- Код: Выделить всё
Private Type SECURITY_ATTRIBUTES
nLength As Long
lpSecurityDescriptor As Long
bInheritHandle As Long
End Type
Private Declare Function CreateEvent Lib "kernel32" Alias "CreateEventA" (lpEventAttributes As SECURITY_ATTRIBUTES, ByVal bManualReset As Long, ByVal bInitialState As Long, ByVal lpName As String) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function WaitForSingleObject Lib "kernel32" (ByVal hHandle As Long, ByVal dwMilliseconds As Long) As Long
Private Declare Function RegNotifyChangeKeyValue Lib "advapi32.dll" (ByVal hKey As Long, ByVal bWatchSubtree As Long, ByVal dwNotifyFilter As Long, ByVal hEvent As Long, ByVal fAsynchronus As Long) As Long
Private Declare Function RegOpenKey Lib "advapi32.dll" Alias "RegOpenKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
Private Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
Private Const HKCU = &H80000001
Private Const REG_NOTIFY_CHANGE_NAME = &H1 ' Create or delete (child)
Private Const REG_NOTIFY_CHANGE_ATTRIBUTES = &H2
Private Const REG_NOTIFY_CHANGE_LAST_SET = &H4 ' time stamp
Private Const REG_NOTIFY_CHANGE_SECURITY = &H8
Private Const REG_NOTIFY_ALL = (REG_NOTIFY_CHANGE_NAME Or REG_NOTIFY_CHANGE_ATTRIBUTES Or REG_NOTIFY_CHANGE_LAST_SET Or REG_NOTIFY_CHANGE_SECURITY)
Dim hEvent As Long
Dim AbortWait As Boolean
Dim hReg As Long
Private Sub OpenHKCU()
RegOpenKey HKCU, vbNullString, hReg
End Sub
Private Sub CloseHKCU()
RegCloseKey hReg
End Sub
Private Sub SetRegHook()
RegNotifyChangeKeyValue hReg, CLng(-1), REG_NOTIFY_ALL, hEvent, CLng(-1)
End Sub
Private Sub CreateMyEvent()
Dim sa As SECURITY_ATTRIBUTES
sa.nLength = 0
hEvent = CreateEvent(sa, CLng(0), CLng(0), "my_event_123")
End Sub
Private Sub DestroyMyEvent()
CloseHandle hEvent
End Sub
Private Function WaitForMyEvent() As Boolean
Dim wl As Long
Do Until AbortWait Or (wl <> 0)
DoEvents
wl = WaitForSingleObject(hEvent, 200)
Loop
If AbortWait Then
WaitForMyEvent = False
Else
WaitForMyEvent = True
End If
AbortWait = False
End Function
Private Sub StartWatching()
Dim es As Boolean
OpenHKCU
CreateMyEvent
SetRegHook
es = WaitForMyEvent
If es Then
MsgBox "Что-то в реестре изменилось..."
Else
MsgBox "Слежка отменена..."
End If
DestroyMyEvent
CloseHKCU
End Sub
Private Sub Command1_Click()
StartWatching
End Sub
Этот код мониторит любые изменения в реестре и просто сообщает об этом. Как мне проверить определенный ключ (или значения)реестра на изменения. В сети не нашел исходников на VB.
[Хакер] :: Используй тег [code]!