OpenProcess我试了不行,如svchost.exe lsass.exe alg.exe…………都得不到名柄!!问一下有没有其它方法!可以访问这些系统进程?
解决方案 »
- 关于计算98%位置分数。急!
- 求:统计一些项目的组合的程序
- 怎么确定当前Windows的启动状态?
- 在程序运行是动态的添加控件数组(richtextbox),添加后为何单击其进行编辑时vb出现非法操作提示?
- vb如何将MDI窗体中菜单编辑器中某个菜单标题以灰色形式显示
- 请问在vb中如何将以字符串表示的16进制数据转化成相应的字节传?小弟有礼了!
- 如何用VB语言来实现CRC校验函数? 谢谢!!!
- 请问大家,怎么更改VB窗口左上角的VB图标?
- 菜鸟的巨面问题:怎样把image控件里载入的picture copy到另一个目录?
- vb ide开发环境界面如何初始化
- 绝对弱问!
- mshflexgrid和ADODC绑定后显示数值型字段时奇怪的小数问题
'Search Process Functions
Private Const MAX_PATH = 260
Private Type PROCESSENTRY32
dwSize As Long
cntUsage As Long
th32ProcessID As Long
th32DefaultHeapID As Long
th32ModuleID As Long
cntThreads As Long
th32ParentProcessID As Long
pcPriClassBase As Long
dwFlags As Long
szExeFile As String * MAX_PATH
End TypePrivate Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long
Private Declare Function Process32First Lib "kernel32" (ByVal hSnapshot As Long, lppe As Any) As Long
Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapshot As Long, lppe As Any) As LongPrivate Const TH32CS_SNAPHEAPLIST = &H1
Private Const TH32CS_SNAPPROCESS = &H2
Private Const TH32CS_SNAPTHREAD = &H4
Private Const TH32CS_SNAPMODULE = &H8
Private Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST + TH32CS_SNAPPROCESS + TH32CS_SNAPTHREAD + TH32CS_SNAPMODULE)
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Sub Command1_Click()
'查找进程和显示PID
Dim hSnapshot As Long, lRet As Long, P As PROCESSENTRY32 P.dwSize = Len(P)
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPALL, ByVal 0)
If hSnapshot Then
lRet = Process32First(hSnapshot, P)
Do While lRet
If InStr(P.szExeFile, "services.exe") <> 0 Then
MsgBox P.th32ProcessID
End If
lRet = Process32Next(hSnapshot, P)
Loop
lRet = CloseHandle(hSnapshot)
End If
End Sub
模块:
Option Explicit
Public Declare Function Process32First Lib "kernel32" ( _
ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long
Public Declare Function Process32Next Lib "kernel32" ( _
ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long
Public Declare Function CloseHandle Lib "Kernel32.dll" _
(ByVal Handle As Long) As Long
Public Declare Function OpenProcess Lib "Kernel32.dll" _
(ByVal dwDesiredAccessas As Long, ByVal bInheritHandle As Long, _
ByVal dwProcId As Long) As Long
Public Declare Function EnumProcesses Lib "psapi.dll" _
(ByRef lpidProcess As Long, ByVal cb As Long, _
ByRef cbNeeded As Long) As Long
Public Declare Function GetModuleFileNameExA Lib "psapi.dll" _
(ByVal hProcess As Long, ByVal hModule As Long, _
ByVal ModuleName As String, ByVal nSize As Long) As Long
Public Declare Function EnumProcessModules Lib "psapi.dll" _
(ByVal hProcess As Long, ByRef lphModule As Long, _
ByVal cb As Long, ByRef cbNeeded As Long) As Long
Public Declare Function CreateToolhelp32Snapshot Lib "kernel32" ( _
ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long
Public Declare Function GetVersionExA Lib "kernel32" _
(lpVersionInformation As OSVERSIONINFO) As Integer
Public Type PROCESSENTRY32
dwSize As Long
cntUsage As Long
th32ProcessID As Long ' This process
th32DefaultHeapID As Long
th32ModuleID As Long ' Associated exe
cntThreads As Long
th32ParentProcessID As Long ' This process's parent process
pcPriClassBase As Long ' Base priority of process threads
dwFlags As Long
szExeFile As String * 260 ' MAX_PATH
End Type
Public Type OSVERSIONINFO
dwOSVersionInfoSize As Long
dwMajorVersion As Long
dwMinorVersion As Long
dwBuildNumber As Long
dwPlatformId As Long '1 = Windows 95.
