Web Hosting by Netfirms | Free Domain Names by Netfirms

;-procshow v0.2 ---------------------------------------------------------- ; x86 - Dos & Win32 - Assembly Language Programming ; ; ; ; Written by: John A Lyons (megablast) ; ; Email : asm@megablast.8k.com ; ; Page : http://asmsource.cjb.com/ ; ; Compiler : Masm32 v6.15 Microsoft Macro Assembler ; ; Date : 21-Nov-2001 ; ; Purpose : Displays all the processes running, and certain attributes ; ; id number, date created, threads. ; ; ; ; v0.1: Adapted winview to list the processes. Prints out ; ; (21Feb02) program name, id, threads, parent id, priority and date ; ; it was created. ; ; ; ; v0.2: Added uptime for each process. ; ; Changed name to ProcShow, in line with name change for ; ; winview->winshow. ; ; ; ; v0.3: Re-Added sort routines in the menu, and fixed up problem with ; ; (23Mar02) direction change. ; ; Now updates the uptime for the list item. This is a ; ; questionable feature, since we only selected item is updated; ; not all items, so they become out of sink. ; ; Added options dialog, enables changing of which columns are ; ; actually shown. ; ; ; ; ; ; ; ; ; ; ; ; ; ;---------------------------------------------------------------------------- .386 .MODEL FLAT, STDCALL include windows.inc include user32.inc include kernel32.inc include comctl32.inc include gdi32.inc include th32.inc includelib kernel32.lib includelib user32.lib includelib comctl32.lib includelib gdi32.lib include shell32.inc includelib shell32.lib include advapi32.inc includelib advapi32.lib includelib th32.lib ;---------- procedures declared later HyperLinkWndProc PROTO :HWND, :DWORD, :DWORD, :DWORD regget proto regstring:DWORD regset proto regstring:DWORD,number:DWORD dofind proto searchstring:DWORD WinMain PROTO hInst:HINSTANCE,hPrevInst:HINSTANCE,CmdShow:SDWORD processscan proto hWnd:HWND GetItem proto hwndListView:DWORD, iItemIndex:DWORD, iSubItemIndex:DWORD, iItemMask:DWORD, pItemImage:DWORD, pItemIndent:DWORD, lpParam:DWORD, pszItemText:DWORD, lenItemText:DWORD AddCol proto hwndListView:DWORD, iColIndex:DWORD, iColMask:DWORD, iColFormat:DWORD, iColImage:DWORD, iColWidth:DWORD, pszColText:DWORD CompareFunc proto lParam1:DWORD, lParam2:DWORD, SortType:DWORD CompareNum proto lParam1:DWORD, lParam2:DWORD, SortType:DWORD .CONST IDI_ICON1 equ 5 IDC_TAB1 EQU 1011 ;------------------------- buttons IDC_EXIT equ 3002 IDM_REFRESH equ 2 IDM_LIST equ 7 ;------------------------- menu IDM_EXIT equ 1 IDM_ABOUT equ 4 IDM_ONTOP equ 5 IDM_GRID equ 3 ;------------------------- About IDC_URL equ 9 IDI_CUR1 equ 101 IDI_BITMAP equ 102 ;------------------------- Search IDC_EDIT1 equ 1012 IDC_EDIT2 equ 1013 IDC_EDIT3 equ 1019 IDC_EDIT4 equ 1020 IDC_EDIT5 equ 1021 IDC_EDIT6 equ 1022 IDC_EDIT7 equ 1023 IDC_PARENT equ 1027 IDC_APPL equ 1028 IDC_STYLE equ 1029 IDC_EXSTYLE equ 1030 IDC_LIST equ 1014 IDC_REFRESH equ 1015 IDC_UPDATE equ 1016 IDD_LOAD equ 507 ;IDC_NAMED equ 1021 IDC_ABOUT equ 1011 IDC_NAME equ 1000 IDC_ID equ 1001 IDC_PARENTO equ 1002 IDC_THREADS equ 1003 IDC_PRIORITY equ 1004 IDC_CREATED equ 1005 IDC_UPTIME equ 1006 IDC_VISIBLE equ 1017 IDC_VIS equ 1022 IDC_ENABLE equ 1018 mvisible db "Visible",0 menabled db "Enabled",0 mnamed db "Named",0 mkill db "Kill",0 montop db "Always Ontop",0 mnottop db "Not Ontop",0 mflash db "Flash",0 mmin db "Minimize",0 mmax db "Maximize",0 mres db "Restore",0 LVM_SETEXTENDEDLISTVIEWSTYLE equ LVM_FIRST+54 LVS_EX_FULLROWSELECT equ 20h LVS_EX_GRIDLINES equ 1h WS_EX_LAYERED equ 80000 LWA_ALPHA equ 2 .DATA lmenu dd ? wmenu dd ? mmenu dd ? sorted dd ? hwndcur HWND ? MainDlgName DB "MAINWINDOW",0 aboutdialog DB "ABOUTDIALOG",0 optionsdialog DB "OPTIONS",0 MenuName db "TheMenu",0 sortdir db 1 searchcount dd 0 boot dword 0 num2 db "%lu",0 num1 db "%d",0 num3 db "(%lu,%lu)",0 hInstance HINSTANCE ? CommandLine LPSTR ? buff db 256 dup(?) first BOOL FALSE systemtime SYSTEMTIME <> bootup FILETIME <> timenow SYSTEMTIME <> t1 FILETIME <> ;------------------------- Options windowmove BOOL TRUE ;------------------------- Popup Menu IDM_UPDATE equ 3 ontop db "Always On Top",0 grid db "Gridlines",0 about db "About",0 exit db "Exit",0 ;------------------------- About hover BOOL ? szOpen db "open",0 hFinger dd ? orgStatic dd ? tabwin dd ? newload BOOL TRUE memoryload dd ? mainhwnd