`Ethereal` User's Guide: V1.1 for Ethereal 0.9.7
<<< Previous	Ethereal Display Filter Fields	Next >>>

Microsoft Registry (winreg)

Table 159. Microsoft Registry (winreg)

Field	Field Name	Type	Description
reg.access_mask	Access mask	Unsigned 32-bit integer	Access mask
reg.hnd	Context handle	Byte array	REG policy handle
reg.keyname	Key name	String	Keyname
reg.openentry.unknown1	Unknown 1	Unsigned 32-bit integer	Unknown 1
reg.openhklm.unknown1	Unknown 1	Unsigned 16-bit integer	Unknown 1
reg.openhklm.unknown2	Unknown 2	Unsigned 16-bit integer	Unknown 2
reg.opnum	Operation	Unsigned 16-bit integer	Operation
reg.querykey.class	Class	String	Class
reg.querykey.max_subkey_len	Max subkey len	Unsigned 32-bit integer	Max subkey len
reg.querykey.max_valbuf_size	Max valbuf size	Unsigned 32-bit integer	Max valbuf size
reg.querykey.max_valname_len	Max valnum len	Unsigned 32-bit integer	Max valname len
reg.querykey.modtime	Mod time	Date/Time stamp	Secdesc
reg.querykey.num_subkeys	Num subkeys	Unsigned 32-bit integer	Num subkeys
reg.querykey.num_values	Num values	Unsigned 32-bit integer	Num values
reg.querykey.reserved	Reserved	Unsigned 32-bit integer	Reserved
reg.querykey.secdesc	Secdesc	Unsigned 32-bit integer	Secdesc
reg.rc	Return code	Unsigned 32-bit integer	REG return code
reg.unknown1A.unknown1	Unknown 1	Unsigned 32-bit integer	Unknown 1

<<< Previous	Home	Next >>>
Microsoft Network Logon (rpc_netlogon)	Up	Microsoft Security Account Manager (samr)