在网上看到一个叫INSTDRV.EXE的工具,公司刚好也要做这方面的工作,没办法,
INSTDRV.EXE无源码,无奈只好自己写了一个,希望对兄弟姐妹有用。

  源码大家可以随便修改使用,如果能在使用时,能不去掉本人的信息,将
深深感谢!

  本程序只在XP专业版SP2上测试过,其它windows版本未测试,如果大家在其它
windows版本上不能用,或者有bug,敬请告知!
  邮箱:  davidfoxhu@sohu.com

代码:

////DlgLoaderDlg.cpp
//

/****************************************************************************************\
*
*  在网上看到一个叫INSTDRV.EXE的工具,公司刚好也要做这方面的工作,没办法,
*INSTDRV.EXE无源码,无奈只好自己写了一个,希望对兄弟姐妹有用。
*
*
*  源码大家可以随便修改使用,如果能在使用时,能不去掉本人的信息,将
*深深感谢!
*
*  本程序只在XP专业版SP2上测试过,其它windows版本未测试,如果大家在其它
*windows版本上不能用,或者有bug,敬请告知!
*  邮箱:  davidfoxhu@sohu.com
*
*  胡亚孟    2008-3-5日16:48 于乐港
*
\****************************************************************************************/

#include "stdafx.h"

#include <tchar.h>
#include <windows.h>
#include <winsvc.h>
#include <stdio.h>
#include <winioctl.h>

#include "DlgLoader.h"
#include "DlgLoaderDlg.h"


#ifdef _DEBUG
#define new DEBUG_NEW
#endif


#define        SECURITY_STRING_LEN              168
#define        LG_PAGE_SIZE                4096
#define        MAX_KEY_LENGTH                1024
#define        LG_SLEEP_TIME                4000


const BYTE g_szSecurity[SECURITY_STRING_LEN]=
{
  0x01,0x00,0x14,0x80,0x90,0x00,0x00,0x00,0x9c,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x30,0x00,0x00,0x00,0x02,
  0x00,0x1c,0x00,0x01,0x00,0x00,0x00,0x02,0x80,0x14,0x00,0xff,0x01,0x0f,0x00,0x01,0x01,0x00,0x00,0x00,0x00,
  0x00,0x01,0x00,0x00,0x00,0x00,0x02,0x00,0x60,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0xfd,0x01,0x02,
  0x00,0x01,0x01,0x00,0x00,0x00,0x00,0x00,0x05,0x12,0x00,0x00,0x00,0x00,0x00,0x18,0x00,0xff,0x01,0x0f,0x00,
  0x01,0x02,0x00,0x00,0x00,0x00,0x00,0x05,0x20,0x00,0x00,0x00,0x20,0x02,0x00,0x00,0x00,0x00,0x14,0x00,0x8d,
  0x01,0x02,0x00,0x01,0x01,0x00,0x00,0x00,0x00,0x00,0x05,0x0b,0x00,0x00,0x00,0x00,0x00,0x18,0x00,0xfd,0x01,
  0x02,0x00,0x01,0x02,0x00,0x00,0x00,0x00,0x00,0x05,0x20,0x00,0x00,0x00,0x23,0x02,0x00,0x00,0x01,0x01,0x00,
  0x00,0x00,0x00,0x00,0x05,0x12,0x00,0x00,0x00,0x01,0x01,0x00,0x00,0x00,0x00,0x00,0x05,0x12,0x00,0x00,0x00
};


/*******************************************************************************\
*
*  函数及实现
*
\*******************************************************************************/

void PrintLastError(int errorno)
{
#if defined(DEBUG) || defined(_DEBUG)
  LPVOID  lpMsgBuf;

  if(0==errorno)
  {
    errorno=GetLastError();
  }
  FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,NULL,errorno,0,(LPTSTR) &lpMsgBuf,0,NULL);
#ifdef _CONSOLE
  printf("%s\r\n",lpMsgBuf);
#else
  MessageBox(NULL,(LPCTSTR)lpMsgBuf,"错误",MB_OK|MB_TOPMOST);
#endif
  LocalFree(lpMsgBuf);

