Exetools

Exetools (https://forum.exetools.com/index.php)
-   x64 OS (https://forum.exetools.com/forumdisplay.php?f=44)
-   -   x64 Win10 DbgPrint driving me nuts (https://forum.exetools.com/showthread.php?t=19131)

Git 02-21-2019 03:30

x64 Win10 DbgPrint driving me nuts
 
I've developed the occasionally driver for many years, but this is the first time I've used Win10 as the development machine.

I can't see any DbgPrint() output

Nothing. I've tried the usual DebugView and also dbgMon. I've made the DEFAULT=0xFFFFFFFF registry fix I saw recommended. Still nothing. It may well be relevant that the Win10 machine is a VMWare guset OS.

Anybody point me at the obvious please?

Git

nulli 02-21-2019 16:23

Did you run DebugView as admin and enable "Capture|Capture Kernel" and "Capture|Enable Verbose Kernel Output" menu items?

Git 02-21-2019 22:39

I'm in the habit of running tools like that as admin, but I honsetly can't remember. Yes, Capture Kernel on, verbose tried on and off.

Later - admin mode didn't reakky make any difference. I am getting some entries in the lst, but none from my semi-working driver and it's very quiet in general compared to how I remember it.

Git

atom0s 02-22-2019 03:29

Do you have any other tools swallowing the output before it hits the others you are watching? Any hooks in place to block the flow of those API as well?

niculaita 02-22-2019 04:19

Quote:

Originally Posted by Git (Post 116449)
I've developed the occasionally driver for many years, but this is the first time I've used Win10 as the development machine.

I can't see any DbgPrint() output

Nothing. I've tried the usual DebugView and also dbgMon. I've made the DEFAULT=0xFFFFFFFF registry fix I saw recommended. Still nothing. It may well be relevant that the Win10 machine is a VMWare guset OS.

Anybody point me at the obvious please?

Git

I used hasp srm debuger sys with monitor on windows 10 x64 but works only if UAC is off

Evilcry 03-11-2019 23:43

With DbgView remember also to add "Enable Verbose kernel output".

I had a few issues on W10 x64 because the dbgview driver was not running.

Here what I do:

Run DbgView as Admin
Set the various flags
At this point if it's not working I close and reopen it

don't know if it's your same issue but probably is worth a try

Avalon 03-19-2019 01:13

If you have Visual Studio running, it will capture the debug output. Do you see any output in i.e. DbgView?

I assume you've verified the the regkey is:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter "DEFAULT":DWORD 0xF

Now during driver dev I often change the KdFilter away from DEFAULT to avoid spam from Windows and all other drivers. If you have windbg attached to the kernel of the guest in vmware what value does this give:
Quote:

dd nt!Kd_DEFAULT_Mask


All times are GMT +8. The time now is 00:48.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX