This is the next thing that I need to convert to assembly.

; DWORD SeekToLastRecord(HANDLE hEventLog);

I found this in the code section that I think applies to it.

// Seek to the last record in the event log and read it in order
    // to position the cursor for reading any new records when the
    // service notifies you that new records have been written to the
    // log file.
    status = SeekToLastRecord(hEventLog);
    if (ERROR_SUCCESS != status)
        wprintf(L"SeekToLastRecord failed with %lu.\n", status);
        goto cleanup;
Posted on 2011-01-30 12:34:00 by skywalker
eew.. gotos.. eew eww eewww

push hEventLog      ; handle of event log
call SeekToLastRecprd

je successful

; handle error...

jmp outofroutine


Posted on 2011-01-31 01:29:04 by evlncrn8
The source has 22 gotos.

I wonder how many are in Win 7 ?  :D
Posted on 2011-01-31 06:57:17 by skywalker