#endif
}

bool SplitFilePath(const char* szFullPath,char* szPath,char* szFileName,char* szFileExt)
{
  char*  p,*q,*r;
  size_t  len;

  if(NULL==szFullPath)
  {
    return false;
  }
  p=(char*)szFullPath;
  len=strlen(szFullPath);
  if(szPath)
  {
    szPath[0]=0;
  }
  if(szFileName)
  {
    szFileName[0]=0;
  }
  if(szFileExt)
  {
    szFileExt[0]=0;
  }
  q=p+len;
  while(q>p)
  {
    if( *q=='\\' || *q=='/')
    {
      break;
    }
    q--;
  }
  if(q<=p)
  {
    return false;
  }
  if(szPath)
  {
    memcpy(szPath,p,q-p+1);
    szPath[q-p+1]=0;
  }
  q++;
  p=q;
  r=NULL;
  while(*q)
  {
    if(*q=='.')
    {
      r=q;
    }
    q++;
  }
  if(NULL==r)
  {
    if(szFileName)
    {
      memcpy(szFileName,p,q-p+1);
    }
  }
  else
  {
    if(szFileName)
    {
      memcpy(szFileName,p,r-p);
      szFileName[r-p]=0;
    }
    if(szFileExt)
    {
      memcpy(szFileExt,r+1,q-r+1);
    }
  }

  return true;
}

int FindInMultiSz(LPTSTR szMultiSz,int nMultiSzLen,LPTSTR szMatch)
{
  size_t  i,j;
  size_t  len=strlen(szMatch);
  _TCHAR  FirstChar=*szMatch;
  bool  bFound;
  LPTSTR  pTry;

  if( NULL==szMultiSz || NULL==szMatch || nMultiSzLen<=0 )
  {
    return -1;
  }
  for(i=0;i<nMultiSzLen-len;i++)
  {
    if(*szMultiSz++==FirstChar)
    {
      bFound=true;
      pTry=szMultiSz;
      for(j=1;j<=len;j++)
      {
        if(*pTry++!=szMatch[j])
        {
          bFound=false;
          break;
        }
      }
      if(bFound)
      {
        return (int)i;
      }
    }
  }

  return -1;
}

int  InstallDriver(const char* cszDriverName,const char* cszDriverFullPath)
{
  char  szBuf[LG_PAGE_SIZE];
  HKEY  hKey;
  DWORD  dwData;

  if( NULL==cszDriverName || NULL==cszDriverFullPath )
  {
    return -1;
  }
  memset(szBuf,0,LG_PAGE_SIZE);
  strcpy(szBuf,"SYSTEM\\CurrentControlSet\\Services\\");
  strcat(szBuf,cszDriverName);
  if(RegCreateKeyEx(HKEY_LOCAL_MACHINE,szBuf,0,"",0,KEY_ALL_ACCESS,NULL,&hKey,(LPDWORD)&dwData)!=ERROR_SUCCESS)
  {
    return -1;
  }
  strcpy(szBuf,cszDriverName);
  if(RegSetValueEx(hKey,"DisplayName",0,REG_SZ,(CONST BYTE*)szBuf,(DWORD)strlen(szBuf))!=ERROR_SUCCESS)
  {
    return -1;
  }
  dwData=1;
  if(RegSetValueEx(hKey,"ErrorControl",0,REG_DWORD,(CONST BYTE*)&dwData,sizeof(DWORD))!=ERROR_SUCCESS)
  {
    return -1;
  }
  strcpy(szBuf,"\\??\\");
  strcat(szBuf,cszDriverFullPath);
  if(RegSetValueEx(hKey,"ImagePath",0,REG_SZ,(CONST BYTE*)szBuf,(DWORD)strlen(szBuf))!=ERROR_SUCCESS)
  {
    return -1;
  }
  dwData=3;
  if(RegSetValueEx(hKey,"Start",0,REG_DWORD,(CONST BYTE*)&dwData,sizeof(DWORD))!=ERROR_SUCCESS)
  {
    return -1;
  }
  dwData=1;
  if(RegSetValueEx(hKey,"Type",0,REG_DWORD,(CONST BYTE*)&dwData,sizeof(DWORD))!=ERROR_SUCCESS)
  {
    return -1;
  }
  RegFlushKey(hKey);
  RegCloseKey(hKey);
  strcpy(szBuf,"SYSTEM\\CurrentControlSet\\Services\\");
  strcat(szBuf,cszDriverName);
  strcat(szBuf,"\\Security");
  if(RegCreateKeyEx(HKEY_LOCAL_MACHINE,szBuf,0,"",0,KEY_ALL_ACCESS,NULL,&hKey,(LPDWORD)&dwData)!=ERROR_SUCCESS)
  {
    return -1;
  }
  dwData=SECURITY_STRING_LEN;
  if(RegSetValueEx(hKey,"Security",0,REG_BINARY,g_szSecurity,dwData)!=ERROR_SUCCESS)
  {
    return -1;
  }
  RegFlushKey(hKey);
  RegCloseKey(hKey);

