Recently ive spent a lot of time installing SoftICE on various machines and i want to post
all the various problems i came accross and ones i have solved.

DriverSuite v3.2
----------------

XPSP2/Win2kSP4

first of all before installing softice you should install the default driver version
of your graphic card, this means the original driver that came with the machine or
the earliest version you can find, both ATI and NVIDIA offer a back catalogue of their
previous driver versions.

Keep the INIT string to a basic x; before you have softice working
Disable mouse support, no real reverser needs a mouse in softice ;-)
Make sure you install DirectX
Use the Detect and Test buttons in the video section of setup.

Issues
------

1) ".. A device attached to the system is not functioning .. "

I have solved this problem many times by ..

1.) Installing a different graphic driver.
2.) Disabling SPTD.SYS from the registry
HKEY_LOC_MACHINE/system/services/currentcontrolset/SPTD/Start change to 4

2) Upon starting softice the window flashes by then a system freeze occurs.

I have solved this problem only a "few" times by ..

1.) In winice.dat place the string NTSYMBOLS=ON, use the symbol loader to grab symbols for
kernel32.dll user32.dll ntoskrnl.exe hal.dll gdi.ll convert and load these.

If this doesnt work then

2.) replace the osinfo.dat and osinfob.dat in system32\drivers with new ones from the
compuware ftp, you can google for links.

If this doesnt work, try undo option 1

The above works for me frequently, however on non freshly installed systems conflicts can
occur with other software. If you really want softice to work then you are going to have
to spend time disabling software, AntiVirus/Spyware is a good start, and not just disabling
them but uninstalling any software which may install a kernel mode driver with system hooks
to identify the problem, However i recommend a freshly installed machine dedicated for
kernel mode debugging.

Once up and running you can use my pretty INIT line

INIT="lines 60;ws 5;wc 25;wd 6;set font 2;color 03 4e 4e 1b 1b;x;"


VMWARE
------

after installing XPSP2 you must install vmware tools, then save and shutdown the machine,
next you must edit the .vmx file and place in the following lines

vmmouse.present = FALSE
svga.forceTraces = "TRUE"


I invite people to add comments to help build an informative thread on softice problems,
please try and structure your reply in a clear way, such as,
Problem: x Solution: x

Vista
-----

SoftICE will not run under vista due to unsigned drivers, however vista x64 has a
boot option to disable this security feature, perhapes under this condition softice
is loadable, however this has never been tested by anyone to my knowledge.

/yates.

Updated Section
----------------

Additional References.
---------------------

"VMWare & Softice - Experiences, problems and solutions" thread
http://www.woodmann.com/forum/showthread.php?t=5806

The big SoftICE howto.pdf
http://www.mediafire.com/?ammxan2yl3x

Softice Official tech support.pdf
http://www.mediafire.com/?0uwtkeo0zy9

Thanks for the helpful tips. I'm sure many who are having problems with Softice will be trying them out.

Regards,

I'll submit my old "VMWare & Softice - Experiences, problems and solutions" thread:

http://www.woodmann.com/forum/showthread.php?t=5806

Inclucing me

Thanks yAtes - I've always stuck with Olly as the experiences I've had with SoftICE on XP discouraged me from giving SICE a proper go. Armed with this info, dELTA's thread and 'The Big SofICE Howto' (reconstructor.org IIRC) I think I'll have another go

Nice thread [yAtEs]

As you say lets make it an informative thread i would like to add a problem on my system which maybe you or someone else here must have encountered

When i set softice startup to "boot" mode it loads fine and show a proper display with registers and everything but
when i set it to anything other than boot i.e. system/manual/automatic it starts up fine (the system stops on ctrl+d) but i dont see the softice screen. everything freezes (as it should ) but i still see my wallpaper and stuff
i mean not i dont see the black softice window
i think i am missing something and also since it starts fine in boot mode the graphics driver must not be an issue.

Sytem details : WinXP SP2 with kaspersky and a few other progs which hook the system installed

any help appreciated
thanks

i am attaching 2 pdfs which will help as softice guides (since this thread is meant to be a reference)

The big SoftICE howto.pdf
http://www.mediafire.com/?ammxan2yl3x

Softice Official tech support.pdf
http://www.mediafire.com/?0uwtkeo0zy9

Well, this blog morphed into a thread. . .
My only comment here is every time you try to revive SoftIce, Disavowed turns and screams inside his grave . . .
If you insist messing with Sice, he will inflict severe punishment to all of you, puny mortals.

