#include #ras.asm -- shows a basic RAS (remote access service) app to monitor a DUN (dial up networking) #connection.On creation the app is set up to work from the tray(see tray.asm #for details on this) A seperate thread is created to monitor the opening #and closing of a RAS connection. Event objects are setup to be signalled #when these events occur. These times (connection time and disconnection time) #are noted in a file(dun.log). This is the base from which any kind of stats #can be generated (datewise, monthwise etc) #Note that this example tries to handle the situation of an abnormal shutdown #during a session. If this happens the disconnect time will not be noted #and any analysis procedure will have to provide for this #A possible way to handle this could be to start a timer on connection and #note the time in a temp file at regular intervals( say a minute).A normal disconnection #should result in the deletion of this file. If this file exists on startup #it means an abnormal shutdown has occured and the time this file contains #can be transferred to the log. So the max error will be the timer interval #chosen. This is what I have done #This program generally works ok and I use it myself. But there have some occaisions when #the connect/disconnect time is not noted correctly -- though the session and cumulative #times are correct. I havn't been able yet to catch this bug (not tried very hard either !) #Yes EP IS easy to use and one can be very productive using it #Please drop me an email for any clarifications,suggestions,comments begin imports #many frequently used functions are here [Kernel32.dll] DeleteFileA ResetEvent GetLocalTime GetLastError WaitForSingleObject CreateEventA GetModuleHandleA GetCommandLineA LoadLibraryA ExitProcess GlobalAlloc GlobalSize GlobalFree GlobalReAlloc Sleep HeapCreate HeapAlloc HeapFree CreateFileA ReadFile WriteFile CloseHandle GetFileSize CreateThread CreateProcessA SuspendThread ResumeThread ExitThread TerminateThread [user32.dll] KillTimer SetTimer RegisterClassExA CreateWindowExA ShowWindow UpdateWindow DefWindowProcA GetMessageA TranslateMessage DispatchMessageA SendMessageA LoadCursorA LoadIconA LoadMenuA BeginPaint EndPaint DrawTextA GetClientRect PostQuitMessage MessageBoxA SetForegroundWindow SetActiveWindow BringWindowToTop FindWindowA DestroyWindow PostMessageA CreatePopupMenu AppendMenuA SetMenu CreateMenu GetCursorPos TrackPopupMenu SetFocus [gdi32.dll] CreateFontIndirectA Rectangle CreateSolidBrush SelectObject SetBkMode ExtFloodFill CreatePen SetTextColor [comctl32.dll] InitCommonControls [shell32.dll] Shell_NotifyIcon [comdlg32.dll] GetOpenFileNameA GetSaveFileNameA [rasapi32.dll] RasConnectionNotificationA RasEnumConnectionsA RasGetConnectStatusA [rnaui.dll] RnaDial [crtdll.dll] fopen fclose fgets fputs fgetc fputc feof malloc realloc free fread fwrite fprintf fscanf _itoa memcpy memcmp memmove memset sprintf atoi strcpy strstr strncat end imports #-----------------Constants---------------------------------------------- begin const #many commonly used constants are here SW_HIDE 0 SW_SHOW 5 WS_CHILD 1073741824 WS_VISIBLE 268435456 WS_BORDER 8388608 WS_HSCROLL 1048576 WS_VSCROLL 2097152 WS_CAPTION 12582912 WS_CHILDWINDOW 1073741824 WS_OVERLAPPEDWINDOW 13565952 WS_POPUPWINDOW 2156396544 