  return 0;
}

int CreateDriver(const char* cszDriverName,const char* cszDriverFullPath)
{
  SC_HANDLE    schManager;
  SC_HANDLE    schService;
  SERVICE_STATUS  svcStatus;
  bool      bStopped=false;
  int        i;

  if( NULL==cszDriverName || NULL==cszDriverFullPath )
  {
    return -1;
  }
  schManager=OpenSCManager(NULL,NULL,SC_MANAGER_ALL_ACCESS);
  if(NULL==schManager)
  {
    return -1;
  }
  schService=OpenService(schManager,cszDriverName,SERVICE_ALL_ACCESS);
  if(NULL!=schService)
  {
    if(ControlService(schService,SERVICE_CONTROL_INTERROGATE,&svcStatus))
    {
      if(svcStatus.dwCurrentState!=SERVICE_STOPPED)
      {
        if(0==ControlService(schService,SERVICE_CONTROL_STOP,&svcStatus))
        {
          CloseServiceHandle(schService);
          CloseServiceHandle(schManager);
          return -1;
        }
        for(i=0;i<10;i++)
        {
          if( ControlService(schService,SERVICE_CONTROL_INTERROGATE,&svcStatus)==0 || svcStatus.dwCurrentState==SERVICE_STOPPED )
          {
            bStopped=true;
            break;
          }
          Sleep(LG_SLEEP_TIME);
        }
        if(!bStopped)
        {
          CloseServiceHandle(schService);
          CloseServiceHandle(schManager);
          return -1;
        }
      }
    }
    CloseServiceHandle(schService);
    CloseServiceHandle(schManager);
    return 0;
  }
  schService=CreateService(schManager,cszDriverName,cszDriverName,SERVICE_ALL_ACCESS,SERVICE_KERNEL_DRIVER,SERVICE_SYSTEM_START,SERVICE_ERROR_NORMAL,cszDriverFullPath,NULL,NULL,NULL,NULL,NULL);
  if(NULL==schService)
  {
    CloseServiceHandle(schManager);
    return -1;
  }
  CloseServiceHandle(schService);
  CloseServiceHandle(schManager);

  return 0;
}

int StartDriver(const char* cszDriverName,const char* cszDriverFullPath)
{
  SC_HANDLE    schManager;
  SC_HANDLE    schService;
  SERVICE_STATUS  svcStatus;
  bool      bStarted=false;
  int        i;

  if(NULL==cszDriverName)
  {
    return -1;
  }
  if(CreateDriver(cszDriverName,cszDriverFullPath)<0)
  {
    return -1;
  }
  schManager=OpenSCManager(NULL,NULL,SC_MANAGER_ALL_ACCESS);
  if(NULL==schManager)
  {
    return -1;
  }
  schService=OpenService(schManager,cszDriverName,SERVICE_ALL_ACCESS);
  if(NULL==schService)
  {
    CloseServiceHandle(schManager);
    return -1;
  }
  if(ControlService(schService,SERVICE_CONTROL_INTERROGATE,&svcStatus))
  {
    if(svcStatus.dwCurrentState==SERVICE_RUNNING)
    {
      CloseServiceHandle(schService);
      CloseServiceHandle(schManager);
      return 0;
    }
  }
  else if(GetLastError()!=ERROR_SERVICE_NOT_ACTIVE)
  {
    CloseServiceHandle(schService);
    CloseServiceHandle(schManager);
    return -1;
  }
  if(0==StartService(schService,0,NULL))
  {
    CloseServiceHandle(schService);
    CloseServiceHandle(schManager);
    PrintLastError(0);
    return -1;
  }
  for(i=0;i<10;i++)
  {
    if( ControlService(schService,SERVICE_CONTROL_INTERROGATE,&svcStatus) && svcStatus.dwCurrentState==SERVICE_RUNNING )
    {
      bStarted=true;
      break;
    }
    Sleep(LG_SLEEP_TIME);
  }
  CloseServiceHandle(schService);
  CloseServiceHandle(schManager);