'2 = Windows NT
szCSDVersion As String * 128
End Type
Public Const PROCESS_QUERY_INFORMATION = 1024
Public Const PROCESS_VM_READ = 16
Public Const MAX_PATH = 260
Public Const STANDARD_RIGHTS_REQUIRED = &HF0000
Public Const SYNCHRONIZE = &H100000
'STANDARD_RIGHTS_REQUIRED Or SYNCHRONIZE Or &HFFF
Public Const PROCESS_ALL_ACCESS = &H1F0FFF
Public Const TH32CS_SNAPPROCESS = &H2&
Public Const hNull = 0
Function StrZToStr(s As String) As String
StrZToStr = Left$(s, Len(s) - 1)
End Function
Public Function getVersion() As Long
Dim osinfo As OSVERSIONINFO
Dim retvalue As Integer
osinfo.dwOSVersionInfoSize = 148
osinfo.szCSDVersion = Space$(128)
retvalue = GetVersionExA(osinfo)
getVersion = osinfo.dwPlatformId
End Function
窗体,一个按钮,一个listbox:
Option Explicit
Private Sub Command1_Click()
List1.Clear
Select Case getVersion()
Case 1 'Windows 95/98
Dim f As Long, sname As String
Dim hSnap As Long, proc As PROCESSENTRY32
hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)
If hSnap = hNull Then Exit Sub
proc.dwSize = Len(proc)
' Iterate through the processes
f = Process32First(hSnap, proc)
Do While f
sname = StrZToStr(proc.szExeFile)
List1.AddItem sname
f = Process32Next(hSnap, proc)
Loop
Case 2 'Windows NT
Dim cb As Long
Dim cbNeeded As Long
Dim NumElements As Long
Dim ProcessIDs() As Long
Dim cbNeeded2 As Long
Dim NumElements2 As Long
Dim Modules(1 To 200) As Long
Dim lRet As Long
Dim ModuleName As String
Dim nSize As Long
Dim hProcess As Long
Dim i As Long
'Get the array containing the process id's for each process object
cb = 8
cbNeeded = 96
Do While cb <= cbNeeded
cb = cb * 2
ReDim ProcessIDs(cb / 4) As Long
lRet = EnumProcesses(ProcessIDs(1), cb, cbNeeded)
Loop
NumElements = cbNeeded / 4
For i = 1 To NumElements
'Get a handle to the Process
hProcess = OpenProcess(PROCESS_QUERY_INFORMATION _
Or PROCESS_VM_READ, 0, ProcessIDs(i))
'Got a Process handle
If hProcess <> 0 Then
'Get an array of the module handles for the specified
'process
lRet = EnumProcessModules(hProcess, Modules(1), 200, _
cbNeeded2)
'If the Module Array is retrieved, Get the ModuleFileName
If lRet <> 0 Then
ModuleName = Space(MAX_PATH)
nSize = 500
lRet = GetModuleFileNameExA(hProcess, Modules(1), _
ModuleName, nSize)
List1.AddItem Left(ModuleName, lRet)
End If
End If
'Close the handle to the process
lRet = CloseHandle(hProcess)
Next
End Select
End Sub
Or PROCESS_VM_READ, 0, ProcessIDs(i))
'Got a Process handle
在XP下有好几个系统进程的hProcess都为0 ,这个函数没有用!得不到系统进程句柄!
