ntsd-XCindy-Ѻ ¼|ע뿪| |  ģӮʱд 
loading...
Ժ...
XCindy ־  Ƶ   ãװҳ   
Ѻ > XCindy > ־ > 0101 &laquo; һƪ | һƪ &raquo;2007-02-01 | ntsd  ǩ ntsd    cmd  
dos          ļ· C:\WINDOWS\system32 \ ntsd.exe
       ļڣ 08/29/2002
       汾     5.1.2600.0
       ļС 31.744ֽ
       CRC32    6D35F411
       MD5      8F0A 81E2 3718 E1C9 A4FD 5615 2CAE B88C
       SHA1     60B8 B14E 2D9E A685 4A08 AF82 880C 4116 CE1D C10D
       湫˾ Microsoft Corporation
       ļ Symbolic Debugger for Windows 2000
       ϵͳ WindowsNT\2000\XP\2003
       ntsd,Windowsڶеһ
       
ĴڣԽܶ˵Ľ̡Ҳжغܶжز˵ĶŵǹDOSϵģҪжŵٵȻһķǰ첻ġһЩҲֹǲԶ޷ɱɾntsd԰ֹ̣̽ȻSystemSMSS.EXECSRSS.EXEɱǰǴں̬ģǸWin32ϵͳntsdҪ
       ʹ÷ҪQQ.exẹ
ʼСжԻcmdسDOS,ڹ˸ĵطtasklist(ʾڼен)Ȼʾн̺PID,ͼ
ǿԷQQ.exe̵PIDΪ3980ַԽ
ntsd -c q -p 3980,ԽPIDΪ3980Ľ̡
ntsd -c q -pn process_QQ.exe,ǽΪQQḶ̌һҪӣexe
УcǱʾִdebug
q, ִн˳quit
             -p,ŵҪӦPID
pn,ŵҪĽ
  ntsdʹãȻǿԲôľн
 
TASKKILLҲǽ̵ģûntsdôİԵ
ĸʽTASKKILL [/S system [/U username [/P [password]]]] 
         { [/FI filter] [/PID processid | /IM imagename] } [/F] [/T] 
У
 /S    system           ָҪӵԶϵͳ 
    /U    [domain]user    ָӦĸû 
                           ִ 
    /P    [password]       Ϊṩûָ 
                           롣ԣʾ롣 
    /F                     ָҪǿֹ 
                           ̡ 
    /FI   filter           ָɸѡɸѡѯ 
                            
    /PID  process id       ָҪֹĽ̵ PID 
    /IM   image name       ָҪֹĽ̵ 
                           ͼͨ '*' 
                           ָͼ 
    /T                     Tree kill: ָֹĽ 
                           κɴӽ̡ 
    /?                     ʾ/÷ 
˵ʵЩǸһЩԱʹõģǴϺȻϣʱдһ¡ǲ񣬻ʵɱɣ
  |   (13) |  Ķ (86)  |  ̶ |   (0101) |   12:05  | ޸ 
2007-02-01 12:10 
ʾ̶ӡΪʾƪµĹ̶ӣл
ӵַhttp://cindyblog.blog.sohu.com/32153628.html ƴ˵ַ

     һʱɳôѺܰʾ販թƭ Ѻ͹ԱȷַΪhttp://admin.blog.sohu.com 
ðơѺ͹ٷҪμӻĸλѽκεáԡенϢҪİ绰İʻƭʶƭ 
鿴顣
ǺǣntsdҪܺŶ

 Ѻ (δ֤) (http://blog.sohu.com/) 
2007-02-01 13:11 ظ 


NTSD
There is a variation of the CDB debugger named Microsoft NT Symbolic Debugger 
(NTSD). It is identical to CDB in every way, except that it spawns a new text 
window when it is started, whereas CDB inherits the Command Prompt window from 
which it was invoked.
Like CDB, NTSD is fully capable of debugging both console applications and 
graphical Windows programs. (The name "Console Debugger" is used to indicate the 
fact that CDB is classified as a console application; it does not imply that the 
target application must be a console application.)
Since the start command can also be used to spawn a new console window, the 
following two constructions will give the same results:
start cdb parameters 
ntsd parameters 