HANDLE ? ontopb BOOL TRUE optionshwnd dd ? base DWORD ? wp WINDOWPLACEMENT ItemStruct TC_ITEM WhichTabChosen DWORD ? ;-------------------------------- Registry regstring2 db "SearchCount",0 regstring1 db "xpos",0 regstring3 db "ypos",0 regflags db "flags",0 sortflags db "sortflags",0 reglistflags db "listflags",0 subkeyname db "Software\ProcShow",0 xpos dd NULL ypos dd NULL namedb BOOL ? visibleb BOOL ? gridon BOOL ? flags dd 0 sortcol dd 0 listflag dd 0 newflags dd 0 IDB_MAIN equ 102 ;-------------------------------- List Box ; PID PPID THRD USG PRI PATH hlistview dd ? szname db "Name",0,0,0,0,0,0 dw 208 szatt db "ID",0,0,0,0,0,0,0,0 dw 50 szclass db "Parent ID",0 dw 50 szid db "Threads",0,0,0 dw 50 sztop db "Priority",0,0 dw 30 szbottom db "Created",0,0,0 dw 120 szuptime db "UpTime",0,0,0,0 dw 125 mtime db "00:00:00 %d/%d/%d",0 mtime2 db " %d yrs, %d mon, %d day, %d hrs, %d min, %d sec",0 mtime3 db "%d min, %d.%000d sec",0 num4 db " %ld",0 icc INITCOMMONCONTROLSEX listno dd ? totallist dd ? .CODE start: INVOKE GetModuleHandle, NULL MOV hInstance,EAX INVOKE WinMain, hInstance,NULL,SW_SHOWDEFAULT INVOKE ExitProcess,EAX WinMain proc hInst:HINSTANCE,hPrevInst:HINSTANCE,CmdShow:SDWORD invoke InitCommonControlsEx, ADDR icc MOV EAX, OFFSET DlgProc INVOKE DialogBoxParam, hInst, OFFSET MainDlgName,NULL,EAX,NULL mov eax,hInst mov hInstance,eax RET WinMain endp DlgProc proc hWnd:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM LOCAL hdc:DWORD LOCAL rect:RECT LOCAL Disp :DWORD LOCAL pKey :DWORD LOCAL Temp :DWORD LOCAL item :LV_ITEM LOCAL windowp : WINDOWPLACEMENT LOCAL liNew:LV_ITEM mov eax,uMsg .if ax==WM_CLOSE bigclose: invoke GetWindowRect,hWnd,ADDR rect mov eax,rect.top mov eax,rect.left mov eax,[searchcount] invoke regset,ADDR regstring2,eax mov eax,xpos invoke regset,ADDR regstring1,eax mov eax,ypos invoke regset,ADDR regstring3,eax mov eax,[flags] invoke regset,ADDR regflags,eax xor eax,eax mov al,[sortdir] shl eax,8 add eax,[sortcol] invoke regset,ADDR sortflags,eax mov eax,[listflag] invoke regset,ADDR reglistflags,eax invoke DestroyMenu,[wmenu] invoke DestroyMenu,[lmenu] INVOKE ExitProcess,0 RET .ELSEIF ax==WM_SYSCOMMAND mov eax,[wParam] .IF ax==IDM_ABOUT lea eax,AboutDlgProc invoke CreateDialogParam,hInstance,addr aboutdialog,hWnd,eax,NULL .endif xor eax,eax ret .elseif ax==WM_MOVE mov eax,[lParam] push eax and eax,0ffffh mov [xpos],eax pop eax shr eax,16 mov [ypos],eax ;.elseif ax==WM_SETFOCUS ; invoke SetFocus, [hlistview] .elseif ax==WM_INITDIALOG mov eax,hWnd mov mainhwnd,eax invoke LoadMenu,hInstance,OFFSET MenuName ;600 mov [mmenu],eax invoke SetMenu,hWnd,eax invoke LoadIcon, hInstance, IDI_ICON1 invoke SendMessage, hWnd, WM_SETICON, ICON_SMALL, eax invoke regget,ADDR regstring2 cmp eax,-1 je notrun invoke regget,ADDR reglistflags or eax,eax jz flagis0 cmp eax,-1 jne flagisok flagis0: mov eax,127 flagisok: mov [newflags],eax invoke regget,ADDR sortflags push eax and eax,0ffh mov [sortcol],eax add eax,20 invoke CheckMenuItem,[mmenu],eax,MF_UNCHECKED pop eax shr eax,8 mov [sortdir],al xor [sortdir],1 call changedir mov [searchcount],eax invoke regget,ADDR regstring1 mov xpos,eax invoke regget,ADDR regstring3 mov ypos,eax invoke SetWindowPos,hWnd,NULL,xpos,ypos,0,0,SWP_NOSIZE+SWP_NOZORDER invoke regget,ADDR regflags mov [flags],eax ;invoke regget,ADDR grid ;mov gridon,eax ; test [flags],1 ; je notvis1 ; invoke CheckDlgButton,mainhwnd,IDC_VIS,BST_CHECKED ;notvis1: ; test [flags],2 ; je notvis2 ; invoke CheckDlgButton,mainhwnd,IDC_NAMED,BST_CHECKED ;notvis2: jmp isrunbefore notrun: mov [newflags],127 isrunbefore: ;invoke GetMenu,[hWnd] ;mov [mmenu],eax invoke CreatePopupMenu mov [wmenu],eax invoke AppendMenu,wmenu,MF_STRING,IDM_GRID,ADDR grid invoke AppendMenu,wmenu,MF_STRING,IDM_ONTOP,ADDR ontop invoke AppendMenu,wmenu,MF_STRING,IDM_ABOUT,ADDR about invoke AppendMenu,wmenu,MF_SEPARATOR,0,0 invoke AppendMenu,wmenu,MF_STRING,IDM_EXIT,ADDR exit test [flags],4 jne notgrid invoke CheckMenuItem,wmenu,IDM_GRID,MF_CHECKED notgrid: ; test [flags],8 ; jne notontop ; invoke CheckMenuItem,wmenu,IDM_ONTOP,MF_CHECKED call doontop notontop: invoke CreatePopupMenu mov [lmenu],eax invoke AppendMenu,lmenu,MF_STRING,96,ADDR mmin invoke AppendMenu,lmenu,MF_STRING,97,ADDR mmax invoke AppendMenu,lmenu,MF_STRING,98,ADDR mres invoke