{"id":263,"date":"2012-01-30T22:42:02","date_gmt":"2012-01-31T06:42:02","guid":{"rendered":"http:\/\/www.abin.cn\/?p=263"},"modified":"2012-01-30T22:42:02","modified_gmt":"2012-01-31T06:42:02","slug":"%e8%b0%83%e8%af%95%e7%b3%bb%e7%bb%9f%e6%9c%8d%e5%8a%a1%e3%80%90%e8%bd%ac%e3%80%91","status":"publish","type":"post","link":"https:\/\/www.abin.cn\/?p=263","title":{"rendered":"\u8c03\u8bd5\u7cfb\u7edf\u670d\u52a1\u3010\u8f6c\u3011"},"content":{"rendered":"<p>\u4e00\u3001\u9644\u52a0\u6cd5\u8c03\u8bd5\u5df2\u7ecf\u542f\u52a8\u7684\u8fdb\u7a0b<br \/>\n1\u3001\u901a\u8fc7\u4efb\u52a1\u7ba1\u7406\u5668\u6216tlist.exe\uff08WinDBG\u4e2d\u7684\u4e00\u4e2a\u547d\u4ee4\u884c\u5de5\u5177\uff1aC:\\Program Files\\Debugging Tools for Windows<br \/>\n\uff09\u547d\u4ee4\u67e5\u770b\u8c03\u8bd5\u8fdb\u7a0b\u7684PID\uff1b<br \/>\n2\u3001\u542f\u52a8\u8c03\u8bd5\u5668\u9644\u52a0\u8fdb\u7a0b\uff0c\u65b9\u6cd5\uff1a<br \/>\n1\uff09\u8fd0\u884c\u547d\u4ee4\u884c\uff0c\u8fdb\u5165WinDbg\u8c03\u8bd5\u5668\u76ee\u5f55\uff0c\u8fd0\u884c\uff1aWinDBG -p ProcessID \/g \u9644\u52a0\u5230\u8fdb\u7a0bPID<br \/>\n2\uff09\u8fd0\u884c\u547d\u4ee4\u884c\uff0c\u8fdb\u5165WinDbg\u8c03\u8bd5\u5668\u76ee\u5f55\uff0c\u8fd0\u884c\uff1aWinDBG -pn ImageName \/g \u9644\u52a0\u5230\u8fdb\u7a0b\u540d<br \/>\n3\uff09\u8fd0\u884c\u547d\u4ee4\u884c\uff0c\u8fdb\u5165WinDbg\u8c03\u8bd5\u5668\u76ee\u5f55\uff0c\u8fd0\u884c\uff1aWinDBG \/g \u542f\u52a8\u8c03\u8bd5\u5668\uff0c\u7136\u540e\u5728\u6587\u4ef6\u83dc\u5355\u4e2d\u9009\u62e9\u9644\u52a0\u5230\u8fdb\u7a0b\uff0c\u9009\u62e9\u8981\u8c03\u8bd5\u7684\u8fdb\u7a0b\u540d\u3002<br \/>\n<!--more--><br \/>\n\u4e8c\u3001\u5728\u670d\u52a1\u542f\u52a8\u65f6\u7528WinDBG\u9644\u52a0<br \/>\n1\u3001\u8bbe\u7f6e\u8981\u8c03\u8bd5\u7684\u670d\u52a1\u8fdb\u7a0b\u540d\uff0c\u65b9\u6cd5\uff1a<br \/>\n1\uff09\u4f7f\u7528WinDBG\u7684\u5168\u5c40\u6807\u5fd7\u8bbe\u7f6e\u547d\u4ee4gflags.exe\u8bbe\u7f6e\uff0c\u5728\u5bf9\u8bdd\u6846\u4e2d\u7684Image File\u8bbe\u7f6e\u8981\u8c03\u8bd5\u7684\u670d\u52a1\u540d\u79f0\uff0cDebugger\u9009\u62e9\u8bbe\u7f6e\u8c03\u8bd5\u5668\u7684\u8def\u5f84\uff1b<br \/>\n2\uff09\u4f7f\u7528\u6ce8\u518c\u8868\u7f16\u8f91\u5668\uff0c\u6253\u5f00\u6ce8\u518c\u8868\u8def\u5f84\uff1aHKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows  NT\\CurrentVersion\\Image File Execution Options \uff0c\u6dfb\u52a0\u4e00\u4e2a\u4e3b\u952e\uff0c\u540d\u79f0\u4e3a\u8981\u8c03\u8bd5\u7684\u670d\u52a1\u540d\u79f0\uff0c\u5982  MyService.exe\uff0c\u5728\u8be5\u4e3b\u952e\u4e0b\u518d\u65b0\u5efa\u4e00\u4e2a\u5b57\u7b26\u4e32\u503c\uff0c\u540d\u79f0\u4e3a&ldquo;Debugger&rdquo;\uff0c\u503c\u4e3a\u8c03\u8bd5\u5668\u8def\u5f84\uff1b<\/p>\n<p>2\u3001\u8bbe\u7f6e\u8981\u8c03\u8bd5\u7684\u670d\u52a1\u4e0e\u684c\u9762\u4ea4\u4e92\uff0c\u65b9\u6cd5\uff1a<br \/>\n1\uff09\u6253\u5f00&ldquo;\u7ba1\u7406\u5de5\u5177&rdquo;\uff0c\u9009\u62e9&ldquo;\u670d\u52a1&rdquo;\uff0c\u6253\u5f00\u670d\u52a1\u7ba1\u7406\u7a97\u53e3\uff0c\u9009\u62e9\u51c6\u5907\u8c03\u8bd5\u7684\u670d\u52a1\u540d\uff0c\u53f3\u51fb\u9009\u62e9&ldquo;\u5c5e\u6027&rdquo;\uff0c\u9009\u62e9&ldquo;\u767b\u5f55&rdquo;\uff0c\u52fe\u9009&ldquo;\u5141\u8bb8\u670d\u52a1\u4e0e\u684c\u9762\u4ea4\u4e92&rdquo;\uff1b<br \/>\n2\uff09\u4f7f\u7528\u6ce8\u518c\u8868\u7f16\u8f91\u5668\uff0c\u6253\u5f00\u6ce8\u518c\u8868\u8def\u5f84\uff1aHKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services \\ServiceName\uff08\u8981\u8c03\u8bd5\u7684\u670d\u52a1\u540d\uff09\uff0c\u9009\u62e9&ldquo;Type&rdquo;\uff0c\u4fee\u6539\u5176\u503c\u4e3a\uff1a\u539f\u503c OR 0x00000100\uff08\u5982\u539f\u503c\u4e3a\uff1a0x00000010 OR  0x00000100 \uff1d0x00000110\uff09\uff1b<\/p>\n<p>3\u3001\u8bbe\u7f6e\u670d\u52a1\u542f\u52a8\u8d85\u65f6\u65f6\u95f4\uff08\u7cfb\u7edf\u9ed8\u8ba4\u4e3a30\u79d2\uff09\uff0c\u542f\u52a8\u6ce8\u518c\u8868\u7f16\u8f91\u5668\uff0c\u6253\u5f00\u6ce8\u518c\u8868\u8def\u5f84\uff1aHKEY_LOCAL_MACHINE\\SYSTEM \\CurrentControlSet\\Control\uff0c\u65b0\u5efaDWORD\u503c&ldquo;ServicesPipeTimeout&rdquo;\uff0c\u5176\u503c\u4e3a\u6b32\u8bbe\u7f6e\u7684\u8d85\u65f6\u65f6\u95f4\uff0c\u5982\u8bbe\u7f6e 24\u5c0f\u65f6\uff0c\u5219\u503c\u4e3a86400000\u6beb\u79d2\uff1b<br \/>\n4\u3001\u542f\u52a8\u670d\u52a1\u51c6\u5907\u8c03\u8bd5\uff0c\u6253\u5f00&ldquo;\u7ba1\u7406\u5de5\u5177&rdquo;\uff0c\u9009\u62e9&ldquo;\u670d\u52a1&rdquo;\uff0c\u6253\u5f00\u670d\u52a1\u7ba1\u7406\u7a97\u53e3\uff0c\u9009\u62e9\u51c6\u5907\u8c03\u8bd5\u7684\u670d\u52a1\u540d\uff0c\u53f3\u51fb\u9009\u62e9&ldquo;\u542f\u52a8&rdquo;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u4e00\u3001\u9644\u52a0\u6cd5\u8c03\u8bd5\u5df2\u7ecf\u542f\u52a8\u7684\u8fdb\u7a0b 1\u3001\u901a\u8fc7\u4efb\u52a1\u7ba1\u7406\u5668\u6216tlist.exe\uff08WinDBG\u4e2d\u7684\u4e00\u4e2a\u547d\u4ee4\u884c\u5de5\u5177\uff1aC:\\P [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"_links":{"self":[{"href":"https:\/\/www.abin.cn\/index.php?rest_route=\/wp\/v2\/posts\/263"}],"collection":[{"href":"https:\/\/www.abin.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.abin.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.abin.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.abin.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=263"}],"version-history":[{"count":0,"href":"https:\/\/www.abin.cn\/index.php?rest_route=\/wp\/v2\/posts\/263\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.abin.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=263"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.abin.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=263"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.abin.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=263"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}