Not sure I remember your post Bonky... maybe I did reply, not sure, but....Kluding or altering the internal workings of any system is almost always possible, but generally speaking, not something most Administrators want to do. This would then make the system a non-supported system by M$ (not that Win95 is supported anymore anyways). The point being though that yes, you can often modify the OS in obscure ways, but they can and often do bring there own issues and problems with them.
The question I would ask, is it really THAT important to know when a user logs off, to the point that your willing to possibly cause other issues or problems with the system or more maintenance issues. For your company it may be worth the risk, speaking for myself though I would not think so for our company.
There are literally thousands of hacks/fixes/patches that I may/may not use or try on my own local system, but surely would not try most of them on a Network of thousands of computers until I could verify that the change was more beneficial to me as an Administrator and to the user then leaving the system in its supported configuration by Microsoft.