AppendMenu,lmenu,MF_SEPARATOR,0,0 invoke AppendMenu,lmenu,MF_STRING,90,ADDR montop invoke AppendMenu,lmenu,MF_STRING,91,ADDR mnottop invoke AppendMenu,lmenu,MF_STRING,92,ADDR mflash invoke AppendMenu,lmenu,MF_SEPARATOR,0,0 invoke AppendMenu,lmenu,MF_STRING,99,ADDR mkill invoke GetSystemMenu,hWnd,FALSE invoke AppendMenu,eax,MF_STRING,IDM_ABOUT,ADDR about invoke GetWindowRect,mainhwnd,ADDR rect mov eax,rect.top mov ypos,eax mov eax,rect.left mov xpos,eax invoke GetDlgItem, [hWnd],IDC_LIST mov [hlistview], eax invoke SendMessage, eax, LVM_SETEXTENDEDLISTVIEWSTYLE, 0, LVS_EX_FULLROWSELECT + LVS_EX_GRIDLINES invoke AddCol, [hlistview], 0, LVCF_FMT OR LVCF_WIDTH OR LVCF_TEXT OR LVCF_SUBITEM, LVCFMT_LEFT, 0, 208,ADDR szname invoke AddCol, [hlistview], 1, LVCF_FMT OR LVCF_WIDTH OR LVCF_TEXT OR LVCF_SUBITEM, LVCFMT_LEFT, 0, 50,ADDR szatt invoke AddCol, [hlistview], 2, LVCF_FMT OR LVCF_WIDTH OR LVCF_TEXT OR LVCF_SUBITEM, LVCFMT_LEFT, 0, 50, ADDR szclass invoke AddCol, [hlistview], 3, LVCF_FMT OR LVCF_WIDTH OR LVCF_TEXT OR LVCF_SUBITEM, LVCFMT_LEFT, 0, 50, ADDR szid invoke AddCol, [hlistview], 4, LVCF_FMT OR LVCF_WIDTH OR LVCF_TEXT OR LVCF_SUBITEM, LVCFMT_LEFT, 0, 30, ADDR sztop invoke AddCol, [hlistview], 5, LVCF_FMT OR LVCF_WIDTH OR LVCF_TEXT OR LVCF_SUBITEM, LVCFMT_LEFT, 0, 120, ADDR szbottom invoke AddCol, [hlistview], 6, LVCF_FMT OR LVCF_WIDTH OR LVCF_TEXT OR LVCF_SUBITEM, LVCFMT_LEFT, 0, 125, ADDR szuptime xor eax,eax mov eax,144 invoke OpenProcess,PROCESS_QUERY_INFORMATION,FALSE,eax cmp eax,NULL je notopen4 mov [Temp],eax ;push eax ;push offset num2 ;push offset buff ;call wsprintfA invoke GetProcessTimes,[Temp],addr bootup,addr buff+16, addr buff+20,addr buff+24 invoke FileTimeToSystemTime,addr bootup,addr systemtime call dochange invoke SendDlgItemMessage, mainhwnd, IDC_EDIT1,WM_SETTEXT, 0,ADDR buff notopen4: invoke CloseHandle,[Temp] mov [listflag],127 call setupcolumns invoke processscan,hWnd RET .ELSEIF ax==WM_COMMAND mov eax,wParam .IF lParam==0 .IF ax==IDM_REFRESH jmp refresh .ELSEIF ax==IDM_UPDATE xor windowmove,1 cmp windowmove,TRUE je setupdate invoke CheckMenuItem,wmenu,IDM_UPDATE,MF_UNCHECKED jmp noupdate1 setupdate: invoke CheckMenuItem,wmenu,IDM_UPDATE,MF_CHECKED noupdate1: .ELSEIF ax==IDM_ABOUT bigabout: lea eax,AboutDlgProc invoke CreateDialogParam,hInstance,addr aboutdialog,hWnd,eax,NULL xor eax,eax ret .ELSEIF ax==IDM_GRID invoke SendMessage, [hlistview], LVM_SETEXTENDEDLISTVIEWSTYLE, 0, LVS_EX_FULLROWSELECT+1 ret .ELSEIF ax==IDM_LIST ;lea eax,AboutDlgProc ;invoke CreateDialogParam,hInstance,addr optionsdialog,hWnd,eax,NULL ;xor eax,eax ;ret mov eax,[listflag] mov [newflags],eax lea eax,OptionsDlgProc invoke CreateDialogParam,hInstance,addr optionsdialog,hWnd,eax,NULL mov [optionshwnd],eax xor eax,eax ret .ELSEIF ax==IDM_ONTOP xor [flags],8 call doontop xor eax,eax ret .ELSEIF ax==96 mov eax,SW_MINIMIZE;SW_SHOWMINIMIZED dowp: push eax mov windowp.iLength,SIZEOF WINDOWPLACEMENT invoke GetWindowPlacement,[hwndcur],ADDR windowp pop eax mov windowp.showCmd,eax invoke SetWindowPlacement,[hwndcur],ADDR windowp xor eax,eax ret .ELSEIF ax==97 mov eax,SW_SHOWMAXIMIZED jmp dowp .ELSEIF ax==98 mov eax,SW_RESTORE jmp dowp .ELSEIF ax==40 ;-- sort dir : ASC mov [sortdir],1 changedir3: call changedir mov eax,[sortcol] add eax,20 call gosortit ret .ELSEIF ax==41 ;-- sort dir : DESC mov [sortdir],0 jmp changedir3 .ELSEIF ax==42 ;-- sort dir : NONE mov al,[sortdir] add eax,40 invoke CheckMenuItem,[mmenu],eax,MF_UNCHECKED mov [sortdir],2 mov eax,42 invoke CheckMenuItem,[mmenu],eax,MF_CHECKED jmp refresh .ELSEIF ax==99 ;-- invoke SendMessage,[hwndcur],WM_CLOSE,0,0 xor eax,eax ret .ELSEIF ax==IDM_EXIT jmp bigclose .endif cmp eax,20 jb notsort cmp eax,27 ja notsort cmp eax,20 jne nonone ;call gosortit ;jmp refresh invoke SendMessage, [hlistview], LVM_DELETEALLITEMS, 0, 0 ;invoke processscan,hWnd ret nonone: call gosortit notsort: ret .ENDIF mov eax,wParam mov edx,eax shr edx,16 .IF ax==IDC_REFRESH refresh: invoke SendMessage, [hlistview], LVM_DELETEALLITEMS, 0, 0 invoke processscan,hWnd ;invoke SendMessage,[hlistview],LVM_ENSUREVISIBLE,[listno],FALSE ret ; .ELSEIF ax==IDC_NAMED ; ;xor [flags],2 ; jmp refresh .ELSEIF ax==IDC_EXIT jmp bigclose .ELSEIF ax==IDC_ABOUT jmp bigabout .ELSEIF ax==IDC_VIS xor [flags],1 jmp refresh .ELSEIF ax==IDC_VISIBLE invoke GetItem, [hlistview], [listno], 2, LVIF_TEXT OR LVIF_PARAM, 0, 0, [mainhwnd], ADDR buff, 3 invoke IsDlgButtonChecked,mainhwnd,IDC_VISIBLE cmp eax,BST_UNCHECKED jne ischk1 mov ecx,SW_HIDE mov [buff],"-" jmp ischk1a ischk1: mov ecx,SW_RESTORE mov [buff],"V" ischk1a: invoke ShowWindow,[hwndcur],ecx mov liNew.pszText,offset buff mov liNew.iSubItem,2 invoke SendMessage, [hlistview], LVM_SETITEMTEXT, [listno], ADDR liNew invoke SetFocus, [hlistview] xor eax,eax ret .ELSEIF ax==IDC_ENABLE invoke GetItem, [hlistview], [listno], 2, LVIF_TEXT OR LVIF_PARAM, 0, 0, [mainhwnd], ADDR buff, 3 invoke IsDlgButtonChecked,mainhwnd,IDC_ENABLE cmp eax,BST_UNCHECKED jne ischk2 mov ecx,FALSE mov [buff+1],"-" jmp ischk2b ischk2: mov ecx,TRUE mov [buff+1],"E" ischk2b: invoke EnableWindow,[hwndcur],ecx mov liNew.pszText,offset buff mov liNew.iSubItem,2 invoke SendMessage, [hlistview], LVM_SETITEMTEXT, [listno], ADDR liNew invoke SetFocus, [hlistview] xor eax,eax ret .ELSEIF ax==IDC_EDIT1 invoke GetWindowPlacement,[hwndcur],ADDR windowp invoke GetDlgItemInt,mainhwnd,IDC_EDIT1,NULL,FALSE mov windowp.rcNormalPosition.top,eax ;invoke SetWindowPlacement,[hwndcur],ADDR windowp xor eax,eax ret .ELSEIF ax==IDC_EDIT2 invoke GetWindowPlacement,[hwndcur],ADDR windowp invoke GetDlgItemInt,mainhwnd,IDC_EDIT2,NULL,FALSE mov windowp.rcNormalPosition.left,eax ;invoke SetWindowPlacement,[hwndcur],ADDR windowp xor eax,eax ret .ELSEIF ax==IDC_EDIT3 invoke GetWindowPlacement,[hwndcur],ADDR windowp invoke GetDlgItemInt,mainhwnd,IDC_EDIT3,NULL,FALSE mov windowp.rcNormalPosition.right,eax ;invoke SetWindowPlacement,[hwndcur],ADDR windowp xor eax,eax ret .ELSEIF ax==IDC_EDIT4 invoke GetWindowPlacement,[hwndcur],ADDR windowp invoke GetDlgItemInt,mainhwnd,IDC_EDIT4,NULL,FALSE mov windowp.rcNormalPosition.bottom,eax ;invoke SetWindowPlacement,[hwndcur],ADDR windowp xor eax,eax ret .ENDIF xor eax,eax ret .elseif ax==WM_NOTIFY mov edi, [lParam] mov eax, (NMHDR ptr [edi]).hwndFrom .if eax==hlistview mov eax, (NMHDR ptr [edi]).code .if eax==LVN_ITEMCHANGED mov eax, (NMLISTVIEW ptr [edi]).iItem mov [listno],eax mov eax, (NMLISTVIEW ptr [edi]).lParam ;invoke SendDlgItemMessage, mainhwnd, IDC_UPDATE,WM_SETTEXT, 0,ADDR buff invoke GetItem, [hlistview], eax, 1, LVIF_TEXT OR LVIF_PARAM, 0, 0, [mainhwnd], ADDR buff, 99 lea esi,buff call getnum mov [hwndcur],eax push eax push offset num2 push offset buff call wsprintfA add esp,12 invoke SendDlgItemMessage, mainhwnd, IDC_EDIT2,WM_SETTEXT, 0,ADDR buff ;mov [Temp],004488h ;invoke SendMessage,[hlistview],LVM_ENSUREVISIBLE,[listno],FALSE ;invoke SendMessage,[hlistview],LVM_DELETECOLUMN,4,0 invoke GetItem, [hlistview], [listno], 0, LVIF_TEXT OR LVIF_PARAM, 0, 0, [mainhwnd], ADDR buff, 99 lea esi,buff mov ecx,99 notend1: cmp [esi],byte ptr 0 je gotend1 inc esi loop notend1 jmp nobother gotend1: jmp nobother mov [esi],byte ptr "[" inc esi push [hwndcur] push offset num2 ;add esi,100 push esi call wsprintf add esp,12 add esi,eax ;mov [esi+1],byte ptr "%" ;mov [esi+2],byte ptr "d" mov [esi],byte ptr "]" mov [esi+1],byte ptr 0 ;push [hwndcur] ;lea esi,buff ;push esi ;add esi,100 ;push esi ;call wsprintf ;add esp,12 nobother: invoke SendDlgItemMessage, mainhwnd, IDC_UPDATE,WM_SETTEXT, 0,ADDR buff mov eax,[hwndcur] call showtimes mov [liNew.iSubItem],6 ;update mov [liNew.pszText],offset buff invoke SendMessage,[hlistview],LVM_SETITEMTEXT,[listno],ADDR liNew xor eax,eax ret .elseif eax==LVN_COLUMNCLICK call changedir mov esi,[lParam] assume esi:ptr NM_LISTVIEW mov eax,[esi].iSubItem assume esi:nothing add eax,21 call gosortit ret .elseif eax==NM_RCLICK ;pnmh = (NMHDR FAR *) lParam; push ebx mov edi,[lParam] mov ebx, (NMLISTVIEW ptr [edi]).ptAction.x add ebx,xpos mov ecx, (NMLISTVIEW ptr [edi]).ptAction.y add ecx,ypos invoke TrackPopupMenu,lmenu,TPM_CENTERALIGN +TPM_LEFTBUTTON,ebx,ecx,0,hWnd,NULL pop ebx xor eax,eax ret .elseif eax==NM_DBLCLK invoke FlashWindow,[hwndcur],TRUE xor eax,eax ret .endif .endif .ELSEIF ax==WM_RBUTTONDOWN push ebx mov ebx,lParam mov ecx,ebx and ebx,0ffffh shr ecx,16 add ebx,xpos add ecx,ypos add ecx,20 invoke TrackPopupMenu,wmenu,TPM_CENTERALIGN +TPM_LEFTBUTTON,ebx,ecx,0,hWnd,NULL pop ebx ret .endif xor EAX,EAX RET DlgProc endp HyperLinkWndProc PROC uses ebx, hWnd:DWORD,uMsg:DWORD,wParam:DWORD,lParam:DWORD