WS_SYSMENU 524288 WS_CLIENTEDGE 512 WS_MINIMIZEBOX 131072 WS_MAXIMIZEBOX 65536 WS_SIZEBOX 262144 WM_CREATE 1 WM_COPY 769 WM_CUT 768 WM_PASTE 770 WM_CLOSE 16 WM_COMMAND 273 WM_DESTROY 2 WM_ENABLE 10 WM_GETTEXT 13 WM_GETTEXTLENGTH 14 WM_INITDIALOG 272 WM_INITMENU 278 WM_KEYDOWN 256 WM_KEYUP 257 WM_KILLFOCUS 8 WM_LBUTTONDBLCLK 515 WM_LBUTTONDOWN 513 WM_LBUTTONUP 514 WM_MOVE 3 WM_NOTIFY 78 WM_PAINT 15 WM_ACTIVATE 6 WM_QUIT 18 WM_RBUTTONDBLCLK 518 WM_RBUTTONDOWN 516 WM_RBUTTONUP 517 WM_SETFOCUS 7 WM_SETFONT 48 WM_SETTEXT 12 WM_SIZE 5 WM_TIMER 275 WM_UNDO 772 WM_ICONNOTIFY 1135 BS_AUTOCHECKBOX 3 BS_AUTORADIOBUTTON 9 BS_GROUPBOX 7 LB_ADDSTRING 384 LB_RESETCONTENT 388 LB_SELECTSTRING 396 LB_SETTOPINDEX 407 LBS_HASSTRINGS 64 DT_SINGLELINE 32 DT_CENTER 1 DT_VCENTER 4 DT_BOTTOM 8 IDI_APPLICATION 32512 IDC_CROSS 32515 ES_AUTOVSCROLL 64 ES_AUTOHSCROLL 128 ES_MULTILINE 4 ES_WANTRETURN 4096 ES_LEFT 0 ES_NOHIDESEL 256 EN_MSGFILTER 1792 EN_CHANGE 768 ENM_MOUSEEVENTS 131072 ENM_SELCHANGE 524288 ENM_PROTECTED 2097152 ENM_KEYEVENTS 65536 ENM_UPDATE 2 ENM_SCROLL 4 ENM_CHANGE 1 EM_STREAMIN 1097 EM_STREAMOUT 1098 EM_GETFIRSTVISIBLELINE 206 EM_FINDTEXTEX 1103 EM_LINEFROMCHAR 201 EM_LINESCROLL 182 EM_SETLIMITTEXT 197 EM_SETEVENTMASK 1093 MF_ENABLED 0 MF_BYPOSITION 1024 MF_SEPARATOR 2048 MF_STRING 0 MF_POPUP 16 MF_DISABLED 2 MF_BYCOMMAND 0 GENERIC_READ 2147483648 GENERIC_WRITE 1073741824 OPEN_EXISTING 3 FILE_ATTRIBUTE_NORMAL 128 GMEM_ZEROINIT 64 SFF_SELECTION 32768 SFF_PLAINRTF 16384 SF_TEXT 1 SF_RTF 2 CB_ADDSTRING 323 CB_DELETESTRING 324 CB_GETCOUNT 326 CB_GETLBTEXT 328 CB_GETLBTEXTLEN 329 CB_INSERTSTRING 330 CB_RESETCONTENT 331 CB_GETCURSEL 327 CB_SETCURSEL 334 CB_FINDSTRINGEXACT 344 CBS_DROPDOWN 2 CBS_DROPDOWNLIST 3 CBS_HASSTRINGS 512 CBS_SORT 256 CBS_SIMPLE 1 CBN_DROPDOWN 7 CBN_SELENDOK 9 CBN_SELCHANGE 1 CBN_CLOSEUP 8 OFN_EXPLORER 524288 OFN_HIDEREADONLY 4 OFN_LONGNAMES 2097152 OFN_PATHMUSTEXIST 2048 HEAP_ZERO_MEMORY 8 MB_ICONASTERISK 64 RASCN_Connection 1 RASCN_Disconnection 2 NIF_ICON 2 NIM_ADD 0 NIM_DELETE 2 SIZE_MINIMIZED 1 NIF_MESSAGE 1 NIF_TIP 4 WM_LBUTTONDBLCLK 515 IDYES 6 NIM_MODIFY 1 WM_TIMNOTIFY 1136 IDNO 7 LB_SETTOPINDEX 407 LB_GETCOUNT 395 end const #-----------------Data Section------------------------------------------- #some useful predefined variables are here begin data dword hwndMain 0 string Class Window dword hInstance 0 string ClassName WinClass string AppName Windows Template ! string MenuName Menu string btn button string text Edit string combo combobox string list listbox string label static string dishnet Dishnet string colon : dword quit 0 string font1 ms sans serif string font2 Courier New sequence fon1 60 sequence fon2 60 dword hfont1 0 dword hfont2 0 string systray A basic DUN Monitoring Tool -- using EP string ofnfilter All Files string read r string write w string readb rb string writeb wb string append a string WindowCaption A basic DUN Monitoring Tool -- using EP string ab About ... string ab1 MyApp Version 1.0 string ab2 by .... string ab3 ---------------------------------------------------- string spc string spc6 dword hmenu 0 dword hfilemenu 0 dword heditmenu 0 dword hviewmenu 0 dword hhelpmenu 0 string fmenu &File string new &New string open &Open string show &Show ISP Log string hyphen - string exit E&xit string pmenu &Help string