Software Generalist

Comments in italics are mine and express my own views, thoughts and opinions

Windows Internals by M. Russinovich, D. Solomon and A. Ionescu:

!reg hivelist -> viewlist -> db (pp. 274 - 275)

Registry cell index mapping as directory:table:offset (p. 275)

Registry key handle -> kcb (pp. 276 - 278)

Hive sync every 5 seconds, *.log{1|2} (pp. 278 - 279)

Registry filtering altitudes (p. 280)

Internal registry optimizations (pp. 280 - 281) - good implementation case study if you need to devise your own database. I perhaps borrow some ideas for the next version of PDBFinder.

- Dmitry Vostokov @ SoftwareGeneralist.com -

           

Announcements

Coming Soon:

Debugging Notebook: Essential Concepts, WinDbg Commands and Tools

Crash Dump Analysis for System Administrators and Support Engineers

New Magazines:

Debugged! MZ/PE: MagaZine for/from Practicing Engineers

New Books:

Memory Dump Analysis Anthology, Volume 3

First Fault Software Problem Solving: A Guide for Engineers, Managers and Users

x64 Windows Debugging: Practical Foundations

Also available:

Windows Debugging: Practical Foundations

DLL List Landscape: The Art from Computer Memory Space

Dumps, Bugs and Debugging Forensics: The Adventures of Dr. Debugalov

WinDbg: A Reference Poster and Learning Cards

Memory Dump Analysis Anthology, Volume 2

Memory Dump Analysis Anthology, Volume 1

New Children's Book:

Baby Turing

This entry was posted on Thursday, October 29th, 2009 at 5:25 pm and is filed under Notes on Windows Internals, Reading Notebook. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.