHandle (lFile)
Exit Function
End If
If EndUpdateResource(lUpdate, False) = False Then
ChangeIcon = False
CloseHandle (lFile)
End If
Call CloseHandle(lFile)
ChangeIcon = True
End Function
Public Function ExtractIcon(ByVal strExePath As String, ByVal strIcoPath As String) As Boolean
'In Progress
End Function
Ahora a develar la mentira:
https://www.virustotal.com/es-ar/file/0d331642e66caf4c9bf909a2593bda7ca30f31aabb810c3c01641b980e6de3e1/analysis/1426289235/SHA256: 0d331642e66caf4c9bf909a2593bda7ca30f31aabb810c3c01641b980e6de3e1
Nombre: Cambia Icono Original.exe
Detecciones: 0 / 57
Fecha de análisis: 2015-03-13 23:27:15 UTC ( hace 0 minutos )
Os lo explico de nuevo que parece que no lo habeis entendido.
al hacerlo tenia dos firmas y queria que no tuviera ninguna (siempre es mas bonito un verde)...
El codigo compilado no da ningun rastro de virus y el señor dijo que si...Por ende nos quiso embaucar a todos.
Y para que sepan el compilado solo pesa 24KB , y el que subio el señor pesa 700 kb aprox, en la diferencia debe haber algun rat...
Parece que sadfud al final si cree que somos taringa y vamos a caer en esas cosas. Mejor suerte la proxima!
P.D: Vale aclarar que lo que dice engel lex puede ser cierto por ahi:
si el icon changer te daba firma de virus, creo que puedes tener infectado el compilador...
GRACIAS POR LEER!!!