DbgView Trouble

I think we all know that the DbgView utility uses a kernel driver to do
its work (dbgv.sys), and it ordinarily removes that driver after it runs.

One of the more recent updates to Windows 10 has changed things so I am
no longer able to run DbgView twice in a session. When the first run
completes, the driver remains in the file system, and the next attempt
to start it gets

Could not extract DebugView driver to
C:\WINDOWS\system32\drivers\Dbgv.sys: The process cannot access
the file because it is being used by another process.

I can’t delete the file. If I rename it, then DebugView is able to
start up again. Process Explorer can’t find an open handle to it. Am I
the only one seeing this?


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

Perhaps a side effect of the change in Windows 10 that backs (non-boot) kernel-mode drivers by their file-system file rather than by the page file.

I can reproduce it. Let me see if I can figure out how to file a bug against dbgview. It seems like it should either detect that its driver is already running when trying ot install it, or shutdown its driver when you exit.

-p

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Tim Roberts
Sent: Thursday, March 10, 2016 2:16 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] DbgView Trouble

I think we all know that the DbgView utility uses a kernel driver to do its work (dbgv.sys), and it ordinarily removes that driver after it runs.

One of the more recent updates to Windows 10 has changed things so I am no longer able to run DbgView twice in a session. When the first run completes, the driver remains in the file system, and the next attempt to start it gets

Could not extract DebugView driver to
C:\WINDOWS\system32\drivers\Dbgv.sys: The process cannot access
the file because it is being used by another process.

I can’t delete the file. If I rename it, then DebugView is able to start up again. Process Explorer can’t find an open handle to it. Am I the only one seeing this?


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.


NTDEV is sponsored by OSR

Visit the list online at: https:

MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
Details at https:

To unsubscribe, visit the List Server section of OSR Online at https:</https:></https:></https:>

Tim Roberts wrote:

> I can’t delete the file. If I rename it, then DebugView is able to
> start up again. Process Explorer can’t find an open handle to it. Am I
> the only one seeing this?

No, you are not the only one seeing this.
http://forum.sysinternals.com/dbgview-and-windows-10_topic31740.html

Alan Adams
Client for Open Enterprise Server
Micro Focus
xxxxx@microfocus.com

December 2018, problem is still there. The SysInternals site still has version 4.81, dated 2012, so obviously nobody is maintaining anything there.
Could the source code be made available so that you or I could fix the bug and send them the fix?

That’s now a part of Microsoft. No one here can do anything about it.

Additional note about renaming the dbgv.sys file…
After doing the rename, dbgview will not only start up correctly, but it will continue to start up correctly after being closed, until the system is rebooted. After reboot, it requires another rename of dbg.sys after the first startup and exit of dbgview.