dbgview problem on vista Beta2

Hi All,

When I run dbgview(V4.6 dbgviewAmd64,support vista) on vista beta2(64bit build 5384),I run it as administrator.But the system show an error message: “Error loading DebugView driver: The hash for the image cannot be found in the system catalogs. The image is likely corrupt or the victim of tampering. Make sure that you have the Load Drivers and Debug privileges in order to monitor kernel-mode debug prints.”.

What’s the problem? Is there other setting needed for running dbgview?I’m new to vista. Hope for your help.Thanks very much.

Hi

dbgview, can only run at higher privilage level… use the run as
administrator option, had the same problem…

Regards

Steve

----- Original Message -----
From:
To: “Windows System Software Devs Interest List”
Sent: Tuesday, August 22, 2006 10:16 AM
Subject: [ntdev] dbgview problem on vista Beta2

> Hi All,
>
> When I run dbgview(V4.6 dbgviewAmd64,support vista) on vista
beta2(64bit build 5384),I run it as administrator.But the system show an
error message: “Error loading DebugView driver: The hash for the image
cannot be found in the system catalogs. The image is likely corrupt or the
victim of tampering. Make sure that you have the Load Drivers and Debug
privileges in order to monitor kernel-mode debug prints.”.
>
> What’s the problem? Is there other setting needed for running
dbgview?I’m new to vista. Hope for your help.Thanks very much.
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
>
>
>
>
> –
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.405 / Virus Database: 268.11.4/424 - Release Date: 21/08/2006
>
>

The error sounds like it’s complaining about the driver not being
signed… All drivers on x64 vista must be digitally signed in order
too load.

There are two ways you can get around this:

1. attach another system too that one with windbg running, or
2. there should be a boot option at start up to disable this driver
   signing policy.

m.

xxxxx@worldplus.com.cn wrote:

Hi All,

When I run dbgview(V4.6 dbgviewAmd64,support vista) on vista beta2(64bit build 5384),I run it as administrator.But the system show an error message: “Error loading DebugView driver: The hash for the image cannot be found in the system catalogs. The image is likely corrupt or the victim of tampering. Make sure that you have the Load Drivers and Debug privileges in order to monitor kernel-mode debug prints.”.

What’s the problem? Is there other setting needed for running dbgview?I’m new to vista. Hope for your help.Thanks very much.

---

Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Yes, this is the problem. Signature checking has to be turned off in order to run DbgView at x64 Vista.

There are several ways how to avoid the problem:

• turn signature checking off using “bcdedit -set nointegritychecks ON” from administrator command prompt. Works well with Vista beta 2 but unfortunately doesn’t work with 5472 build (the worst one I saw). Option is correctly set but has no effect.

• turn signature checking off for current session. Press F8 during boot and there is an option to start OS without signature checking.

• sign the DbgView driver. It shouldn’t be so hard, just extract resource, sign it with your own signature and add it back. I’m not sure if it doesn’t violate license agreement some way. And I haven’t tried it.

• ask Mark Russinovich to sign the driver. However, he just joined MS with all the utilities.

It is of course possible to attach WinDbg but why’d one use both DbgView and WinDbg at once? Personally, I take DbgView as the tool which allows to me to avoid WinDbg

Best regards,

Michal Vodicka
UPEK, Inc.
[xxxxx@upek.com, http://www.upek.com]

---

From: xxxxx@lists.osr.com[SMTP:xxxxx@lists.osr.com] on behalf of MM[SMTP:xxxxx@comcast.net]
Reply To: Windows System Software Devs Interest List
Sent: Tuesday, August 22, 2006 11:35 AM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] dbgview problem on vista Beta2

The error sounds like it’s complaining about the driver not being
signed… All drivers on x64 vista must be digitally signed in order
too load.

There are two ways you can get around this:

1. attach another system too that one with windbg running, or
2. there should be a boot option at start up to disable this driver
   signing policy.

m.

xxxxx@worldplus.com.cn wrote:

>Hi All,
>
> When I run dbgview(V4.6 dbgviewAmd64,support vista) on vista beta2(64bit build 5384),I run it as administrator.But the system show an error message: “Error loading DebugView driver: The hash for the image cannot be found in the system catalogs. The image is likely corrupt or the victim of tampering. Make sure that you have the Load Drivers and Debug privileges in order to monitor kernel-mode debug prints.”.
>
> What’s the problem? Is there other setting needed for running dbgview?I’m new to vista. Hope for your help.Thanks very much.
>
>—
>Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
>
>To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
>
>
>

---

Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Thanks!

