Maystyle :
Admin : New post
Guestbook
Local
media
Catergories
분류 전체보기 (520)
Developmen.. (3)
Cloud (27)
About Here (1)
Life Note (87)
Windows Se.. (221)
Quick Tips (6)
SQL Server (104)
Exchange S.. (23)
Other Serv.. (12)
Technical .. (31)
Recent Articles
Recent Comments
Recent Trackbacks
Calendar
Tag
Archive
Link
Search
 
tistory Tistory 회원가입!
Powered by Daum
Designed by exfido.com
T / Y / Total
  유저 모드 심볼 로딩 
작성일시 : 2010. 1. 17. 16:15 | 분류 : Windows Server/Kernel

kd> .reload /user
kd> x notepad!*

kd> !process 81b3a310
PROCESS 81b3a310  SessionId: 0  Cid: 0828    Peb: 7ffd7000  ParentCid: 00d8
    DirBase: 0049a000  ObjectTable: e15f4c10  HandleCount:  60.
    Image: notepad.exe
    VadRoot 81b00b38 Vads 63 Clone 0 Private 151. Modified 17. Locked 0.
    DeviceMap e16598f0
    Token                             e15d7d10
…   

kd> .process 81b3a310
Implicit process is now 81b3a310
WARNING: .cache forcedecodeuser is not enabled
kd> .cache forcedecodeuser

Max cache size is       : 1048576 bytes (0x400 KB)
Total memory in cache   : 0 bytes (0 KB)

kd> .reload /user
Loading User Symbols
.........................
kd> x notepad!*
010011a4 notepad!_imp__DestroyWindow = <no type information>
010010a8 notepad!_imp__GlobalUnlock = <no type information>

|

티스토리툴바