 Ѻ (δ֤) (http://blog.sohu.com/) 
2007-02-01 13:14 ظ 


NTSD in the System32 Directory
Whereas CDB is only available as part of the Debugging Tools for Windows 
package, NTSD is available both in this package and as part of the Windows 
system itself. It can be found in the system32 directory of Windows.
If you are planning on using the NTSD that appears in the system32 directory, 
there are two important facts you should be aware of:
This version of NTSD cannot be used for Remote Debugging Through the Debugger. 
This version of NTSD may not match the version of the documentation you are 
currently reading. 
To avoid these issues, it is recommended that you use only the version of NTSD 
or CDB that was installed as part of the Debugging Tools for Windows package.

 Ѻ (δ֤) (http://blog.sohu.com/) 
2007-02-01 13:15 ظ 


Controlling CDB or NTSD from the Kernel Debugger
It is possible to redirect the input and output from CDB or NTSD so that it can 
be controlled from a kernel debugger (either KD or WinDbg).
If this technique is used with CDB, the CDB window will appear but will not be 
useable for input and output. If this is used with NTSD, no console window will 
appear at all.
Controlling NTSD from the kernel debugger is therefore especially useful, since 
it results in an extremely light-weight debugger that places almost no burden on 
the computer containing the target application. This combination can be used to 
debug system processes, shutdown, and the later stages of boot up. See 
Controlling the User-Mode Debugger from the Kernel Debugger for details.

 Ѻ (δ֤) (http://blog.sohu.com/) 
2007-02-01 13:15 ظ 


"There is a variation of the CDB debugger named Microsoft NT Symbolic Debugger 
(NTSD)"ntsdʵʰ

 ܾƽӹ (http://ybchung8.blog.sohu.com/) 
2007-02-01 13:17 ظ 


֪ʲô˼׷дҪ֪ԼдѽдԼģ˼ұ˵ѽ
治һĻѽ
ҿ㿴ˣҶ˵Ϸ˻һţᵽˡ
ö˵Ļ˵㣬ص
ң
ǵһأұ֤ҲһһΡ

 ~Cindy~ (http://cindyblog.blog.sohu.com/) 
2007-02-01 15:12 ظ 


֪ʶѧԼ, Լú仰

 ܾƽӹ (http://ybchung8.blog.sohu.com/) 
2007-02-01 15:50 ظ 


˵ԼԵ˽٣
дֻܳõģҪʲôеûģд
ҵĲǲ̫ˣǸ˲ͣǼϰ࣡
дƪͼûУҪ׷д
йظntsd,Բοܶרҵ鼮иרҵ
ҵѴ󲿷ֶǼרҵԱʲôд
ѻܲˣҲ
У̫רҵģͲҵ֪ʶ
ֻд˽⣨Ҳתر˵ģ

 ~Cindy~ (http://cindyblog.blog.sohu.com/) 
2007-02-01 16:45 ظ 


˼

 ܾƽӹ (http://ybchung8.blog.sohu.com/) 
2007-02-01 17:42 ظ 


ʹ㲻˵Ҳ˿ģϾǼϵͬѧҲͿġֻԼֻCindyĶء

 ~Cindy~ (http://cindyblog.blog.sohu.com/) 
2007-02-01 20:36 ظ 


ٺ٣

 "[ ʩ:"a! (http://wusuoweimaomao.blog.sohu.com/) 
2007-02-02 19:12 ظ 


ļֻ࣡죬֧㣡  

 ţţ (http://xingyua847.blog.sohu.com/) 
2007-02-05 09:38 ظ 


ûͱˣô

 ~Cindy~ (http://cindyblog.blog.sohu.com/) 
2007-02-05 10:45 ظ 


1ҳ  |  һҳ һҳ 1 һҳ ĩҳ
  δ¼ֻۡ ¼ 󷢱
       
      ʡ:
      վ:
        סң´ظʱϢ
       μйӮ50 
      :
      :   ط

      ظ֪ͨ:ͬʱСֽ֪ͨԷûظ

         


ͷ԰ | ͷ | ͷ | 24Сʱͷ:010-58511234(˹8:00-24:00) | ߿ͷ | ٱϢ 
Copyright &copy; 2009 Sohu.com Inc. All rights reserved. Ѻ˾ Ȩ 

  >