LOCAL tmpFont :LOGFONT LOCAL rect:RECT LOCAL pt:POINT LOCAL ps:PAINTSTRUCT mov eax,uMsg .IF eax==WM_NCHITTEST mov eax, 1 ret .ELSEIF eax == WM_CTLCOLORSTATIC push ebx push edx invoke SendMessage, hWnd, WM_GETFONT, 0, 0 mov edx,eax invoke GetObject, edx, sizeof LOGFONT, addr tmpFont mov tmpFont.lfUnderline, TRUE invoke CreateFontIndirect, addr tmpFont mov ebx,eax invoke SelectObject, wParam, ebx .if hover == FALSE invoke SetTextColor, wParam, Blue .else invoke SetTextColor, wParam,Red .endif invoke GetSysColor, COLOR_MENU invoke SetBkColor, wParam, eax invoke DeleteObject,ebx invoke GetStockObject, HOLLOW_BRUSH pop edx pop ebx ret .ELSEIF eax==WM_MOUSEMOVE invoke GetParent,hWnd push ebx mov ebx,eax invoke GetActiveWindow .if eax == ebx invoke GetCursorPos,addr pt invoke GetWindowRect,hWnd,addr rect invoke PtInRect,addr rect,pt.x,pt.y .if eax invoke GetCapture .if !eax invoke SetCapture,hWnd mov hover,TRUE invoke InvalidateRect,hWnd,FALSE,FALSE invoke SetCursor,hFinger .endif .else invoke GetCapture .if eax invoke ReleaseCapture mov hover,FALSE invoke InvalidateRect,hWnd,FALSE,FALSE .endif .endif .endif pop ebx xor eax,eax ret .ELSEIF eax==WM_LBUTTONDOWN invoke GetWindowText,hWnd,offset buff,sizeof buff invoke ShellExecute, NULL, offset szOpen, offset buff, NULL, NULL, SW_MAXIMIZE mov hover,FALSE invoke InvalidateRect,hWnd,FALSE,FALSE invoke SendMessage, hWnd, WM_GETFONT, 0, 0 mov edx,eax invoke GetObject, edx, sizeof LOGFONT, addr tmpFont mov tmpFont.lfUnderline, TRUE invoke CreateFontIndirect, addr tmpFont mov ebx,eax invoke SelectObject, wParam, ebx invoke SetTextColor, wParam, Blue xor eax,eax ret .ENDIF invoke CallWindowProc, orgStatic, hWnd, uMsg, wParam, lParam ret HyperLinkWndProc endp AboutDlgProc PROC hWnd:HWND,iMsg:DWORD,wParam:WPARAM, lParam:LPARAM LOCAL hdc:DWORD LOCAL ps:PAINTSTRUCT LOCAL rect:RECT mov eax,iMsg .if eax==WM_INITDIALOG invoke GetDlgItem, hWnd, IDC_URL invoke SetWindowLong, eax, GWL_WNDPROC, ADDR HyperLinkWndProc mov orgStatic,eax invoke LoadCursor,hInstance,IDI_CUR1 mov hFinger,eax invoke SendDlgItemMessage, hWnd, IDD_LOAD, WM_SETTEXT, 0,ADDR buff xor eax,eax ret .ELSEIF eax == WM_CTLCOLORSTATIC invoke SendMessage,lParam,iMsg,wParam,lParam ret .elseif eax==WM_CLOSE aclose: invoke EndDialog,hWnd,NULL invoke DestroyWindow,hWnd .elseif eax==WM_COMMAND push edx mov eax,wParam mov edx,eax shr edx,16 .if ax==IDC_EXIT jmp aclose .endif pop edx .else mov eax,FALSE ret .endif mov eax,TRUE ret AboutDlgProc endp OptionsDlgProc PROC hWnd:HWND,iMsg:DWORD,wParam:WPARAM, lParam:LPARAM LOCAL hdc:DWORD LOCAL ps:PAINTSTRUCT LOCAL rect:RECT mov eax,iMsg .if eax==WM_INITDIALOG invoke GetDlgItem, hWnd, IDC_URL invoke SetWindowLong, eax, GWL_WNDPROC, ADDR HyperLinkWndProc mov orgStatic,eax invoke LoadCursor,hInstance,IDI_CUR1 mov hFinger,eax invoke SendDlgItemMessage, hWnd, IDD_LOAD, WM_SETTEXT, 0,ADDR buff push ebx mov ecx,7 mov eax,[listflag] mov edx,IDC_NAME checkall: xor ebx,ebx rcr eax,1 jnc notcheck1 mov ebx,BST_CHECKED notcheck1: push edx push ecx push eax invoke CheckDlgButton,[hWnd],edx,ebx pop eax pop ecx pop edx inc edx loop checkall pop ebx xor eax,eax ret .elseif eax==WM_CLOSE aclose: ;invoke MessageBox,hWnd,addr buff,addr buff+50,MB_OK aclose2: invoke EndDialog,hWnd,NULL invoke DestroyWindow,hWnd .elseif eax==WM_COMMAND mov eax,wParam .if ax==IDC_EXIT ;press CANCEL button ;invoke SendMessage,[hlistview],LVM_DELETECOLUMN,0,0 jmp aclose2 .elseif ax==3003 ;press OK button invoke SendMessage, [hlistview], LVM_DELETEALLITEMS, 0, 0 call setupcolumns invoke processscan,hWnd jmp aclose .elseif ax==IDC_NAME xor [newflags],1 .elseif ax==IDC_ID xor [newflags],2 .elseif ax==IDC_PARENTO xor [newflags],4 .elseif ax==IDC_THREADS xor [newflags],8 .elseif ax==IDC_PRIORITY xor [newflags],16 .elseif ax==IDC_CREATED xor [newflags],32 .elseif ax==IDC_UPTIME xor [newflags],64 ;invoke SendMessage,[hlistview],LVM_DELETECOLUMN,0,0 .elseif ax==1001 ;invoke SendMessage,[hlistview],LVM_DELETECOLUMN,0,0 .endif ;pop edx .else mov eax,FALSE ret .endif mov eax,TRUE ret OptionsDlgProc endp setupcolumns proc ;adds or deletes columns, depending on options change(or initial change) LOCAL lcNew:LVCOLUMN local goodbit:DWORD local count:WORD local colend:WORD push ebx push [listflag] push offset num2 push offset buff