Lol. Yes! Dig your heels in Softice users. Kick, scream, scratch and bite if you must. We will re-convert disavowed yet

Do not go gentle into that good night,
Old age should burn and rave at close of day;
Rage, rage against the dying of the light.

hmm I've used softice on various machines and never had any problems with it. celeron, athlon, c2d, ati, nvidia, intel gfx... no problems so far at all... and always on win xp sp2. There is interesting thing, when I don't enable PAE, SoftICE can't locate @MiCopyOnWrite(still it works great), but when PAE is enabled, softice locates this procedure without a problem when right symbols are used...

SoftIce loves those who love SoftIce, deroko and Kayaker.

Btw, almost forgot this one, for all you kernel debugging fans who want to go VMware:

http://www.woodmann.com/collaborative/tools/VMKD

I guess you are right Softice likes us

It's funny, deroko, I had to install softice 2 weeks ago on a vm, because after years I needed it again. I became mad!

First XP wasn't working emulated on Vista64, then win2k wasn't working on Vista64. The mouse wasn't responding (I tried everything). I reinstalled win2k on a VM on XP64. Then softice wasn't working on it win2k. Then I managed to make it show up but breakboints were not catched (and i tried that breakinsharedmods with no success). So, I changed softice version (uninstalled the old one) and FINALLY it was working.

Still, softice was the best reversing tool in history. I miss it and I never got used to ollydbg (neither could I have used olly in this case).

Hi Daniel,

I use latest softice with official patches from compuware, and always on live system Never used it in VM to be honest

i use this

http://ricardonarvaja.info/WEB/OTROS/HERRAMIENTAS/A-B-C-D-E/DRIVE%20STUDIO%203.2.1%20con%20parche%20para%20Sp2%20(SOFTICE)/

with the included patch and work perfect in the WXP sp2 in my work (the PC is new i think this can be the reason but i not need nothing more than the patch)

I use in a live system too, not virtual machine and put load the driver manually, not automatically and work similar to my OLD softice 4.05 in w98 of my memories from 199x jeje.

ricnar

Uhm, don't understand you guys. Why use a live system? Ok, some protections check for VMs, but in most cases it works. I love too much being able to listen to music, chatting, etc. while debugging. In fact, I'm sad that VMs became a reality (due to computers performance) only in the last years. When I was heavily using softice on my pentium III (128 mb ram) I didn't have this kind of luxury.

.. 'cause the times they are a changin'... =)

Hi Daniel,

well main reason is because all my programming tools are on live system, and sice seems to work faster on live system. When it comes to music, as I use sice on laptop, I can always play music on my desktop machine

If I'm not remembering wrong, there was even a SoftICE music player plugin once, to remedy the "lack of music" problem...

Finally got Softice to work in a VM
Initially i tried Virtual PC but it did not work than tried Parallels VM but it doesnot support Softice
finally tried VMWARE and it worked without any hassle at all
In terms of performance Virtual PC seems to be the works Parallels was better but VMWARE is the best and i guess everybody knows it.

Maybe i can make a video tutorial if anybody needs it.

@GEEK
[Maybe i can make a video tutorial if anybody needs it.]

It is a really good idea!!!

The Internet/YouTube generation:

We don't read,
We don't listen,
Streaming video
's the only way
into our souls. . .

I was trying a whole day to get SoftICE working, but i finally gave up. I have GeForce 8800, XP SP2 and the best i can get is freeze on CTRL-D without softice window (and unfreeze on pressing CTRL-D again). I even found an explanation on some russian server, why it can't work. Then i started playing with VMWare, but it was the same - I tried DS 3.1, DS 3.2 and various configurations in VMWare (with or without VMware tools, etc.). Most of the time, it was freeze without softice window, sometimes I couldn't start softice at all and once i managed to make softice window appear, but I wasn't able to replicate it later.

I'm not some noob, I was using softice heavily few years ago. Now I have more time and I returned to reversing and I can't make it working :-(

If someone here has similar configuration like me and working softice, what versions of vmware and softice are you using?

Oh, and then I tried to make WinDbg working with VMWare (with help of whatever I could find, like this: http://silverstr.ufies.org/lotr0/windbg-vmware.html). It almost worked, but I'm still missing something. I'm able to connect to a named pipe, but that's all. Windbg just waits and I can't do anything (once I even crashed VMWare, but that was all):



Anyone had this problem?

