Here is my little contribution, these patches are based from +Splaj's little walk-thru.

These were created with DS 2.6 build , NTICE.SYS version 4.2.6, build 922

They hide SI from all but Int 1 detection. I'm not sure yet how to hide it from that. I need to do more reading hah.

Works ok.


UPDATE WARNING: Use these at your own risk. I tested them only breifly. Feel free to try them if you wish however. I created them on a computer with Win2K service pack 2.

-nt20

Hola

Could I know difference between apllying this patch and patching nticedump, otherwise, would these two patches play together? (sorry - newbie )

thanx

Well, as far as I knew, there was no icedump patch yet for DS 2.6, please correct me if I am wrong.

I would go ahead and use the nticedump patch - it should take care of everything methinks. But I'm not sure because I've never gotten it to work !!!

I wouldn't combine these patches, it might not be a good idea. I just use procdump for dumping mainly anyway - and revirgin for tracing. Basically on NT you need a whole different toolset, but it is nice to be able to dump from SI.

Personally I've never gotten nticedump patch to work. Let me know if you do, and if there is a version for 4.2.6 build 922..I need to check on that.

-nt20

NTIceDump is not stable with DS 2.6. I often get a BSOD when I dump with NTIceDump.