about &About ... sequence buffer 256 sequence buf 48 sequence listbuf 48 sequence icobuf 24 sequence pt 8 dword hlist 0 dword hlist1 0 dword hcombo1 0 sequence blank 1 dword CommandLine 0 dword hmem 0 sequence wndclass 16 sequence msg 28 sequence ibuf 32 dword mem 0 string dash - dword rasconn 0 dword lpcb 0 dword lpcConnections 0 dword heap 0 dword hEvent 0 dword hEventD 0 string connected C string disconnected D sequence SysTime 16 sequence SysTime2 16 string dunlog dun.log dword date 0 dword hour 0 dword minute 0 dword second 0 dword year 0 dword month 0 sequence asci 16 sequence dummy 16 sequence timeString 128 string spcs sequence nidata 128 dword hicon 0 sequence threadid 4 dword exitT 0 sequence lbuffer 256 string sess Session sequence ttime 4 string cml Cumulative string ttfile tt.dat string telfile ttel.dat string tellog telco.log string calls Calls sequence teltime 4 string showtel Show &Telco Log string reset &Reset ISP Log string resisp Do you want to reset the ISP log ? string restel Do you want to reset the Telco log ? string resettel Reset Tel&co Log dword tooltip 0 sequence timer 4 dword timr 0 string timerf timer.dat string intpsess Intpd Session string intcalls Intpd. Calls string stopmon Do you want to stop monitoring the DUN connection ? dword dataend 4294967295 end data #------------------------------------------------------------------------- begin code #the real code begin here ! proc NumToAsci dword n #to convert an integer to asci dword p 0 push ebp mov ebp esp add esp -16 invoke memset asci 0 16 #asci is the dest string 16 bytes long mov edi asci add edi 16 mov eax [n] mov eax n mov ecx 10 str_begin: cmp eax ecx jl str_exit xor edx edx div ecx or edx 48 mov [edi] dl dec edi jmp str_begin str_exit: or eax 48 mov [edi] al mov eax edi str_out: leave ret 4 endp #------------------------------------------------------------------------ proc strlen dword q push ebp mov ebp esp mov edi [q] mov eax 0 mov ecx 0 cld search_loop: inc ecx scasb jne search_loop dec ecx mov eax ecx leave ret 4 endp #------------------------------------------------------------------------ proc ShowLog dword flag dword fn 0 dword n 0 push ebp mov ebp esp add esp -48 invoke SendMessageA hlist {LB_RESETCONTENT} 0 0 invoke memset lbuffer 0 256 if flag=1 fn=fopen dunlog read endif if flag=2 fn=fopen tellog read endif if fn=0 jmp cfout endif fnloop1: invoke memset buffer 0 256 invoke fgets buffer 256 fn invoke feof fn cmp eax 0 jne cfname n=strlen buffer edi=buffer add edi n dec edi [edi]=0 dec edi [edi]=0 invoke SendMessageA hlist {LB_ADDSTRING} 0 buffer jmp fnloop1 cfname: invoke fclose fn invoke SendMessageA hlist {LB_GETCOUNT} 0 0 sub eax 22 invoke SendMessageA hlist {LB_SETTOPINDEX} eax 0 cfout: leave ret 4 endp #---------------------------------------------------------------------------------------------- proc CalcTimeInterval dword x #this proc is called when the connection is closed to calculate the session #time immediatly. Just to save time when a lot of entries have to be analysed #It basically calculates the no. of seconds from 2000 beginning to the time #of interest . The year, month, date etc vars contain the disconnect time to #start with dword n 0 dword SecondsToTime1 0 dword SecondsToTime2 0 dword leapyear 0 push ebp mov ebp esp add esp -48 leapyear=0 eax=year sub eax 2000 #2000 is taken as the starting year ecx=31536000 #No. of seconds in an year mul ecx SecondsToTime1=eax eax=year sub eax 2000 dec eax edx=0 ecx=4 div ecx if edx=3 leapyear=1 endif if edx=0 ecx=86400 #No. of seconds in a day mul ecx #eax contains no. of leap years --add a day's quota of seconds for each year (2000 was a leap year too but it's extra day is ignored as anyway it would cancel out when we subtract time1 from time2) add SecondsToTime1 eax endif eax=month ecx=86400 if eax=2 #feb eax=31 #for each month this is the no. of days to it's beginning endif if eax=3 #march eax=59 endif if eax=4 #april eax=90 endif if eax=5 eax=120 endif if eax=6 eax=151 endif if eax=7 eax=181 endif if eax=8 eax=212 endif if eax=9 eax=243 endif if eax=10 eax=273 endif if eax=11 eax=304 endif if eax=12 #december eax=334 endif if leapyear=1 if month > 2 add eax 86400 endif endif mul ecx #multiply no. of days by seconds /day add SecondsToTime1 eax eax=date #current date dec eax #reduce 1 to get no. of complete (24 hr days) before this date mul ecx add SecondsToTime1 eax eax=hour ecx=3600 #seconds/hr mul ecx add SecondsToTime1 eax eax=minute ecx=60 mul ecx add SecondsToTime1 eax eax=second add SecondsToTime1 eax eax=[SysTime2] #the connection time stored earlier and eax 65535 year=eax eax=[SysTime2+2] and eax 65535 month=eax eax=[SysTime2+6] and eax 65535 date=eax eax=[SysTime2+8] and eax 65535 hour=eax eax=[SysTime2+10] and eax 65535 minute=eax eax=[SysTime2+12] and eax 65535 second=eax leapyear=0 #these instructions are similar to those at the beginning eax=year #and could/should have been put into a seperate function sub eax 2000 #instead of repeating them (for the programming purist) ecx=31536000 mul ecx SecondsToTime2=eax eax=year sub eax 2000 dec eax edx=0 ecx=4 div ecx if edx=3 leapyear=1 endif if edx=0 ecx=86400 mul ecx add SecondsToTime2 eax endif eax=month ecx=86400 if eax=2 eax=31 endif if eax=3 eax=59 endif if eax=4 eax=90 endif if eax=5 eax=120 endif if eax=6 eax=151 endif if eax=7 eax=181 endif if eax=8 eax=212 endif if eax=9 eax=243 endif if eax=10 eax=273 endif if eax=11 eax=304 endif if eax=12 eax=334 endif if leapyear=1 if month > 2 add eax 86400 endif endif mul ecx add SecondsToTime2 eax eax=date dec eax mul ecx add SecondsToTime2 eax eax=hour ecx=3600 mul ecx add SecondsToTime2 eax eax=minute ecx=60 mul ecx add SecondsToTime2 eax eax=second add SecondsToTime2 eax eax=SecondsToTime1 #total time interval in seconds --the session time sub eax SecondsToTime2 leave ret 4 endp #-------------------------------------------------------------------------------------------- proc NoteEventTime dword flag #to extract year, month, date etc from SYSTEMTIME struct, arrange into #an ascii string and write to dun.log dword n 0 dword st 0 dword fn 0 dword hrs 0 dword min 0 dword sec 0 dword session 0 dword fn1 0 dword fn2 0 dword fn3 0 dword numcalls 0 push ebp mov ebp esp add esp -180 invoke memset timeString 0 128 invoke GetLocalTime SysTime if flag=1 invoke GetLocalTime SysTime2 #store for time interval calculation endif eax=[SysTime] #the vars in the SYSTEMTIME struct are word sized and eax 65535 #that's why this has to be done to 0 out the unnecessary year=eax #portion to extract the relevant one. same applies below eax=[SysTime+2] and