__asm
      {POP EDI
        POP ESI
        POP EBX
        MOV EDX, [NextIpAddr]
        MOV EAX, [RetFpHdl]
        MOV ESP, EBP
        POP EBP
        ADD ESP, 28H  
        PUSH EDX
        RET
      }

  
}

BOOL AdjustProcessPrivileges(LPCSTR szPrivilegesName)
{
  HANDLE hToken;
  TOKEN_PRIVILEGES tkp;

  if(!OpenProcessToken(GetCurrentProcess(),
      TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY,&hToken))
  {
      return FALSE;
  }

  if(!LookupPrivilegeValue(NULL,szPrivilegesName,
                            &tkp.Privileges[0].Luid))
  {
      CloseHandle(hToken);
      return FALSE;
  }
  
  tkp.PrivilegeCount = 1;
  tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
  
  if(!AdjustTokenPrivileges(hToken,FALSE,&tkp,sizeof(tkp),NULL,NULL))
  {
      CloseHandle(hToken);
      return FALSE;
  }
  
  CloseHandle(hToken);
  return TRUE;
}

void printProcessNameByPid( DWORD ProcessId )
{
  HANDLE pHd;
  HMODULE pHmod;
  char ProcessName[MAX_PATH] = "unknown";
  DWORD cbNeeded;
  pHd = OpenProcess( PROCESS_QUERY_INformATION |PROCESS_VM_READ, FALSE, ProcessId );
  if(pHd == NULL)
      return;
  
  if(!EnumProcessModules( pHd, &pHmod, sizeof(pHmod), &cbNeeded))
      return;
  if(!GetModuleFileNameEx( pHd, pHmod, ProcessName, MAX_PATH))
      return;
  
  printf( "%dt%sn", ProcessId, ProcessName);
  CloseHandle( pHd );
  return;
}

int main(void)
{

    if(!AdjustProcessPrivileges(SE_DEBUG_NAME))
    {
        printf("AdjustProcessPrivileges Error!n");
        return -1;
    }

    DWORD Pids[PROCESSNUM];
    DWORD dwProcessNum = 0;
    if(!EnumProcesses(Pids, sizeof(Pids), &dwProcessNum))
    {
        printf("EnumProcess Error!n");
        return -1;
    }
    
    for( DWORD num = 0; num < (dwProces