概述
在安装驱动的过程中弹出如下的提示
使用Spy++发现是Odbcconf.exe
用ProcExp 发现
原来是安装包在调用
RunDll32 setupapi,InstallHinfSection DefaultInstall 132 C:ProgramFilesEstSandBoxEstBoxDrv.inf
时候调用了runonce.exe 然后runonce 调用了odbcconf.exe
baidu 一下发现
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunOnceSetup
Configuring DataAccess Components
指向了C:WINDOWSsystem32odbcconf.exe/E /F "C:WINDOWSsystem32odbcconf.tmp
为什么setupapi 的 InstallHinfSection 会执行runonce 呢
使用windbg 运行 RunDll32 setupapi,InstallHinfSection DefaultInstall 132 C:ProgramFilesEstSandBoxEstBoxDrv.inf
在 CreateProcessA 和 CreateProcessW下断点
发现断在了
反汇编如下:
LSTATUS __userpurgepSetupInstallStopEx<eax>(char a1<dil>, int a2, char a3, int a4)
{
LSTATUS result; // eax@2
LSTATUS v5; // eax@11
int v6; // esi@18
DWORD v7; // eax@25
DWORD v8; // edi@32
const BYTE *v9; // [sp-10h] [bp-2A8h]@9
char v10; // [sp-8h] [bp-2A0h]@4
struct _STARTUPINFOW StartupInfo; // [sp+4h][bp-294h]@18
MSG Msg; // [sp+48h] [bp-250h]@30
struct _PROCESS_INFORMATIONProcessInformation; // [sp+64h] [bp-234h]@18
HKEY phkResult; // [sp+74h] [bp-224h]@5
int v15; // [sp+78h] [bp-220h]@1
DWORD dwMilliseconds; // [sp+7Ch][bp-21Ch]@23
LSTATUS v17; // [sp+80h] [bp-218h]@1
DWORD cValues; // [sp+84h] [bp-214h]@1
HKEY hKey; // [sp+88h] [bp-210h]@3
WCHAR CommandLine; // [sp+8Ch] [bp-20Ch]@18
v15 = a4;
v17 = 0;
cValues = 0;
if ( GlobalSetupFlags & 4 )
{
result = 0;
}
else
{
result = RegOpenKeyExW(HKEY_LOCAL_MACHINE,&pszPathRunOnce, 0, 0x2000000u, &hKey);
if ( !result )
{
v10 = a1;
if ( !(a3 & 2) )
{
if ( RegOpenKeyExW(hKey,(LPCWSTR)((char *)&loc_760689CD + 1), 0, 0x20019u, &phkResult) )
{
v17 = 0;
}
else
{
RegCloseKey(phkResult);
v17 = RegSetValueExW(hKey,L"Wrapper", 0, 1u, &pszRunOnceExe, 0x10u);
}
v9 = (const BYTE *)(a3 & 1 ?L"grpconv -u" : L"grpconv -o");
v5 = RegSetValueExW(hKey,L"GrpConv", 0, 1u, v9, 0x16u);
if ( v5 )
v17 = v5;
}
if ( !a2 || GlobalSetupFlags & 1 )
{
RegCloseKey(hKey);
}
else
{
if ( RegQueryInfoKeyW(hKey, 0, 0, 0, 0,0, 0, &cValues, 0, 0, 0, 0) )
cValues = 5;
else
cValues += 5;
RegCloseKey(hKey);
memset(&StartupInfo, 0,sizeof(StartupInfo));
ProcessInformation.hProcess = 0;
ProcessInformation.hThread = 0;
ProcessInformation.dwProcessId = 0;
ProcessInformation.dwThreadId = 0;
StartupInfo.cb = 68;
StartupInfo.dwFlags = 1;
StartupInfo.wShowWindow = 1;
lstrcpyW(&CommandLine,L"runonce -r");
v6 = v15;
if ( v15 )
pSetupWriteLogEntry(v15, 48, 0xEED2u,0, cValues);
if ( CreateProcessW(0,&CommandLine, 0, 0, 0, 0, 0, 0, &StartupInfo, &ProcessInformation))
{
if ( cValues > 0x14 || cValues<= 0 )
dwMilliseconds = 2400000;
else
dwMilliseconds = 120000 * cValues;
do
{
while ( 1 )
{
v7 =MsgWaitForMultipleObjectsEx(1u, &ProcessInformation.hProcess,dwMilliseconds, 0x4FFu, 6u);
if ( v7 != 1 )
break;
while ( PeekMessageW(&Msg, 0,0, 0, 1u) )
{
TranslateMessage(&Msg);
DispatchMessageW(&Msg);
}
}
}
while ( v7 == 192 );
if ( v7 == 258 )
pSetupWriteLogEntry(v15, 16,0xEED1u, 0, a1);
CloseHandle(ProcessInformation.hThread);
CloseHandle(ProcessInformation.hProcess);
}
else
{
v8 = GetLastError();
pSetupWriteLogEntry(v6, 536870928,0xEF36u, 0, v10);
pSetupWriteLogError(v6, 16, v8);
}
}
result = v17;
}
}
return result;
}
在
GlobalSetupFlags& 4 不成立的时候就执行它,那么如何让 GlobalSetupFlags = 4 呢?
查找 GlobalSetupFlags 引用 在函数
pSetupModifyGlobalFlags
中有其改动
int __stdcall pSetupModifyGlobalFlags(int a1, int a2)
{
int v2; // ebx@1
int result; // eax@4
v2 = ~GlobalSetupFlagsOverride & a1;
if ( v2 & 0x10 && !(a2 & 0x10) && GlobalSetupFlags & 0x10 )
*(_DWORD *)&Seed = GetSeed();
result = a2 & v2 | GlobalSetupFlags & ~v2;
GlobalSetupFlags = a2 & v2 | GlobalSetupFlags & ~v2;
return result;
}
而事实上
VOID pSetupSetGlobalFlags( _In_ DWORD Value );
Parameters
-
Value [in]
-
The flags used to disable user interface or automatic backup.
Value Meaning -
PSPGF_NONINTERACTIVE
0x004
Set to disable user interface.
-
PSPGF_NO_BACKUP
0x002
Set to disable automatic backup.
System::Call 'setupapi::InstallHinfSection(0,0,t "DefaultUninstall 132 $INSTDIREstBoxDrv.inf",0)'
最后
以上就是霸气小熊猫为你收集整理的在安装驱动过程中发生的问题的全部内容,希望文章能够帮你解决在安装驱动过程中发生的问题所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
发表评论 取消回复