eax 65535 month=eax eax=[SysTime+6] and eax 65535 date=eax eax=[SysTime+8] and eax 65535 hour=eax eax=[SysTime+10] and eax 65535 minute=eax eax=[SysTime+12] and eax 65535 second=eax if flag=1 invoke strncat timeString connected 4 endif if flag=2 invoke strncat timeString disconnected 4 endif st=NumToAsci year invoke strncat timeString st 8 invoke strncat timeString dash 4 st=NumToAsci month invoke strncat timeString st 8 invoke strncat timeString dash 4 st=NumToAsci date invoke strncat timeString st 8 invoke strncat timeString spcs 4 st=NumToAsci hour invoke strncat timeString st 8 invoke strncat timeString colon 4 st=NumToAsci minute invoke strncat timeString st 8 invoke strncat timeString colon 4 st=NumToAsci second invoke strncat timeString st 8 fn=fopen dunlog append invoke fputs timeString fn invoke fputc 13 fn invoke fputc 10 fn fn2=fopen tellog append invoke fputs timeString fn2 invoke fputc 13 fn2 invoke fputc 10 fn2 if flag=2 invoke memset timeString 0 128 invoke CalcTimeInterval 0 session=eax ecx=60 edx=0 div ecx sec=edx edx=0 div ecx min=edx hrs=eax invoke strncat timeString sess 24 st=NumToAsci hrs invoke strncat timeString st 8 invoke strncat timeString colon 4 st=NumToAsci min invoke strncat timeString st 8 invoke strncat timeString colon 4 st=NumToAsci sec invoke strncat timeString st 8 invoke fputs timeString fn invoke fputc 13 fn invoke fputc 10 fn fn1=fopen ttfile readb if eax=0 jmp first endif invoke fread ttime 1 4 fn1 invoke fclose fn1 first: eax=[ttime] add eax session [ttime]=eax fn1=fopen ttfile writeb invoke fwrite ttime 1 4 fn1 invoke fclose fn1 invoke memset timeString 0 128 eax=[ttime] ecx=60 edx=0 div ecx sec=edx edx=0 div ecx min=edx hrs=eax invoke strncat timeString cml 24 st=NumToAsci hrs invoke strncat timeString st 8 invoke strncat timeString colon 4 st=NumToAsci min invoke strncat timeString st 8 invoke strncat timeString colon 4 st=NumToAsci sec invoke strncat timeString st 8 invoke fputs timeString fn invoke fputc 13 fn invoke fputc 10 fn invoke fputc 13 fn invoke fputc 10 fn eax=session add eax 45 #approx 45 seconds between telco connection start and isp connection start which is what Windows informs us edx=0 ecx=180 #180 seconds ie 3 minutes is 1 call in my location div ecx if edx<>0 inc eax endif numcalls=eax invoke memset timeString 0 128 invoke strncat timeString calls 24 st=NumToAsci numcalls invoke strncat timeString st 8 invoke fputs timeString fn2 invoke fputc 13 fn2 invoke fputc 10 fn2 fn3=fopen telfile readb if eax=0 jmp next endif invoke fread teltime 1 4 fn3 invoke fclose fn3 next: eax=[teltime] add eax numcalls [teltime]=eax fn3=fopen telfile writeb invoke fwrite teltime 1 4 fn3 invoke fclose fn3 invoke memset timeString 0 128 invoke strncat timeString cml 24 eax=[teltime] st=NumToAsci eax invoke strncat timeString st 8 invoke fputs timeString fn2 invoke fputc 13 fn2 invoke fputc 10 fn2 invoke fputc 13 fn2 invoke fputc 10 fn2 endif invoke fclose fn invoke fclose fn2 leave ret 4 endp #--------------------------------------------------------------------------------------------- proc CheckIntpdTime dword x #At statup this proc checks if the previous session was interuppted #(a non zero value in timer.dat shows this). If so it will use the value #in timer.dat to calculate the session time