手动加载NT式驱动(非工具)修改注册表实现

手动加载NT式驱动(非工具)

 A、观察注册表

 B、手动运行驱动

 C、手动停止驱动

运行 regedit.exe

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

ImagePath 

\??\G:\驱动教程\018_读出SSDT表当前函数地址\mini_ddk\sys\i386\DDKHelloWorld.sys

"DisplayName"="DDKHelloWorld"

"Type"=dword:00000001 //1表示载入驱动

"Start"=dword:00000003 //3表示按需要启动，2表示自动启用驱动

"ErrorControl"=dword:00000001//1

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mydriver]

"ImagePath"="\\??\\D:\\yjxyjx.sys"

"DisplayName"="mydriver"

"Type"=dword:00000001

"Start"=dword:00000002

"ErrorControl"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mydriver\Enum]

"0"="Root\\LEGACY_MYDRIVER\\0000"

"Count"=dword:00000001

"NextInstance"=dword:00000001