  return bStarted?0:-1;
}

int StopDriver(const char* cszDriverName,const char* cszDriverFullPath)
{
  SC_HANDLE    schManager;
  SC_HANDLE    schService;
  SERVICE_STATUS  svcStatus;
  bool      bStopped=false;
  int        i;

  schManager=OpenSCManager(NULL,0,0);
  if(NULL==schManager)
  {
    return -1;
  }
  schService=OpenService(schManager,cszDriverName,SERVICE_ALL_ACCESS);
  if(NULL==schService)
  {
    CloseServiceHandle(schManager);
    return -1;
  }
  if(ControlService(schService,SERVICE_CONTROL_INTERROGATE,&svcStatus))
  {
    if(svcStatus.dwCurrentState!=SERVICE_STOPPED)
    {
      if(0==ControlService(schService,SERVICE_CONTROL_STOP,&svcStatus))
      {
        CloseServiceHandle(schService);
        CloseServiceHandle(schManager);
        return -1;
      }
      for(i=0;i<10;i++)
      {
        if( ControlService(schService,SERVICE_CONTROL_INTERROGATE,&svcStatus)==0 || svcStatus.dwCurrentState==SERVICE_STOPPED )
        {
          bStopped=true;
          break;
        }
        Sleep(LG_SLEEP_TIME);
      }
      if(!bStopped)
      {
        CloseServiceHandle(schService);
        CloseServiceHandle(schManager);
        return -1;
      }
    }
  }
  CloseServiceHandle(schService);
  CloseServiceHandle(schManager);

  return 0;
}

int DeleteDriver(const char* cszDriverName,const char* cszDriverFullPath)
{
  SC_HANDLE    schManager;
  SC_HANDLE    schService;
  SERVICE_STATUS  svcStatus;

  schManager=OpenSCManager(NULL,0,0);
  if(NULL==schManager)
  {
    return -1;
  }
  schService=OpenService(schManager,cszDriverName,SERVICE_ALL_ACCESS);
  if(NULL==schService)
  {
    CloseServiceHandle(schManager);
    return -1;
  }
  ControlService(schService,SERVICE_CONTROL_STOP,&svcStatus);
  if(0==DeleteService(schService))
  {
    CloseServiceHandle(schService);
    CloseServiceHandle(schManager);
    return -1;
  }
  CloseServiceHandle(schService);
  CloseServiceHandle(schManager);

  return 0;
}

LONG RegDeleteKeyNT(HKEY hStartKey,LPTSTR pKeyName)
{
  DWORD  dwSubKeyLength;
  LPTSTR  pSubKey=NULL;
  TCHAR  szSubKey[MAX_KEY_LENGTH];
  HKEY  hKey;
  LONG  lRet;

  if( pKeyName && lstrlen(pKeyName) )
  {
    if((lRet=RegOpenKeyEx(hStartKey,pKeyName,0,KEY_ENUMERATE_SUB_KEYS|DELETE,&hKey))==ERROR_SUCCESS)
    {
      while(lRet==ERROR_SUCCESS)
      {
        dwSubKeyLength=MAX_KEY_LENGTH;
        lRet=RegEnumKeyEx(hKey,0,szSubKey,(LPDWORD)&dwSubKeyLength,NULL,NULL,NULL,NULL);
        if(lRet==ERROR_NO_MORE_ITEMS)
        {
          lRet=RegDeleteKey(hStartKey,pKeyName);
          break;
        }
        else if(lRet==ERROR_SUCCESS)
        {
          lRet=RegDeleteKeyNT(hKey,szSubKey);
        }
      }
      RegCloseKey(hKey);
    }
  }
  else
  {
    lRet=ERROR_BADKEY;
  }