If hProcess <> 0 Then…………
Option Explicit
'权限
Private Type LUID
UsedPart As Long
IgnoredForNowHigh32BitPart As Long
End Type
Private Type LUID_AND_ATTRIBUTES
TheLuid As LUID
Attributes As Long
End Type
Private Type TOKEN_PRIVILEGES
PrivilegeCount As Long
TheLuid As LUID
Attributes As Long
End Type
'GetCurrentProcess函数返回当前进程的一个句柄。
Private Declare Function GetCurrentProcess Lib "kernel32" () As Long
'OpenProcessToken函数打开一个进程的访问代号。
Private Declare Function OpenProcessToken Lib "advapi32" _
(ByVal ProcessHandle As Long, _
ByVal DesiredAccess As Long, _
TokenHandle As Long) As Long
'LookupPrivilegeValue函数获得本地唯一的标示符(LUID),用于在特定的系统中
'表示特定的优先权。
Private Declare Function LookupPrivilegeValue Lib "advapi32" _
Alias "LookupPrivilegeValueA" _
(ByVal lpSystemName As String, _
ByVal lpName As String, _
lpLuid As LUID) As Long
'AdjustTokenPrivileges函数使能或者禁用指定访问记号的优先权。
'使能或者禁用优先权需要TOKEN_ADJUST_PRIVILEGES访问权限。
Private Declare Function AdjustTokenPrivileges Lib "advapi32" _
(ByVal TokenHandle As Long, _
ByVal DisableAllPrivileges As Long, _
NewState As TOKEN_PRIVILEGES, _
ByVal BufferLength As Long, _
PreviousState As TOKEN_PRIVILEGES, _
ReturnLength As Long) As Long
Private Declare Sub SetLastError Lib "kernel32" _
(ByVal dwErrCode As Long)
'关机权限
Public Const SE_SHUTDOWN_NAME = "SeShutdownPrivilege"
'超级权限
Public Const SE_DEBUG_NAME = "SeDebugPrivilege"Private Declare Function GetLastError Lib "kernel32" () As Long
Private oldtkp As TOKEN_PRIVILEGESPublic Function AdjustToken(ByVal Privilege As String) As Boolean
Const TOKEN_ADJUST_PRIVILEGES = &H20
Const TOKEN_QUERY = &H8
Const SE_PRIVILEGE_ENABLED = &H2
Dim hdlProcessHandle As Long
Dim hdlTokenHandle As Long
Dim tmpLuid As LUID
Dim tkp As TOKEN_PRIVILEGES
Dim tkpNewButIgnored As TOKEN_PRIVILEGES
Dim lBufferNeeded As Long
'使用SetLastError函数设置错误代码为0。
'这样做,GetLastError函数如果没有错误会返回0
SetLastError 0
AdjustToken = False
' GetCurrentProcess函数设置 hdlProcessHandle变量
hdlProcessHandle = GetCurrentProcess()
If GetLastError <> 0 Then
MsgBox "GetCurrentProcess error==" & GetLastError
Exit Function
End If
OpenProcessToken hdlProcessHandle, _
(TOKEN_ADJUST_PRIVILEGES Or TOKEN_QUERY), hdlTokenHandle
If GetLastError <> 0 Then
MsgBox "OpenProcessToken error==" & GetLastError
Exit Function
End If
If Privilege <> "" Then
' 获得关机优先权的LUID
LookupPrivilegeValue "", Privilege, tmpLuid
End If
If GetLastError <> 0 Then
MsgBox "LookupPrivilegeValue error==" & GetLastError
Exit Function
End If
If Privilege <> "" Then
tkp.PrivilegeCount = 1 ' 设置一个优先权
tkp.TheLuid = tmpLuid
tkp.Attributes = SE_PRIVILEGE_ENABLED
Else
tkp = oldtkp
End If
' 对当前进程使能"权限"
AdjustTokenPrivileges hdlTokenHandle, _
False, _
tkp, _
Len(tkpNewButIgnored), _
tkpNewButIgnored, _
lBufferNeeded
If GetLastError <> 0 Then
MsgBox "AdjustTokenPrivileges error==" & GetLastError
Exit Function
End If
AdjustToken = True
oldtkp = tkpNewButIgnored
End Function
boywang(大力水手) 的代码,显示1300错误!
