unit  funit;

interface

function FindProcess(ExeName: string): Longword;            //查找進(jìn)程
function StrCopy(Dest: PChar; const Source: PChar): PChar;  //拷貝字符串
function GetDLLDirectory(FullPath: string): string;         //取DLL路徑

implementation

uses Windows;

type
  TProcessEntry32 = packed record
    dwSize: DWORD;
    cntUsage: DWORD;
    th32ProcessID: DWORD;       // this process
    th32DefaultHeapID: DWORD;
    th32ModuleID: DWORD;        // associated exe
    cntThreads: DWORD;
    th32ParentProcessID: DWORD; // this process's parent process
    pcPriClassBase: Longint;    // Base priority of process's threads
    dwFlags: DWORD;
    szExeFile: array[0..MAX_PATH - 1] of Char;// Path
  end;
   //---------API----------//
function CreateToolhelp32Snapshot(dwFlags, th32ProcessID: DWORD): THandle stdcall; external 'kernel32.dll';
function Process32First(hSnapshot: THandle; var lppe: TProcessEntry32): BOOL stdcall; external 'kernel32.dll';
function Process32Next(hSnapshot: THandle; var lppe: TProcessEntry32): BOOL stdcall; external 'kernel32.dll';
   //---------API----------//   

     //尋找指定進(jìn)程,返回其ID.
function FindProcess(ExeName: string): Longword;
       //(子函數(shù))尾串是否匹配,不分大小寫
  function AnsiEndsText(const ASubText, AText: string): Boolean;
  var
    P: PChar;
    L, L2: Integer;
  begin
    P := PChar(AText);
    L := Length(ASubText);
    L2 := Length(AText);
    Inc(P, L2 - L);
    if L > L2 then
      Result := False
    else
      Result := CompareString(LOCALE_USER_DEFAULT, NORM_IGNORECASE,P, L, PChar(ASubText), L) = 2;
  end;
var
  sphandle: DWORD;  Found: Bool;
  PStruct: TProcessEntry32;     
begin                                      	
  Result := 0;
  sphandle := CreateToolhelp32Snapshot($00000002, 0);
  PStruct.dwSize := Sizeof(PStruct);
  Found := Process32First(sphandle, PStruct);
  while Found do
  begin
    if AnsiEndsText(ExeName, PStruct.szExefile) then
    begin
       Result := PStruct.th32ProcessID;   Break;
    end;
    Found := Process32Next(sphandle, PStruct);
  end;
  CloseHandle(sphandle);
end;

     //PChar字符串復(fù)制
function StrCopy(Dest: PChar; const Source: PChar): PChar;
asm
        PUSH    EDI
        PUSH    ESI
        MOV     ESI,EAX
        MOV     EDI,EDX
        MOV     ECX,0FFFFFFFFH
        XOR     AL,AL
        REPNE   SCASB
        NOT     ECX
        MOV     EDI,ESI
        MOV     ESI,EDX
        MOV     EDX,ECX
        MOV     EAX,EDI
        SHR     ECX,2
        REP     MOVSD
        MOV     ECX,EDX
        AND     ECX,3
        REP     MOVSB
        POP     ESI
        POP     EDI
end;

     //取得DLL所在目錄
function GetDLLDirectory(FullPath: string): string;
var
  i: integer;
begin
  i := length(FullPath);
  while i>=1 do
  begin
    if (FullPath[i]='\') then  break;
    dec(i);
  end;
  Result := copy(FullPath,1,i-9)+'HookDLL\';
end;

end.