I was surprised that you said you could get registry values. So I
looked at the source for dreg. It simply uses the registry APIs to get
the data. So the registry values you are seeing are for the machine
running Windbg.
-----Original Message-----
From: xxxxx@Itronix.com [mailto:xxxxx@Itronix.com]
Sent: Monday, May 20, 2002 10:41 AM
To: Kernel Debugging Interest List
Subject: [windbg] RE: Accessing registry of the target computer
Nathan thanks for the reply, .chain command showed the path to
ntsdexts.dll, but I still tried .load command and it works. Nathan and I
am able to see all Registry Keys Ashish
-----Original Message-----
From: Nathan Nesbit [mailto:xxxxx@windows.microsoft.com]
Sent: Sunday, May 19, 2002 8:35 PM
To: Kernel Debugging Interest List
Subject: [windbg] RE: Accessing registry of the target computer
When you type “dreg …” the debugger thinks you are typing one of the
d* commands to display memory. So what you typed makes no sense to the
parser and hence the error code.
When you run “!dreg …” the debugger correctly identifies it as an
extension command and searches the loaded extenstion dlls for it. It
says “No export” because it didn’t find a loaded dll which implements
the function. According to the docs !dreg is implemented in
ntsdexts.dll. So if you do a “.chain” and don’t see it then you need to
do a “.load ntsdexts” to get the debugger to load it. Doing a “!dreg”
after that will cause it to run.
The docs imply (as does that fact that it is implmemnted in
ntsdexts.dll) that the extension only works when doing user mode
debugging. So it is doubtful that you will get anything useful from
running this when doing kernel debugging. Which makes total sense
because the registry exists on disk and reading from the filesystem of a
machine halted for kernel debugging is problematic at best.
-----Original Message-----
From: xxxxx@Itronix.com [mailto:xxxxx@Itronix.com]
Sent: Sunday, May 19, 2002 8:11 PM
To: Kernel Debugging Interest List
Subject: [windbg] Accessing registry of the target computer
Hello all,
I am trying to access the registry of the target computer which is
running Win2k. I am using Windbg 6.0 and using !dreg command but I am
getting following
error:
“No export dreg found” and if I use dreg instead of !dreg I get
following error.
Kd> dreg System\CurrentControlSet\Services\Tcpip!Start
00000000 ?? ?
^ Extra character error in ‘dreg
System\CurrentControlSet\Services\Tcpip!Start’
Thanks in advance
Ashish
You are currently subscribed to windbg as: xxxxx@microsoft.com To
unsubscribe send a blank email to %%email.unsub%%
You are currently subscribed to windbg as: xxxxx@itronix.com To
unsubscribe send a blank email to %%email.unsub%%
You are currently subscribed to windbg as: xxxxx@microsoft.com To
unsubscribe send a blank email to %%email.unsub%%