Just a few considerations when installing Softice + VMWare, in case they were missed.

To start with, the official DS3.2.1 patch should be used (when installing version 3.2.1 of course). Since it's no longer available from the Compuware ftp site I uploaded it to the CRCETL, which I think should be OK:

http://www.woodmann.com/collaborative/tools/Compuware_DriverStudio_Version_3.2_patch


Also make sure to follow all the hints in [yAtEs] Post #1 above, including the links, particularly to set these lines in the .vmx file:

vmmouse.present = FALSE
svga.maxFullscreenRefreshTick = 5

Both of these lines are described in the Using Softice.pdf manual.


If you still can't get the Softice window to show, you can try looking at the debug messages which are logged to the history file on loading, you might get some clue. To do this open the Softice Symbol Loader, Loader32.exe, and select File/Save SoftICE History As.

The Russian site is wrong. I've had ice with IceExt working perfectly on XP with SP2 for a long time, mouse too. It started acting up when I added the updates for SP2, so I took them all off, including SP2, then I reloaded SP2 and nothing else. Ice has worked fine since. I'm using a router with a built in firewall and Sygate firewall ver 5.6 build 3408. I don't need Msoft hole stuffers.

The first thing to do is remove the X from the INIT command in winice.dat. When ice loads, the DOS-like window will come up with any error code it encounters. You will probably figure out what's wrong by reading the errors. If the DOS-like window doesn't come up, you probably have a video problem. If you're using USB keyboard and mouse, that can be a problem, but I use both and ice works fine. If you're using anything by Symantec, get rid of it.

I have written plenty on this problem on RCE, and there is excellent advice from others. The solution is there if you have the patience.

Thanks guys!! It's finally working on VMWare. I will make some tweaking and then I will write small step by step tutorial for people, who could have same problem like me.

The key thing was probably installing 3.2.1 update, which I didn't do before.

EDIT: another interesting thing - when I set softice to start after boot, it doesn't work (and can't be started manually even after boot). I have to set at least starting with system and start it manually, but it's OK for me.

Here is a small tutorial for installing SoftICE on VMWare (versions - DS 3.2.1, VMWare 6, WinXP SP 2):

1) Install VMWare, start new project, configure it (increase memory if you want; increase number of processors, if you have more than one; configure CD-ROM (you will need one for installing Win); configure serial port etc.). Exit VMWare, go to your image directory (usually in documents/ My Virtual Machines/your_system), open *.vmx file and add these two lines:



Note: first line doesn't mean, your mouse will not work

Save and start VMWare.

2) Make a snapshot! Start virtual machine, installation should begin, so do what is needed. After OS starts, do some tweaks you need to do and install VMWare Tools (from VMWare menu outside of VM). Configure file sharing and share some directory (place Service Pack 2, Driver Studio etc. there) . Restart. Increase screen resolution. If you didn't have SP2 integrated, install it now, but without later updates (I have updates till 3/2007 and it works fine). Restart.

3) Now make another snapshot in case something goes wrong. Don't take this lightly. Install Driver Studio 3.2. Install 3.2.1 update from here:
http://www.woodmann.com/collaborative/tools/Compuware_DriverStudio_Version_3.2_patch

Start "Settings" from start menu and make some changes:

Startup - set Manual or Automatic. For me, Boot doesn't work at all and System works the same way as Manual. You can change it later.
Settings - if you plan on remote debugging, all checked
General - paste this as initialization string:
"lines 60;ws 5;wc 25;wd 6;set font 2;color 03 4e 4e 1b 1b;x;"
(taken from yates's post); increase video memory size to 4096
Serial debugging - if you plan on remote debugging, mae some changes here, more about it in second post here:
http://www.woodmann.com/forum/showthread.php?t=5806
Mouse - should be set automatically, no need to turn it off (VMWare emulates type of mouse you need)
Video - use "Universal Video Driver". When you click on Test, it should say "Softice Universal Video Driver test completed successfully".

You may need to edit other things, if you plan on serial debugging, more here in second post:
http://www.woodmann.com/forum/showthread.php?t=5806

4) Restart and pray, that it will work. Start Softice and if you see familiar window, it should be OK. Now make another snapshot and make final changes and whatever you wish.

---------------------

BTW, after Xth reinstallation of WinXP, my WinDbg started to work correctly