解决问题,都结账了!!
写到form1
用到了lblProcCount Text1
调试通过
Option Explicit
Private Declare Function GetCurrentProcess Lib "kernel32" () As Long
Private Declare Function LookupPrivilegeValue Lib "advapi32" Alias "LookupPrivilegeValueA" (ByVal lpSystemName As String, ByVal lpName As String, lpLuid As LUID) As Long
Private Declare Function AdjustTokenPrivileges Lib "advapi32" (ByVal TokenHandle As Long, ByVal DisableAllPrivileges As Long, NewState As TOKEN_PRIVILEGES, ByVal BufferLength As Long, PreviousState As TOKEN_PRIVILEGES, ReturnLength As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long
Private Declare Function Process32First Lib "kernel32" (ByVal hSnapShot As Long, lppe As PROCESSENTRY32) As Long
Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapShot As Long, lppe As PROCESSENTRY32) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function OpenProcessToken Lib "advapi32" (ByVal ProcessHandle As Long, ByVal DesiredAccess As Long, TokenHandle As Long) As Long
Private Type LUID
UsedPart As Long
IgnoredForNowHigh32BitPart As Long
End TypePrivate Type LUID_AND_ATTRIBUTES
TheLuid As LUID
Attributes As Long
End TypePrivate Type TOKEN_PRIVILEGES
PrivilegeCount As Long
TheLuid As LUID
Attributes As Long
End Type
Private Type PROCESSENTRY32
dwSize As Long
cntUsage As Long
th32ProcessID As Long
th32DefaultHeapID As Long
th32ModuleID As Long
cntThreads As Long
th32ParentProcessID As Long
pcPriClassBase As Long
dwFlags As Long
szExePath As String * 260
End Type
Private Const TOKEN_QUERY = &H8
Private Const TOKEN_ADJUST_PRIVILEGES = &H20
Private Const SE_PRIVILEGE_ENABLED = &H2
Private m_atProcEntries() As PROCESSENTRY32
Private Const TH32CS_SNAPPROCESS = &H2
Private Const TH32CS_SNAPMODULE = &H8Private Sub Form_Load()
Call AquireDebugToken
If GetProcEntries(m_atProcEntries) Then
FillProcList m_atProcEntries()
End If
End Sub
Private Function FillProcList(atProcEntries() As PROCESSENTRY32) As Boolean
Dim i As Long
lblProcCount.Caption = "共有0个进程"
For i = LBound(atProcEntries) To UBound(atProcEntries)
Text1.Text = Text1.Text & vbCrLf
Text1.Text = Text1.Text & "进程句柄" & OpenProcess(&HF0000, False, atProcEntries(i).th32ProcessID) & vbCrLf
Text1.Text = Text1.Text & "进程名字:" & UCase$(atProcEntries(i).szExePath) & vbCrLf
Next i
lblProcCount.Caption = "共有" & UBound(atProcEntries) & "个进程"
End Function
Private Function AquireDebugToken() As Boolean
Dim hToken As Long
Dim tTP As TOKEN_PRIVILEGES
Dim tTPPrev As TOKEN_PRIVILEGES
Dim tLUID As LUID
If OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES Or TOKEN_QUERY, hToken) Then
If LookupPrivilegeValue("", "SeDebugPrivilege", tLUID) <> 0 Then
With tTP
.PrivilegeCount = 1
.TheLuid = tLUID
.Attributes = SE_PRIVILEGE_ENABLED
End With
If AdjustTokenPrivileges(hToken, 0, tTP, Len(tTP), tTPPrev, Len(tTPPrev)) <> 0 Then