  return lRet;
}

int RemoveDriver(const char* cszDriverName,const char* cszDriverFullPath)
{
  HKEY hKey;
  long errorno;
  char szBuf[LG_PAGE_SIZE];
  char szDriverName[MAX_PATH];

  memset(szBuf,0,LG_PAGE_SIZE);
  memset(szDriverName,0,MAX_PATH);
  strcpy(szDriverName,cszDriverName);
  strcpy(szBuf,"SYSTEM\\CurrentControlSet\\Services\\");
  if(RegOpenKeyEx(HKEY_LOCAL_MACHINE,szBuf,0,KEY_ALL_ACCESS,&hKey)!=ERROR_SUCCESS)
  {
    return -1;
  }
  if((errorno=RegDeleteKeyNT(hKey,szDriverName))!=ERROR_SUCCESS)
  {
    return -1;
  }
  RegCloseKey(hKey);

  return 0;
}

/*******************************************************************************\
*
*  CDlgLoaderDlg 对话框
*
\*******************************************************************************/
CDlgLoaderDlg::CDlgLoaderDlg(CWnd* pParent /*=NULL*/)
  : CDialog(CDlgLoaderDlg::IDD, pParent)
{
  m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);
}

void CDlgLoaderDlg::DoDataExchange(CDataExchange* pDX)
{
  CDialog::DoDataExchange(pDX);
  DDX_Control(pDX, IDC_EDIT_FULLPATH, m_editFullPath);
  DDX_Control(pDX, IDC_STATIC_STATUS, m_staticStatus);
}

BEGIN_MESSAGE_MAP(CDlgLoaderDlg, CDialog)
  ON_WM_PAINT()
  ON_WM_QUERYDRAGICON()
  //}}AFX_MSG_MAP
  ON_BN_CLICKED(ID_SETUP, OnBnClickedSetup)
  ON_BN_CLICKED(ID_START, OnBnClickedStart)
  ON_BN_CLICKED(ID_STOP, OnBnClickedStop)
  ON_BN_CLICKED(ID_REMOVE, OnBnClickedRemove)
  ON_BN_CLICKED(IDC_BUTTON_BROWSER, OnBnClickedButtonBrowser)
END_MESSAGE_MAP()


// CDlgLoaderDlg 消息处理程序
BOOL CDlgLoaderDlg::OnInitDialog()
{
  int cx;
  int cy;

  CDialog::OnInitDialog();
  SetIcon(m_hIcon, TRUE);
  SetIcon(m_hIcon, FALSE);
  ShowWindow(SW_SHOWNORMAL);
  cx=GetSystemMetrics(SM_CXFULLSCREEN);
  cy=GetSystemMetrics(SM_CYFULLSCREEN);
  SetWindowPos(&CWnd::wndNoTopMost,cx/2-160,cy/2-100,0,0,SWP_NOSIZE|SWP_SHOWWINDOW);

  return TRUE;
}

void CDlgLoaderDlg::OnPaint() 
{
  if(IsIconic())
  {
    CPaintDC dc(this);

    SendMessage(WM_ICONERASEBKGND, reinterpret_cast<WPARAM>(dc.GetSafeHdc()), 0);

    int cxIcon = GetSystemMetrics(SM_CXICON);
    int cyIcon = GetSystemMetrics(SM_CYICON);
    CRect rect;
    GetClientRect(&rect);
    int x = (rect.Width() - cxIcon + 1) / 2;
    int y = (rect.Height() - cyIcon + 1) / 2;

    dc.DrawIcon(x,y,m_hIcon);
  }
  else
  {
    CDialog::OnPaint();
  }
}

HCURSOR CDlgLoaderDlg::OnQueryDragIcon()
{
  return static_cast<HCURSOR>(m_hIcon);
}

