Как посмотреть содержимое реестра из-под отладчика.

  • Article

???? ???? ????????????. ?? ? ??? ?????? ?? ???????, ??????? ???? ??????.

??????? !dreg ? WinDbg ????????? ????????????? ?????????? ??????? ????? ? ???????? ???????. ??? ???????? ?????? ? ???? ???????:

  1. ??? ????????? ???????, ????? ?????? ????????? – ??? ???????????? ??? ??????? ? ????????? ??????. ????? ??????????? ?????? ? ?????, ????????, ???? ????????? ?????? ????????? ? ?????? ???? ??? ??????;
  2. ? ??????, ????? ???????? ????????????????? ?????? ?????????????? ??????? ??????????. ??? ????, ? ?????-??, ??????? ????????? ???????, ?????? ? ???? ?????? ?? ???????????? ?????? ??????????? ????? ??? ????? ???????? ?????? ????? ??????.

? ????????? !dreg ?? ???????? ? ??????? ?????????, ?????? ????????, ?? ?????????? ?????? ??? ?????? ??? ??????? kd.exe, ? ?? ???????, ??? ?? ????? ?? ????????. ????? ?? ??????? ???? ?? ??????.

????, ??????:

 0:000> .load ntsdexts

!dreg ????? ?????????? ??? ???????? ??????? ?????:

 0:000> !dreg hklm\software\microsoft\windows search
Subkey: Applications
Subkey: CatalogNames
Subkey: ContentIndexCommon
Subkey: CrawlScopeManager
Subkey: Databases
Subkey: DataDirectory
Subkey: Gather
Subkey: Gathering Manager
Subkey: Indexer
Subkey: InstallDirectory
Subkey: PerformanceCounters
Subkey: ProtocolHandlers
Subkey: SearchService
Subkey: UsnNotifier

????? ????? ???????? ??? ???????? ??????? ?????:

 0:000> !dreg hklm\software\microsoft\windows search\protocolhandlers!*
Value: "Mapi" - REG_SZ: "Search.Mapi2Handler.1"
------------------------------------------------------------------------
Value: "File" - REG_SZ: "Search.FileHandler.1"
------------------------------------------------------------------------
Value: "Csc" - REG_SZ: "Search.CscHandler.1"
------------------------------------------------------------------------
Value: "OneIndex" - REG_SZ: "Search.OneIndexHandler.1"
------------------------------------------------------------------------

? ????? ?????????? ?????????? ???????? ??????????? ?????:

 0:000> !dreg hklm\software\microsoft\windows search\protocolhandlers!Mapi
REG_SZ: "Search.Mapi2Handler.1"

Cross-posted from blog.not-a-kernel-guy.com.