and make the necessary entries #in the log files similar to NoteEventTime. It will set timer.dat to 0. #Since the timer is set to note the cumulative session time every 60 secs #this will be the max. inaccuracy in case of a sudden interruption dword n 0 dword st 0 dword fn 0 dword hrs 0 dword min 0 dword sec 0 dword session 0 dword fn1 0 dword fn2 0 dword fn3 0 dword numcalls 0 push ebp mov ebp esp add esp -180 invoke memset timeString 0 128 fn=fopen timerf readb if fn=0 jmp ntpd_exit endif invoke fread timer 1 4 fn invoke fclose fn eax=timer eax=[eax] if eax=0 jmp ntpd_exit endif fn=fopen dunlog append fn2=fopen tellog append eax=timer eax=[eax] session=eax ecx=60 edx=0 div ecx sec=edx edx=0 div ecx min=edx hrs=eax invoke strncat timeString intpsess 24 st=NumToAsci hrs invoke strncat timeString st 8 invoke strncat timeString colon 4 st=NumToAsci min invoke strncat timeString st 8 invoke strncat timeString colon 4 st=NumToAsci sec invoke strncat timeString st 8 invoke fputs timeString fn invoke fputc 13 fn invoke fputc 10 fn fn1=fopen ttfile readb if eax=0 jmp first1 endif invoke fread ttime 1 4 fn1 invoke fclose fn1 first1: eax=[ttime] add eax session [ttime]=eax fn1=fopen ttfile writeb invoke fwrite ttime 1 4 fn1 invoke fclose fn1 invoke memset timeString 0 128 eax=[ttime] ecx=60 edx=0 div ecx sec=edx edx=0 div ecx min=edx hrs=eax invoke strncat timeString cml 24 st=NumToAsci hrs invoke strncat timeString st 8 invoke strncat timeString colon 4 st=NumToAsci min invoke strncat timeString st 8 invoke strncat timeString colon 4 st=NumToAsci sec invoke strncat timeString st 8 invoke fputs timeString fn invoke fputc 13 fn invoke fputc 10 fn invoke fputc 13 fn invoke fputc 10 fn eax=session add eax 45 edx=0 ecx=180 div ecx if edx<>0 inc eax endif numcalls=eax invoke memset timeString 0 128 invoke strncat timeString intcalls 24 st=NumToAsci numcalls invoke strncat timeString st 8 invoke fputs timeString fn2 invoke fputc 13 fn2 invoke fputc 10 fn2 fn3=fopen telfile readb if eax=0 jmp next1 endif invoke fread teltime 1 4 fn3 invoke fclose fn3 next1: eax=[teltime] add eax numcalls [teltime]=eax fn3=fopen telfile writeb invoke fwrite teltime 1 4 fn3 invoke fclose fn3 invoke memset timeString 0 128 invoke strncat timeString cml 24 eax=[teltime] st=NumToAsci eax invoke strncat timeString st 8 invoke fputs timeString fn2 invoke fputc 13 fn2 invoke fputc 10 fn2 invoke fputc 13 fn2 invoke fputc 10 fn2 invoke fclose fn invoke fclose fn2 eax=timer [eax]=0 fn=fopen timerf writeb invoke fwrite timer 1 4 fn invoke fclose fn ntpd_exit: leave ret 4 endp #--------------------------------------------------------------------------------------------- proc CheckRAS dword x dword n 0 dword fn 0 push ebp mov ebp esp add esp -48 invoke WaitForSingleObject hEvent -1 #wait for connection event if eax=0 #0 means connected timr=0 eax=timer [eax]=0 invoke SetTimer hwndMain 2 60000 0 invoke SetTimer hwndMain 1 1000 0 invoke NoteEventTime 1 #note connection time invoke WaitForSingleObject hEventD -1 #wait for disconnection event if eax=0 #0 means disconnected invoke NoteEventTime 2 #note disconnection time endif invoke CalcTimeInterval 0 #calculate session time and note it invoke ResetEvent hEvent #reset events for detection invoke ResetEvent hEventD invoke KillTimer hwndMain 1 