Reading Notebook: 09-November-09
Comments in italics are mine and express my own views, thoughts and opinions
Windows Internals by M. Russinovich, D. Solomon and A. Ionescu:
SApp - SCP - SCM (p. 282)
HKLM\S\CCS\Ss\<>\ErrorControl = 3, SERVICE_ERROR_CRITICAL (p. 284) - can be used to force BSOD if service startup fails for postmortem memory dump analysis of the failure
HKLM\S\CCS\Ss\<>\PreshutdownTimeout (p. 286)
HKLM\S\CCS\Ss\<>\RequiredPrivileges (p. 286)
Service threads (p. 287) - some typical thread stack traces can be seen in this case study that also show that service main thread calls control handler functions: http://www.dumpanalysis.org/blog/index.php/2007/10/01/windows-service-crash-dumps-on-vista/
Service accounts (p. 288) - attached WinDbg will not download symbols from MS symbol server unless Run as Administrator
- Dmitry Vostokov @ SoftwareGeneralist.com -
_1125.png)
Coming Soon:
Debugging Notebook: Essential Concepts, WinDbg Commands and Tools
Crash Dump Analysis for System Administrators and Support Engineers
New Magazines:
Debugged! MZ/PE: MagaZine for/from Practicing Engineers
New Books:
Memory Dump Analysis Anthology, Volume 3
First Fault Software Problem Solving: A Guide for Engineers, Managers and Users
x64 Windows Debugging: Practical Foundations
Also available:
Windows Debugging: Practical Foundations
DLL List Landscape: The Art from Computer Memory Space
Dumps, Bugs and Debugging Forensics: The Adventures of Dr. Debugalov
WinDbg: A Reference Poster and Learning Cards
Memory Dump Analysis Anthology, Volume 2
Memory Dump Analysis Anthology, Volume 1
New Children's Book:
