Drivers and Services
Installing and executing a driver is quite a bit different than running a normal program from the command line. There is no concept of running a new process because a driver is a kernel module which lives permanently inside the system. Two steps are required to get a driver installed:
This is usually the area that confuses people who are not used to working with drivers. A driver is treated by Windows as a regular service which can be started and stopped just like any other service. The Windows component that controls all this is called the Service Control Manager (SCM) which you have learned in the other topic (Windows Service). This component exposes an API which can be used to register, unregister, and start & stop drivers and regular Win32 services. Actually, registering a driver and starting it can be a little confusing if you've not done it before. However for beginners, there are several tools that can be used to automate these processes. For example:
osrloader - osrloadervxx
Windows RootKit - InstDrv, an advanced loader
This handy tool allows you to register, start, stop and unregister drivers, all from a single GUI. The following Figure shows InstDrv tool
In this tutorial we will use osrloader version 3.0. Launch the executable.
Click the Browse button and set the path to the hello.sys file.