AquireDebugToken = True
End If
End If
CloseHandle hToken
End If
End FunctionPrivate Function GetProcEntries(atProcEntries() As PROCESSENTRY32) As Boolean
On Error GoTo Error_Handler
Dim hSnapShot As Long
Dim i As Long
Erase atProcEntries
hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)
If hSnapShot <> -1 Then
i = 0
ReDim atProcEntries(i)
atProcEntries(i).dwSize = LenB(atProcEntries(i))
If Process32First(hSnapShot, atProcEntries(i)) <> 0 Then
Do
i = i + 1
ReDim Preserve atProcEntries(i)
atProcEntries(i).dwSize = LenB(atProcEntries(i))
If Process32Next(hSnapShot, atProcEntries(i)) = 0 Then
ReDim Preserve atProcEntries(i - 1)
Exit Do
End If
Loop
End If
CloseHandle hSnapShot
GetProcEntries = True
End If
Exit Function
Error_Handler:
If hSnapShot <> -1 Then CloseHandle (hSnapShot)
End Function
'======================用于查找进程和终止进程的API函数常数定义=====================
Private Declare Function CreateToolhelpSnapshot Lib "kernel32" Alias "CreateToolhelp32Snapshot" (ByVal lFlags As Long, ByVal lProcessID As Long) As Long
Private Declare Function ProcessFirst Lib "kernel32" Alias "Process32First" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Function ProcessNext Lib "kernel32" Alias "Process32Next" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Const MAX_PATH As Integer = 260
Private Type PROCESSENTRY32
dwSize As Long
cntUsage As Long
th32ProcessID As Long
th32DefaultHeapID As Long
th32ModuleID As Long
cntThreads As Long
th32ParentProcessID As Long
pcPriClassBase As Long
dwFlags As Long
szExeFile As String * MAX_PATH
End Type
Const TH32CS_SNAPheaplist = &H1
Const TH32CS_SNAPPROCESS = &H2
Const TH32CS_SNAPthread = &H4
Const TH32CS_SNAPmodule = &H8
Const TH32CS_SNAPall = TH32CS_SNAPPROCESS + TH32CS_SNAPheaplist + TH32CS_SNAPthread + TH32CS_SNAPmodule
'======================在WIN2000下提升本进程权限的API函数常数定义=====================
Const STANDARD_RIGHTS_REQUIRED = &HF0000
Const TOKEN_ASSIGN_PRIMARY = &H1
Const TOKEN_DUPLICATE = (&H2)
Const TOKEN_IMPERSONATE = (&H4)
Const TOKEN_QUERY = (&H8)
Const TOKEN_QUERY_SOURCE = (&H10)
Const TOKEN_ADJUST_PRIVILEGES = (&H20)
Const TOKEN_ADJUST_GROUPS = (&H40)
Const TOKEN_ADJUST_DEFAULT = (&H80)
Const TOKEN_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED Or TOKEN_ASSIGN_PRIMARY Or _
TOKEN_DUPLICATE Or TOKEN_IMPERSONATE Or TOKEN_QUERY Or TOKEN_QUERY_SOURCE Or _
TOKEN_ADJUST_PRIVILEGES Or TOKEN_ADJUST_GROUPS Or TOKEN_ADJUST_DEFAULT)
Const SE_PRIVILEGE_ENABLED = &H2
Const ANYSIZE_ARRAY = 1
Private Type LUID
lowpart As Long
highpart As Long
End Type
Private Type LUID_AND_ATTRIBUTES
pLuid As LUID
Attributes As Long
End Type
Private Type TOKEN_PRIVILEGES
PrivilegeCount As Long
Privileges(ANYSIZE_ARRAY) As LUID_AND_ATTRIBUTES
End Type
Private Declare Function GetCurrentProcess Lib "kernel32" () As Long
