View DbgPrint Messages in Windows 8.1
I am trying to write a MiniFilter driver. I have an updated version of Visual Studio 2013 Update 3 and WDK on my Windows 8.1 box along with a template from MS called "Filter Filter: File Mini Filter". I created a new project with this template, allowing deployment to a remote machine (on my local network). 8.1 VM with a small batch file to install the driver instead of the built-in driver installer (which I think is not yet supported for minifilters).
There are many debug statements in this template that are typedef'd to call DbgPrint. I'd love to be able to view them in the DebugView from the SysInternals package. Obviously all I had to do was create in the registry a DWORD named DEFAULT
set to 0xF under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter
according to http://msdn.microsoft.com/en-us/library/windows/hardware/ff551519(v=vs .85) .aspx , but still nothing appears in the DebugView. I ran it as administrator on a virtual machine and disabled Win32 capture.
I would assume that the deployment tool from the WDK set up kernel debugging correctly (it created a second user in my VM called WDKRemoteUser and ran it BCDEdit /debug
for me), but that doesn't seem to be enough. Any ideas?
source to share
Sysinternals DebugView does not need a "debug ON" machine, you must use this setting for DebugView:
Start with administrator rights and set the following options: Capture Kernel, Enable Verbose Kernel Output, Pass-Through
Now close DebugView and open it as admin.
If you still can't see anything, chances are that typedef'd DbgPrint () is not included in the deployed driver.
source to share