call wsprintfA add esp,12 push [newflags] push offset num2 push offset buff+50 call wsprintfA add esp,12 lea esi,szuptime mov [goodbit],64 mov eax,[listflag] ;old flags mov ebx,1 xor ecx,ecx checksetf: test eax,ebx jz notsetf inc cx xor eax,ebx notsetf: shl ebx,1 or eax,eax jnz checksetf dec cx mov [colend],cx;6 mov [count],7 changecols: mov eax,[newflags] mov ebx,[listflag] xor ecx,ecx and eax,[goodbit] and ebx,[goodbit] cmp eax,ebx je bitssame or eax,eax jnz addcolumn1 mov cx,[colend] invoke SendMessage,[hlistview],LVM_DELETECOLUMN,ecx,0 dec [colend] jmp bitssame2 addcolumn1: ;invoke AddCol, [hlistview], 0, LVCF_FMT OR LVCF_WIDTH OR LVCF_TEXT OR LVCF_SUBITEM, LVCFMT_LEFT, 0, 208,ADDR szname xor ecx,ecx mov [lcNew.imask],LVCF_FMT OR LVCF_WIDTH OR LVCF_TEXT OR LVCF_SUBITEM mov [lcNew.fmt],LVCFMT_LEFT mov cx,[esi+10] mov [lcNew.lx],ecx mov [lcNew.pszText],esi mov cx,[colend] mov [lcNew.iSubItem],ecx inc ecx invoke SendMessage,[hlistview],LVM_INSERTCOLUMN,ecx,ADDR lcNew inc [colend] bitssame: or eax,eax jz bitssame2 dec [colend] bitssame2: dec [count] sub esi,12 shr [goodbit],1 cmp [count],0 ja changecols jjj: mov eax,[newflags] mov [listflag],eax pop ebx ret setupcolumns endp AddCol proc hwndListView:DWORD, iColIndex:DWORD, iColMask:DWORD, iColFormat:DWORD, iColImage:DWORD, iColWidth:DWORD, pszColText:DWORD LOCAL lcNew:LVCOLUMN mov eax,[iColMask] mov [lcNew.imask],eax mov eax,[iColImage] mov [lcNew.iImage],eax mov eax,[iColFormat] mov [lcNew.fmt],eax mov eax,[iColWidth] mov [lcNew.lx],eax mov eax,[iColIndex] mov [lcNew.iSubItem],eax mov eax, [pszColText] mov [lcNew.pszText], eax invoke lstrlen, eax mov [lcNew.cchTextMax], eax and [lcNew.iOrder], 0 invoke SendMessage, [hwndListView], LVM_INSERTCOLUMN, [iColIndex], ADDR lcNew ret AddCol endp AddItem proc hwndListView:DWORD, iItemIndex:DWORD, iSubItemIndex:DWORD, iItemMask:DWORD, iItemImage:DWORD, iItemIndent:DWORD, lParam:DWORD, pszItemText:DWORD, lenItemText:DWORD, bAction:BYTE LOCAL liNew:LV_ITEM mov eax, [iItemMask] mov [liNew.imask],eax mov eax,[iItemIndex] mov [liNew.iItem],eax mov eax, [iSubItemIndex] mov [liNew.iSubItem],eax mov eax, [iItemImage] mov [liNew.iImage],eax mov eax,[lParam] mov [liNew.lParam],eax mov edx, [pszItemText] mov [liNew.pszText], edx mov eax, [lenItemText] mov [liNew.cchTextMax], eax .if !eax invoke lstrlen, edx mov [liNew.cchTextMax], eax .endif and [liNew.state], 0 and [liNew.stateMask], 0 .if ![bAction] invoke SendMessage, [hwndListView], LVM_INSERTITEM, 0, ADDR liNew .else invoke SendMessage, [hwndListView], LVM_SETITEM, 0, ADDR liNew .endif ret AddItem endp GetItem proc hwndListView:DWORD, iItemIndex:DWORD, iSubItemIndex:DWORD, iItemMask:DWORD, pItemImage:DWORD, pItemIndent:DWORD, lpParam:DWORD, pszItemText:DWORD, lenItemText:DWORD LOCAL liNew:LV_ITEM push [iItemMask] pop [liNew.imask] push [iItemIndex] pop [liNew.iItem] push [iSubItemIndex] pop [liNew.iSubItem] push [pszItemText] pop [liNew.pszText] push [lenItemText] pop [liNew.cchTextMax] invoke SendMessage, [hwndListView], LVM_GETITEM, 0, ADDR liNew ret GetItem endp changedir proc ;change the sort dir, Ascending, Descending or None push eax xor eax,eax mov al,[sortdir] add eax,40 invoke CheckMenuItem,[mmenu],eax,MF_UNCHECKED cmp [sortdir],2 jne oktoxor mov [sortdir],1 oktoxor: xor [sortdir],1 xor eax,eax mov al,[sortdir] add eax,40 invoke CheckMenuItem,[mmenu],eax,MF_CHECKED pop eax ret changedir endp gosortit proc ;push eax ;mov eax,[sortcol] ;add eax,20 ;invoke CheckMenuItem,[mmenu],eax,MF_UNCHECKED ;pop eax ;push eax ;invoke CheckMenuItem,[mmenu],eax,MF_CHECKED ;pop eax sub eax,20 mov [sortcol],eax or eax,eax jz nonosort4 ;xor [sortdir],1 ;call changedir dec eax cmp eax,1 je numsort cmp eax,2 je numsort cmp eax,3 je numsort lea edi,CompareFunc jmp gogosort numsort: lea edi,CompareNum gogosort: invoke SendMessage,[hlistview],LVM_SORTITEMS,eax,edi call updatelist nonosort4: xor eax,eax ret gosortit endp binary proc push ecx lea edi,buff mov ecx,32 reset1: mov dl,'0' shl eax,1 jnc set1 inc dl set1: mov [edi],dl inc edi loop reset1 mov [edi],byte ptr 0 pop ecx ret binary endp doontop proc test [flags],8 je notontop2 mov ecx,HWND_NOTOPMOST mov eax,MF_UNCHECKED jmp gotop notontop2: mov ecx,HWND_TOPMOST mov eax,MF_CHECKED gotop: push ecx push eax invoke CheckMenuItem,[wmenu],IDM_ONTOP,eax