Following the second way have resolved the problem. Debugview run normally.

But there is another problem.Debugview show the following message all the times

when capture kernel.

AtaMini: Current Irql: 2
AtaMini: Remaining Stack Size: xxxx

note: xxxx is the number.It’s mutative.

Is it come from system?Is it because the system version is Beta? I have not installed

other driver in the system.

Yes, it is coming from system since build 5381 if I remember correctly. Somebody forgot debug prints in the AtaPort driver. Reported twice, reports closed and still not fixed in 5472 :-/

In the DbgView you can filter it out using exclude filter. But it still slows down everything. Shame.

BTW, report is closed with Resolution (RESOURCE NOT LOCATED) status. Does anybody know what does it mean?

Best regards,

Michal Vodicka
UPEK, Inc.
[xxxxx@upek.com, http://www.upek.com]

---

From: xxxxx@lists.osr.com[SMTP:xxxxx@lists.osr.com] on behalf of xxxxx@worldplus.com.cn[SMTP:xxxxx@worldplus.com.cn]
Reply To: Windows System Software Devs Interest List
Sent: Wednesday, August 23, 2006 3:07 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] dbgview problem on vista Beta2

Thanks!

Following the second way have resolved the problem. Debugview run normally.

But there is another problem.Debugview show the following message all the times

when capture kernel.

AtaMini: Current Irql: 2
AtaMini: Remaining Stack Size: xxxx

note: xxxx is the number.It’s mutative.

Is it come from system?Is it because the system version is Beta? I have not installed

other driver in the system.

---

Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

>BTW, report is closed with Resolution (RESOURCE NOT LOCATED) status. Does
anybody know what does it mean?

My interpretation would be that the responsible developer skipped town and
did not leave a forwarding address.

• Dan.

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Michal Vodicka
Sent: Tuesday, August 22, 2006 7:29 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] dbgview problem on vista Beta2

Yes, it is coming from system since build 5381 if I remember correctly.
Somebody forgot debug prints in the AtaPort driver. Reported twice, reports
closed and still not fixed in 5472 :-/

In the DbgView you can filter it out using exclude filter. But it still
slows down everything. Shame.

BTW, report is closed with Resolution (RESOURCE NOT LOCATED) status. Does
anybody know what does it mean?

Best regards,

Michal Vodicka
UPEK, Inc.
[xxxxx@upek.com, http://www.upek.com]

---

From:
xxxxx@lists.osr.com[SMTP:xxxxx@lists.osr.com] on
behalf of xxxxx@worldplus.com.cn[SMTP:xxxxx@worldplus.com.cn]
Reply To: Windows System Software Devs Interest List
Sent: Wednesday, August 23, 2006 3:07 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] dbgview problem on vista Beta2

Thanks!

Following the second way have resolved the problem. Debugview run
normally.

But there is another problem.Debugview show the following message all
the times

when capture kernel.

AtaMini: Current Irql: 2
AtaMini: Remaining Stack Size: xxxx

note: xxxx is the number.It’s mutative.

Is it come from system?Is it because the system version is Beta? I
have not installed

other driver in the system.

---

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

> ----------

From: xxxxx@lists.osr.com[SMTP:xxxxx@lists.osr.com] on behalf of Dan Kyler[SMTP:xxxxx@privtek.com]
Reply To: Windows System Software Devs Interest List
Sent: Wednesday, August 23, 2006 4:36 AM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] dbgview problem on vista Beta2

>BTW, report is closed with Resolution (RESOURCE NOT LOCATED) status. Does
anybody know what does it mean?

My interpretation would be that the responsible developer skipped town and
did not leave a forwarding address.

It’d explain why they aren’t able to fix something so evident…

Best regards,

Michal Vodicka
UPEK, Inc.
[xxxxx@upek.com, http://www.upek.com]