Private Declare Function LookupPrivilegeValue Lib "advapi32.dll" Alias "LookupPrivilegeValueA" (ByVal lpSystemName As String, ByVal lpName As String, lpLuid As LUID) As Long
Private Declare Function AdjustTokenPrivileges Lib "advapi32.dll" (ByVal TokenHandle As Long, ByVal DisableAllPrivileges As Long, NewState As TOKEN_PRIVILEGES, ByVal BufferLength As Long, PreviousState As TOKEN_PRIVILEGES, ReturnLength As Long) As Long
Private Declare Function OpenProcessToken Lib "advapi32.dll" (ByVal ProcessHandle As Long, ByVal DesiredAccess As Long, TokenHandle As Long) As Long
'程序加载
Private Sub Form_Load()
AdjustTokenPrivileges2000
Me.Caption = "WINDOWS 进程管理器"
Command1.Caption = "刷新"
Command2.Caption = "终止进程"
Command3.Caption = "退出"
ListView1.ColumnHeaders.Clear
ListView1.ColumnHeaders.Add , "a", "进程ID", 800
ListView1.ColumnHeaders.Add , "b", "进程名", 4900
ListView1.View = lvwReport
Command1_Click '刷新进程列表
End Sub
'显示当前系统中全部进程
Private Sub Command1_Click()
Dim i As Long, lPid As Long
Dim Proc As PROCESSENTRY32
Dim hSnapShot As Long
ListView1.ListItems.Clear '清空ListView
hSnapShot = CreateToolhelpSnapshot(TH32CS_SNAPall, 0) '获得进程“快照”的句柄
Proc.dwSize = Len(Proc)
lPid = ProcessFirst(hSnapShot, Proc) '获取第一个进程的PROCESSENTRY32结构信息数据
i = 0
Do While lPid <> 0 '当返回值非零时继续获取下一个进程
ListView1.ListItems.Add , "a" & i, Proc.th32ProcessID & "(&H" & Hex(Proc.th32ProcessID) & ")" '将进程ID添加到ListView1第一列
ListView1.ListItems("a" & i).SubItems(1) = Proc.szExeFile '将进程名添加到ListView1第二列
i = i + 1
lPid = ProcessNext(hSnapShot, Proc) '循环获取下一个进程的PROCESSENTRY32结构信息数据
Loop
CloseHandle hSnapShot '关闭进程“快照”句柄
End Sub
'终止指定进程
Private Sub Command2_Click()
Dim lPHand As Long, TMBack As Long
If ListView1.SelectedItem.Text <> "" Then
If MsgBox("确实要结束进程[" & ListView1.SelectedItem.SubItems(1) & "]吗?", vbYesNo) = vbYes Then
lPHand = Val(ListView1.SelectedItem.Text)
lPHand = OpenProcess(1&, True, lPHand) '获取进程句柄
TMBack = TerminateProcess(lPHand, 0&) '关闭进程
If TMBack <> 0 Then
MsgBox ListView1.SelectedItem.SubItems(1) & "已经被终止!"
Else
MsgBox ListView1.SelectedItem.SubItems(1) & "不能被终止!"
End If
CloseHandle lPHand
Command1_Click '刷新进程列表
End If
End If
End Sub
'退出本程序
Private Sub Command3_Click()
Unload Me
End Sub
'这个函数用于在WIN2000系统中,本进程提升权限
Sub AdjustTokenPrivileges2000()
Dim hdlProcessHandle As Long
Dim hdlTokenHandle As Long
Dim tmpLuid As LUID
Dim tkp As TOKEN_PRIVILEGES
Dim tkpNewButIgnored As TOKEN_PRIVILEGES
Dim lBufferNeeded As Long
Dim lP As Long
hdlProcessHandle = GetCurrentProcess()
lP = OpenProcessToken(hdlProcessHandle, TOKEN_ALL_ACCESS, hdlTokenHandle)
lP = LookupPrivilegeValue("", "SeDebugPrivilege", tmpLuid)
tkp.PrivilegeCount = 1
tkp.Privileges(0).pLuid = tmpLuid
tkp.Privileges(0).Attributes = SE_PRIVILEGE_ENABLED
lP = AdjustTokenPrivileges(hdlTokenHandle, False, tkp, Len(tkpNewButIgnored), tkpNewButIgnored, lBufferNeeded)
End Sub