invoke KillTimer hwndMain 2 timr=0 eax=timer [eax]=0 fn=fopen timerf writeb invoke fwrite timer 1 4 fn invoke fclose fn invoke strcpy tooltip systray #tool tip string invoke Shell_NotifyIcon {NIM_MODIFY} nidata endif invoke CheckRAS 0 #recursion to continue wait for next connection leave ret 4 endp #------------------------------------------------------------------------ proc WndProc dword hwnd dword msg dword wparam dword lparam dword fn 0 dword hdc 4 sequence ps 64 sequence rect 16 dword ordata 0 dword n 0 dword m 0 dword x 0 dword y 0 dword hrs 0 dword min 0 dword sec 0 dword st 0 sequence pt 8 push ebp mov ebp esp add esp -180 cmp msg {WM_CREATE} je wmcreate cmp msg {WM_PAINT} je wmpaint cmp msg {WM_COMMAND} je wmcommand cmp msg {WM_SIZE} je wmsize cmp msg {WM_TIMER} je wmtimer cmp msg {WM_ICONNOTIFY} je wmiconnotify cmp msg {WM_CLOSE} je wmclose cmp msg {WM_DESTROY} jne default invoke Shell_NotifyIcon {NIM_DELETE} nidata #delete systray icon on exit push 0 call PostQuitMessage jmp exit wmclose: invoke MessageBoxA hwnd stopmon WindowCaption 4 if eax={IDNO} invoke ShowWindow hwnd 0 jmp exit endif invoke SendMessageA hwnd {WM_DESTROY} 0 0 jmp exit wmcreate: mov eax {WS_CHILD} or eax {WS_BORDER} or eax {WS_VISIBLE} or eax {WS_VSCROLL} ordata= eax invoke CreateWindowExA 0 list blank ordata 0 0 240 355 hwnd 0 hInstance 0 mov hlist eax invoke SendMessageA hlist {WM_SETFONT} hfont2 0 #setup tray icon [nidata]=88 #filling the NOTIFYICONDATA structure eax=hwnd [nidata+4]=eax [nidata+8]=1 eax={NIF_ICON} or eax {NIF_TIP} #there is a tool top or eax {NIF_MESSAGE} #there is a user defined message [nidata+12]=eax [nidata+16]={WM_ICONNOTIFY} #user defined message eax=hicon #handle of icon loaded fron resource in winmain [nidata+20]=eax eax=nidata add eax 24 tooltip=eax invoke strcpy eax systray #tool tip string invoke Shell_NotifyIcon {NIM_ADD} nidata #set up tray icon #NOTE:the -1 first parameter of RasConnectionNotificationA is not mentioned #in the documentation !!!!! invoke CheckIntpdTime 0 hEvent=CreateEventA 0 1 0 0 #set up RAS events to detect hEventD=CreateEventA 0 1 0 0 invoke RasConnectionNotificationA -1 hEvent {RASCN_Connection} invoke RasConnectionNotificationA -1 hEventD {RASCN_Disconnection} invoke CreateThread 0 0 CheckRAS 0 0 threadid #start RAS monitoring thread jmp exit wmtimer: eax=wparam if eax=1 invoke memset timeString 0 128 add timr 1 eax=timr ecx=60 edx=0 div ecx sec=edx edx=0 div ecx min=edx hrs=eax st=NumToAsci hrs invoke strncat timeString st 8 invoke strncat timeString colon 4 st=NumToAsci min invoke strncat timeString st 8 invoke strncat timeString colon 4 st=NumToAsci sec invoke strncat timeString st 8 invoke strcpy tooltip timeString #tool tip string invoke Shell_NotifyIcon {NIM_MODIFY} nidata #set up tray icon jmp exit endif if eax=2 eax=timer ebx=[eax] add ebx 60 [eax]=ebx fn=fopen timerf writeb invoke fwrite timer 1 4 fn invoke fclose fn endif jmp exit wmpaint: lea eax ps invoke BeginPaint hwnd eax mov hdc eax lea eax ps invoke EndPaint hwnd eax jmp exit wmcommand: #menu items if lparam = 0 if wparam = 102 invoke ShowLog 1 invoke ShowWindow hwnd 1 jmp exit endif if wparam = 105 invoke ShowLog 2 invoke ShowWindow hwnd 1 jmp exit endif if wparam = 106 invoke MessageBoxA hwnd resisp WindowCaption 4 if eax={IDYES} invoke DeleteFileA