InstallHinfSection API 在驱动程序卸载期间不会删除与驱动程序相关的注册表项

问题描述 投票:0回答:1

我正在尝试使用InstallHinfSection API在Win10上安装/卸载内核驱动程序。我使用它安装驱动程序时没有遇到任何问题。它成功地将驱动程序复制到 DriverStore 并创建必要的 RegKey 和服务。但是,在卸载过程中它无法按预期工作。尽管驱动程序已从 DriverStore 中删除,但 RegKeys 和 Service 并未从注册表中删除。卸载后,“sc query mydriver”显示驱动程序处于 STOPPED 状态,这是不正确的。

我在调用 InstallHinfSection 或 INF 文件中是否遗漏了某些内容?

注册表中保留以下驱动程序痕迹:

计算机\HKEY_LOCAL机器\系统\ControlSet001\服务\我的驱动程序
计算机\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\我的驱动程序

安装命令:

RUNDLL32.EXE SETUPAPI.DLL,InstallHinfSection DefaultInstall 132 C:\mydriver.inf

卸载命令:

RUNDLL32.EXE SETUPAPI.DLL,InstallHinfSection DefaultUninstall 128 C:\mydriver.inf

下面是我正在使用的INF文件:

[Version]
Signature   = "$Windows NT$"
Class       = MYDRIVER
ClassGuid   = {00F8631E-F7E7-477e-B0AE-748C1915CEDE}
Provider    = %Manufacturer%
DriverVer   = 08/10/2023,15.8.00400.00004
CatalogFile = mydriver.cat
DriverPackageType = KernelService

[DestinationDirs]
DefaultDestDir          = 12
Section.DriverFiles       = 12                            ;%windir%\\system32\\drivers

;;
;; Default install sections
;;
;x64 install
[DefaultInstall.NTAMD64]
OptionDesc          = %ServiceDescription%
CopyFiles           = Section.DriverFiles

[DefaultInstall.NTAMD64.Services]
AddService          = %ServiceName%,,Section.Service,Section.Eventlog

;;
;; Default uninstall sections
;;

;x64 uninstall

[DefaultUninstall.NTAMD64]
DelFiles   = Section.DriverFiles
LegacyUninstall=1

[DefaultUninstall.NTAMD64.Services]
DelService = %ServiceName%,0x200      ;Ensure service is stopped before deleting

[SourceDisksFiles]
mydriver.sys = 1

[SourceDisksNames]
1 = %Disk1%

;
; Services Section
;
[Section.Service]
DisplayName      = %ServiceName%
Description      = %ServiceDescription%
ServiceBinary    = %12%\\%ServiceName%.sys      ;%windir%\\system32\\drivers\\
ServiceType      = 1                    ;SERVICE_FILE_SYSTEM_DRIVER
StartType        = 3                    ;SERVICE_DEMAND_START
ErrorControl     = 1                    ;SERVICE_ERROR_NORMAL
AddReg           = Section.AddRegistry;,Section.Eventlog.AddRegistry

;
; Registry Modifications
;
[Section.AddRegistry]
HKR,%RegInstancesSubkeyName%,%RegDefaultInstanceValueName%,0x00000000,%DefaultInstance.Name%
HKR,%RegInstancesSubkeyName%"\\"%DefaultInstance.Name%,%RegFlagsValueName%,0x00010001,%DefaultInstance.Flags%

[Section.Eventlog]
AddReg = Section.Eventlog.AddRegistry

[Section.Eventlog.AddRegistry]
;HKR,,EventMessageFile,0x00020000,"%%SystemRoot%%\\Sytem32\\IoLogMsg.dll;%%SystemRoot%%\\System32\\drivers\\mydriver.sys"
;HKR,,TypesSupported,0x00010001,7

;
; Copy Files
;
[Section.DriverFiles]
mydriver.sys

;;
;; String Section
;;
[Strings]
Manufacturer            = "Xyz"
ServiceName             = "mydriver"
ServiceDescription      = "Real Time Application Monitor"
RegInstancesSubkeyName  = "Instances"
RegDefaultInstanceValueName  = "DefaultInstance"
RegFlagsValueName       = "Flags"
Disk1           = "MYDRIVER Source Media"

;Instances specific information.

DefaultInstance.Name            = "Default"
DefaultInstance.Flags           = 0x0          ; Suppress automatic attachments
windows winapi driver uninstallation
1个回答
0
投票

您还需要将“LegacyUninstall=1”添加到[DefaultUninstall.NTAMD64.Services]中。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.