pop eax invoke CheckMenuItem,[mmenu],IDM_ONTOP,eax pop ecx invoke SetWindowPos,[mainhwnd],ecx,0,0,0,0,SWP_NOMOVE+SWP_NOSIZE+SWP_SHOWWINDOW ret doontop endp regget proc regstring:DWORD LOCAL number:DWORD LOCAL Disp :DWORD LOCAL pKey :DWORD LOCAL Temp :DWORD mov Temp,4 invoke RegCreateKeyEx, HKEY_LOCAL_MACHINE,ADDR subkeyname, NULL, NULL,REG_OPTION_NON_VOLATILE,KEY_READ, NULL,addr pKey, addr Disp cmp eax,ERROR_SUCCESS jne regok1 invoke RegQueryValueEx, pKey, regstring,NULL, ADDR Disp, ADDR number, ADDR Temp invoke RegCloseKey, pKey mov eax,number ret regok1: mov eax,-1 ret regget endp regset proc regstring:DWORD,number:DWORD LOCAL Disp :DWORD LOCAL pKey :DWORD LOCAL Temp :DWORD mov Temp,4 invoke RegCreateKeyEx, HKEY_LOCAL_MACHINE,ADDR subkeyname, NULL, NULL,REG_OPTION_NON_VOLATILE,KEY_WRITE, NULL, addr pKey, addr Disp cmp eax,ERROR_SUCCESS jne regok2 invoke RegSetValueEx, pKey, regstring,NULL, REG_DWORD_LITTLE_ENDIAN,ADDR number, Temp invoke RegCloseKey, pKey regok2: ret regset endp shownum proc push ecx push eax push offset num2 push offset buff call wsprintfA add esp,12 pop ecx mov eax,ecx mov edx,1 power2: rcl edx,1 dec eax or eax,eax jnz power2 test [listflag],edx jz nodisplayit push ecx invoke AddItem, [hlistview], [listno], [base], LVIF_TEXT, 0, 0, [listno] , ADDR buff, 8, 1 pop ecx inc [base] nodisplayit: inc ecx ret shownum endp processscan proc hWnd:HWND LOCAL winrect : RECT LOCAL procid : DWORD LOCAL named : BOOL local snap : PROCESSENTRY32 local phandle : DWORD LOCAL t2:FILETIME LOCAL t3:FILETIME LOCAL t4:FILETIME LOCAL hand:HANDLE local temp:dword invoke GetSystemTime, addr t1 invoke SystemTimeToFileTime, addr t1, addr timenow mov [listno],0 invoke CreateToolhelp32Snapshot,TH32CS_SNAPPROCESS + TH32CS_SNAPTHREAD,0 mov phandle,eax ;Process32First(pSnapShot, &stProcEntry); invoke Process32First,[phandle],addr snap cmp eax,FALSE je nomore analyse: ;PROCESSENTRY32 STRUCT ; dwSize DWORD ? ; cntUsage DWORD ? ; th32ProcessID DWORD ? ; th32DefaultHeapID DWORD ? ; th32ModuleID DWORD ? ; cntThreads DWORD ? ; th32ParentProcessID DWORD ? ; pcPriClassBase DWORD ? ; dwFlags DWORD ? ; szExeFile db MAX_PATH dup(?) ;PROCESSENTRY32 ENDS invoke AddItem, [hlistview], [listno], 0, LVIF_TEXT OR LVIF_PARAM, 0, 0, [listno], ADDR snap.szExeFile, 100, 0 mov [base],1 mov ecx,1 mov eax,[snap.th32ProcessID] call shownum mov eax,[snap.th32ParentProcessID] call shownum mov eax,[snap.cntThreads] call shownum mov eax,[snap.pcPriClassBase] call shownum mov [temp],ecx mov eax,[snap.th32ProcessID] mov [procid],eax invoke OpenProcess,PROCESS_QUERY_INFORMATION,FALSE,[procid] cmp eax,NULL je notopenproc2 mov [hand],eax invoke GetProcessTimes,[hand],addr t1,addr t2, addr t3,addr t4 cmp eax,TRUE jne notproctime mov eax,[temp] mov edx,1 power3: rcl edx,1 dec eax or eax,eax jnz power3 test [listflag],edx jz nodisplayit2 push edx invoke FileTimeToSystemTime,addr t1,addr systemtime call dochange invoke AddItem, [hlistview], [listno], [base], LVIF_TEXT, 0, 0, [listno] , ADDR buff, 30, 1 inc [base] pop edx nodisplayit2: shl edx,1 test [listflag],edx jz notproctime call uptime invoke AddItem, [hlistview], [listno], [base], LVIF_TEXT, 0, 0, [listno] , ADDR buff, 30, 1 notproctime: invoke CloseHandle,[hand] notopenproc2: inc [listno] invoke Process32Next,[phandle],addr snap cmp eax,FALSE jne analyse nomore: push [listno] pop [totallist] call updatelist ret processscan endp uptime proc LOCAL Temp:DWORD mov eax,dword ptr [timenow] sub eax,dword ptr [t1] mov dword ptr [t1],eax mov eax,dword ptr [timenow+4] sub eax,dword ptr [t1+4] mov dword ptr [t1+4],eax invoke FileTimeToSystemTime,addr t1,addr systemtime lea esi,mtime2 mov [Temp],28 cmp [systemtime.wYear],1601 ja yearin sub [Temp],4 add esi,8 cmp [systemtime.wMonth],1 ja yearin sub [Temp],4 add esi,8 cmp [systemtime.wDay],1 ja yearin sub [Temp],4 add esi,8 cmp [systemtime.wHour],0 ja yearin sub [Temp],4 add esi,8 cmp [systemtime.wMinute],0 ja yearin sub [Temp],4 add esi,8 yearin: xor eax,eax mov ax,systemtime.wSecond push eax cmp [Temp],8 je noyear2 mov ax,systemtime.wMinute push eax cmp [Temp],12 je noyear2 mov ax,systemtime.wHour push eax cmp [Temp],16 je noyear2 mov ax,systemtime.wDay dec ax push eax cmp [Temp],20 je noyear2 mov ax,systemtime.wMonth dec ax push eax cmp [Temp],24 je noyear2 mov