dunlog invoke DeleteFileA ttfile endif jmp exit endif if wparam = 107 invoke MessageBoxA hwnd restel WindowCaption 4 if eax={IDYES} invoke DeleteFileA tellog invoke DeleteFileA telfile endif jmp exit endif if wparam = 806 invoke MessageBoxA hwnd WindowCaption ab 0 jmp exit endif if wparam = 104 invoke SendMessageA hwnd {WM_CLOSE} 0 0 jmp exit endif jmp default endif #end of menu items wmsize: eax=wparam if eax={SIZE_MINIMIZED} invoke ShowWindow hwnd 0 endif jmp exit wmiconnotify: eax=lparam if eax={WM_RBUTTONDOWN} #show menu lea eax pt invoke GetCursorPos eax lea eax pt ebx=[eax] x=ebx add eax 4 ebx=[eax] y=ebx invoke TrackPopupMenu hfilemenu 0 x y 0 hwnd 0 jmp exit endif default: invoke DefWindowProcA hwnd msg wparam lparam leave ret 16 exit: xor eax eax leave ret 16 endp #--------------------------------------------------------------------------------------------- proc WinMain dword hinst dword previnst dword comline dword cmdshow sequence wc 48 dword ordata 0 dword len 0 dword topmenu 0 dword dropmenu 0 dword sepmenu 0 push ebp mov ebp esp add esp -80 call CreateMenu hfilemenu=eax call CreateMenu hhelpmenu=eax call CreateMenu hmenu=eax mov eax {MF_STRING} or eax {MF_POPUP} or eax {MF_BYPOSITION} or eax {MF_ENABLED} topmenu=eax mov eax {MF_STRING} or eax {MF_ENABLED} dropmenu=eax mov eax {MF_STRING} or eax {MF_SEPARATOR} sepmenu=eax invoke AppendMenuA hmenu topmenu hfilemenu fmenu invoke AppendMenuA hfilemenu dropmenu 102 show invoke AppendMenuA hfilemenu dropmenu 105 showtel invoke AppendMenuA hfilemenu sepmenu 103 hyphen invoke AppendMenuA hfilemenu dropmenu 106 reset invoke AppendMenuA hfilemenu dropmenu 107 resettel invoke AppendMenuA hfilemenu sepmenu 108 hyphen invoke AppendMenuA hfilemenu dropmenu 104 exit invoke AppendMenuA hmenu topmenu hhelpmenu pmenu invoke AppendMenuA hhelpmenu dropmenu 806 about mov eax fon2 mov [eax] 16 add eax 16 mov [eax] 400 add eax 12 invoke strcpy eax font2 hfont2 = CreateFontIndirectA fon2 mov eax fon1 mov [eax] 10 add eax 16 mov [eax] 400 add eax 12 invoke strcpy eax font1 hfont1 = CreateFontIndirectA fon1 [wc]= 48 [wc+4] =3 [wc+8]= WndProc [wc+12]= 0 [wc+16] =0 eax =hInstance [wc+20]= eax push 1 push hInstance call LoadIconA hicon=eax [wc+24]= eax [wc+44]= eax push {IDC_CROSS} push 0 call LoadCursorA [wc+28] =eax [wc+32]= 16 [wc+36]= 0 [wc+40]= ClassName lea eax wc invoke RegisterClassExA eax eax=0 or eax {WS_SYSMENU} or eax {WS_MINIMIZEBOX} or eax {WS_SIZEBOX} ordata=eax invoke CreateWindowExA {WS_CLIENTEDGE} ClassName WindowCaption ordata 100 100 250 400 0 hmenu hInstance 0 hwndMain= eax #this is old style before the advent of invoke push 0 push hwndMain call ShowWindow push hwndMain call UpdateWindow MsgLoop: invoke GetMessageA msg 0 0 0 cmp eax 0 je exitprocess invoke TranslateMessage msg invoke DispatchMessageA msg jmp MsgLoop exitprocess: mov eax [msg+8] leave ret 16 endp #--------------------------------------------------------------------------------------------- EntryPoint #this is old style before the advent of invoke push 0 call GetModuleHandleA mov hInstance eax call GetCommandLineA mov CommandLine eax invoke WinMain hInstance 0 CommandLine 10 push eax call ExitProcess end code #-----------------Resources--------------------------------------- begin resources icon phone.ico end resources