A、观察注册表
B、手动运行驱动
C、手动停止驱动
运行 regedit.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
ImagePath
\??\G:\驱动教程\018_读出SSDT表当前函数地址\mini_ddk\sys\i386\DDKHelloWorld.sys
"DisplayName"="DDKHelloWorld"
"Type"=dword:00000001 //1表示载入驱动
"Start"=dword:00000003 //3表示按需要启动,2表示自动启用驱动
"ErrorControl"=dword:00000001//1
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mydriver]
"ImagePath"="\\??\\D:\\yjxyjx.sys"
"DisplayName"="mydriver"
"Type"=dword:00000001
"Start"=dword:00000002
"ErrorControl"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mydriver\Enum]
"0"="Root\\LEGACY_MYDRIVER\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001