ax,systemtime.wYear sub ax,1601 push eax noyear2: inc esi push esi lea eax,buff push eax call wsprintfA add esp,[Temp] ret uptime endp adjusttime proc push ebx xor eax,eax ;lea esi,mtime mov ax,systemtime.wHour call split60 inc esi mov ax,systemtime.wMinute call split60 inc esi mov ax,systemtime.wSecond call split60 inc esi pop ebx ret adjusttime endp split60 proc cmp ax,10 jb low10 xor dx,dx mov bx,10 div bx add al,"0" mov [esi],al mov al,dl low10: inc esi add al,"0" mov [esi],al inc esi ret split60 endp updatelist proc LOCAL lvi:LV_ITEM mov ecx,[totallist] mov lvi.imask,LVIF_PARAM mov lvi.iSubItem,0 mov lvi.iItem,0 listloop: push ecx push lvi.iItem pop lvi.lParam invoke SendMessage,[hlistview], LVM_SETITEM,0,addr lvi inc lvi.iItem pop ecx loop listloop ret updatelist endp CompareFunc proc lParam1:DWORD, lParam2:DWORD, SortType:DWORD invoke GetItem, [hlistview], [lParam1], [SortType], LVIF_TEXT OR LVIF_PARAM, 0, 0, [mainhwnd], ADDR buff, 99 invoke GetItem, [hlistview], [lParam2], [SortType], LVIF_TEXT OR LVIF_PARAM, 0, 0, [mainhwnd], ADDR buff+100, 99 lea esi,buff mov ecx,99 cmp [sortdir],0 je sortfor comp1: mov ah,[esi] cmp ah,[esi+100] ja goneg jb gopos inc esi loop comp1 xor eax,eax ret gopos: mov eax,1 ret goneg: mov eax,-1 ret sortfor: comp1a: mov ah,[esi] cmp ah,[esi+100] ja gopos jb goneg inc esi loop comp1a goeven: xor eax,eax ret CompareFunc endp CompareNum proc lParam1:DWORD, lParam2:DWORD, SortType:DWORD invoke GetItem, [hlistview], [lParam1], [SortType], LVIF_TEXT OR LVIF_PARAM, 0, 0, [mainhwnd], ADDR buff, 99 invoke GetItem, [hlistview], [lParam2], [SortType], LVIF_TEXT OR LVIF_PARAM, 0, 0, [mainhwnd], ADDR buff+100, 99 lea esi,buff call getnum push eax lea esi,buff+100 call getnum pop ecx cmp [sortdir],1 je numfor xchg eax,ecx numfor: sub eax,ecx ret CompareNum endp getnum proc push ebx push ecx xor eax,eax xor ecx,ecx mov ebx,10 renum: mov cl,[esi] cmp cl,0 je endnum sub cl,"0" mul ebx add eax,ecx inc esi jmp renum endnum: pop ecx pop ebx ret getnum endp showtimes proc LOCAL t2:FILETIME LOCAL t3:FILETIME LOCAL t4:FILETIME LOCAL tempt:FILETIME LOCAL hand:HANDLE mov [buff],byte ptr 0 invoke OpenProcess,PROCESS_QUERY_INFORMATION,FALSE,eax cmp eax,NULL je notopenproc mov [hand],eax invoke GetProcessTimes,[hand],addr t1,addr t2, addr t3,addr t4 cmp eax,TRUE jne notproctime2 invoke FileTimeToLocalFileTime,addr t1,addr tempt invoke FileTimeToSystemTime,addr tempt,addr systemtime call dochange invoke SendDlgItemMessage, mainhwnd, IDC_EDIT1,WM_SETTEXT, 0,ADDR buff invoke FileTimeToSystemTime,addr t2,addr systemtime call dochange invoke SendDlgItemMessage, mainhwnd, IDC_EDIT2,WM_SETTEXT, 0,ADDR buff ;in 100 nanoseconds, 10-9 secs mov edx,t3.dwHighDateTime mov eax,t3.dwLowDateTime ;call convertnanos mov ecx,10000 div ecx xor edx,edx ;mov edx,1 ;mov eax,0 ;mov ecx,10 ;div ecx ;push edx push eax push offset num2 push offset buff call wsprintfA add esp,12 invoke SendDlgItemMessage, mainhwnd, IDC_EDIT3,WM_SETTEXT, 0,ADDR buff mov edx,t4.dwHighDateTime mov eax,t4.dwLowDateTime call convertnanos invoke SendDlgItemMessage, mainhwnd, IDC_EDIT4,WM_SETTEXT, 0,ADDR buff invoke GetSystemTime, addr tempt invoke SystemTimeToFileTime, addr tempt, addr timenow call uptime invoke SendDlgItemMessage, mainhwnd, IDC_EDIT7,WM_SETTEXT, 0,ADDR buff notproctime2: jmp notworksize invoke GetProcessWorkingSetSize,[hand],addr t1, addr t2 cmp eax,TRUE jne notworksize mov eax,dword ptr [t1] push eax push offset num2 push offset buff call wsprintfA add esp,12 invoke SendDlgItemMessage, mainhwnd, IDC_EDIT5,WM_SETTEXT, 0,ADDR buff mov eax,dword ptr [t2] push eax push offset num2 push offset buff call wsprintfA add esp,12 invoke SendDlgItemMessage, mainhwnd, IDC_EDIT6,WM_SETTEXT, 0,ADDR buff notworksize: invoke CloseHandle,[hand] notopenproc: ret showtimes endp convertnanos proc mov ecx,10000 div ecx xor edx,edx mov ecx,1000 div ecx push edx xor edx,edx ;mov ecx,60 ;div ecx push edx push eax push offset mtime3 ;push eax ;push offset num2 push offset buff call wsprintfA add esp,12+4+4 ret convertnanos endp dochange proc xor eax,eax mov ax,systemtime.wYear push eax mov ax,systemtime.wMonth push eax mov ax,systemtime.wDay push eax lea eax,mtime push eax lea eax,buff push eax call wsprintfA add esp,20 lea esi,buff call adjusttime ret dochange endp END start