void CDlgLoaderDlg::OnBnClickedSetup()
{
  m_editFullPath.GetWindowText(m_szDriverFullPath,MAX_PATH);
  if(strlen(m_szDriverFullPath)<=0)
  {
    AfxMessageBox("请输入文件全路径!");
    return;
  }
  SplitFilePath(m_szDriverFullPath,m_szDriverPath,m_szDriverName,m_szDriverExt);
  if(0>InstallDriver(m_szDriverName,m_szDriverFullPath))
  {
    m_staticStatus.SetWindowText("安装驱动失败!");
    PrintLastError(0);
    return;
  }
  m_staticStatus.SetWindowText("成功安装驱动!");
}

void CDlgLoaderDlg::OnBnClickedStart()
{
  m_editFullPath.GetWindowText(m_szDriverFullPath,MAX_PATH);
  if(strlen(m_szDriverFullPath)<=0)
  {
    AfxMessageBox("请输入文件全路径!");
    return;
  }
  SplitFilePath(m_szDriverFullPath,m_szDriverPath,m_szDriverName,m_szDriverExt);
  if(0>StartDriver(m_szDriverName,m_szDriverFullPath))
  {
    m_staticStatus.SetWindowText("启动驱动服务失败!");
    PrintLastError(0);
    return;
  }
  m_staticStatus.SetWindowText("成功启动驱动服务!");
}

void CDlgLoaderDlg::OnBnClickedStop()
{
  m_editFullPath.GetWindowText(m_szDriverFullPath,MAX_PATH);
  if(strlen(m_szDriverFullPath)<=0)
  {
    AfxMessageBox("请输入文件全路径!");
    return;
  }
  SplitFilePath(m_szDriverFullPath,m_szDriverPath,m_szDriverName,m_szDriverExt);
  if(0>StopDriver(m_szDriverName,m_szDriverFullPath))
  {
    m_staticStatus.SetWindowText("无法停止驱动服务!");
    PrintLastError(0);
    return;
  }
  m_staticStatus.SetWindowText("成功停止驱动服务!");
}

void CDlgLoaderDlg::OnBnClickedRemove()
{
  m_editFullPath.GetWindowText(m_szDriverFullPath,MAX_PATH);
  if(strlen(m_szDriverFullPath)<=0)
  {
    AfxMessageBox("请输入文件全路径!");
    return;
  }
  SplitFilePath(m_szDriverFullPath,m_szDriverPath,m_szDriverName,m_szDriverExt);
  StopDriver(m_szDriverName,m_szDriverFullPath);
  if(0>RemoveDriver(m_szDriverName,m_szDriverFullPath))
  {
    m_staticStatus.SetWindowText("卸载驱动失败!");
    PrintLastError(0);
    return;
  }
  m_staticStatus.SetWindowText("成功卸载驱动!");
}

void CDlgLoaderDlg::OnBnClickedButtonBrowser()
{
  OPENFILENAME  ofn;
  char      szFileName[MAX_PATH];
  char      lpstrFilter[]="SYS文件 (*.sys)\0*.sys\0所有文件 (*.*)\0*.*\0\0";

  ZeroMemory(szFileName,MAX_PATH);
  ZeroMemory(&ofn, sizeof(OPENFILENAME));
  ofn.lStructSize    = sizeof(OPENFILENAME);
  ofn.hwndOwner    = m_hWnd;
  ofn.lpstrFile    = (LPSTR)szFileName;
  ofn.nMaxFile    = sizeof(szFileName);
  ofn.lpstrFilter    =(LPCSTR)lpstrFilter;
  ofn.nFilterIndex  = 0;
  ofn.lpstrFileTitle  = NULL;
  ofn.nMaxFileTitle  = 0;
  ofn.lpstrInitialDir = NULL;
  ofn.Flags      = OFN_PATHMUSTEXIST|OFN_FILEMUSTEXIST;
  if(GetOpenFileName(&ofn)==FALSE)
  {
    return;
  }
  m_editFullPath.SetWindowText(szFileName);
  m_staticStatus.SetWindowText("打开文件操作成功!");
  ZeroMemory(m_szDriverName,MAX_PATH);
  ZeroMemory(m_szDriverFullPath,MAX_PATH);
  strcpy(m_szDriverFullPath,szFileName);
  SplitFilePath(m_szDriverFullPath,m_szDriverPath,m_szDriverName,m_szDriverExt);
}
上传的附件 DlgLoader.rar