a week after "solving" "3 small or 1 big prob" i managed somehow to ... well, lets say i have almost just the same problem as back then.

almost because: now i dont have a firewall and SI's log shows no errors
the same 'cause: the keyboard hangs up when mouse is moved, or when mouse sends a 'ping' to the motherboard /or windows, whatever../

history:
it seemed quite strange to me that uninstalling firewall solved the problem, earlier but i didn't investigate as the SI worked just as it should (even breakpoints were ok without applying anything). i have installed something completely harmless (i have checked later), uninstalled it, then after a few days tried to launch SI - bang, keyboard got crazy again.

found:
EVEN with USB mouse unplugged, keyboard driver gets damaged on SI startup. EVEN with USB mouse unplugged and uninstalled form the system.
SoftIce all the time claims in the log to have found "PS/2 Mouse"
[NTICE: PS/2 Mouse Detected]
It finds it even when the mouse is unplugged.
Ideas that it has something to do with option Mouse=PS/2_or_USB (either enchanced or not) or MouseSupportEnable or DisableUSBMousePathcing or DisableUSBKeyboardPatching or DisableNumlockProgramming - spare me. I have really tried every possible combination (there are exactly 64 combinations).

Whats more funny, on PS/2 i have .. keyboard. So its obvious that once SI detects mouse on PS/2, and theres keyboard, and mouse is on USB, something must crash on mouse movement. without mouse, keyboard works well until numlock, or one of several other keys are pressed - then it hangs.

I can operate in wins without mouse and without that keys, but isn't it ridiculous that IT DETECTS KEYBOARD AS A MOUSE?????

I thought that all of that shit happens because of NMFILTER driver, but having it installed/uninstalled really have no impact neither on system nor on SI.

I tried again all the tricks, including 3 separate "secret keys" in the registry (they're quite HARD to find over internet, but somehow i found them :P ) - no effect.

*HKLM\system\services\ntice\"KbdMethod"=dword:67416E5A
- 'Secret':normally there is nothing like that - value is zero
- so SI says in the log: without value/with val. added
[NTICE: Patching Keyboard using method 0 / 67416E5A]
- i have no idea what the value means. any one seen different val?
- any one knows what is 67416E5A ?

*HKLM\system\services\ntice\"MouseType"=dword:0000xxxx
- here is mouse type stored. 0001 for COM1, 0002 for COM2, 0003 for PS/2/USB;
- xxxx+=0100 for EnchancedMouse (everything in hex)
- 'secret' is that there is at least one more modifier, normally not documented nor written to registry by SIoptions: "set bit 15 of the value to disable usb mouse detection, as SoftIce tries to detect it even if MouseSupport is disabled" 15bit is +=4000. of course doesn't work.

*the 2 'secrets' above i have found somewhere at compuware's but in last days i have tried to find them and they seem to be missing now

- there also is MouseType value in siwvid key. it was set to 0003 by installer and nothing seems to be able to change it. i tried changing it to 0103 and 4003 and 4103 and nothing happened at all. Compuware says nothing about that doubled entry.

so, do you have any ideas left?



----------------------------------------------
compuware's text about something similar in BC:
http://frontline.compuware.com/nashua/kb/doc/720.asp
* it OLD, about PSmouse and BC for dos, but still similar

something for better moods:
1) go to http://frontline.compuware.com/nashua/kb/doc/si_index.asp
*) rememer the link
2) scroll down to "FAQID934 - SoftIce support for Power Managament including hibernate and suspend modes"
3) enter and say WOW

Howdy,

Tell us again what kind of rig you have. Plus video card, MB, OS,
you know, all the particulars.
Give us an output from your task manager with running processes.

Woodmann

huh... ok, reply first:

Duron 1.2GHz 256M Ram (2xSIMM 128m 133mhz)
board K7S5A, LAN & sound integrated
GF2MX400 64MB, producent? dont remember.. i'll check later
HDD 40G
WinXP SP0
Mouse: Microsoft Wireless Intellimouse Explorer 1.0A, USB
Keyboard: "SuperPower" Win98 Standard Keyboard, PS/2

Procs, non vital:
i/u - installing/uninstalling - no efect

ctfmon (system)
daemon (DaemonTools 3.43)
DAP (download accelerator plus, i/u)
DASVCNT |
DPConfig |
NCS |
DSTrayAPP | (files from DriverSuite and DevPartner, DevPartner installed after SI rolled back)
mdm.exe (system something)
msiexec (ms installer)
netdde (std sys service, i/u)
nvsvc32 (nvidia helper service, from detonators i think)
point32 (ffrom mouse's driver. installed after rollback)
rundll32 (dunno what it did started and keeps running)
svchost x 5
vc5play |
vc5secs |
vc5tray | from VirtualCD v5, i/u
winampa (winamp agent, from winamp5.01, i/u)

thats all. as you see, everything is either system' or checked....

now, some good news..
i have tricked windows to accept "the one 1000% supported i8042prt.sys", available at compuware's KB (somewhere not in package w2ktest.zip!) - ftp://ftp.compuware.com/pub/driverstudio/outgoing/Keyboard/i8042prt.sys.
[tricked, because this file comes from W2000 SP-sth. well.. it shouldn't work at all, but it does a little good] now, SOFTICE at last stopped being USB-mouse-vulnerable. not only keboard doesn't hang when mouse is moved, but even SI doesn't hang when moved with SI window (however, there's no SI's mouse cursor..)! that is an achievement...

however there is still one thing. keyb doesnt hang on u-m-movement, but it now hangs on pressing NUMLOCK/CAPSLOCK/SCROLLOCK.
YES, i know about the option DisableNumProgramming aka NOLEDS=ON
That doesn't work. Its obvious that that is the very problem, but how to switch it off when it doesn't switch off? i know it ignores options, because if DoNotPathKeyboardDriver is checked, SI also ignores it, and patches it (at least it claims to have done it in SI log..)
(also i have tried the rest of the options, of course)
(and tried to i/u nmfilter.. )
next strange thing - the keyboard hangs, i log off (->welcome screen), log in, and the keyboard is unlocked. press num lock, keyb gets locked again, i can still logoff and unlock keyboard. hey. that would point to the users' services, right? wrooong. when i press numlock/etc on welcome screen it still hangs, also at the very first login, just after restart (of course if SI is in boot or automatic mode)..

its getting better now i have a mouse hehhe.
oh, and its also interesting that INSIDE SI, Num/Caps/Scroll/Lock are working just right...

hmm.. i've found one VERY useful for me thing:
once the keyboard hangs, lets say because i've pressed CAPS, i can still (by mouse) launch OnScreenKeyb there press CAPS (to turn it off) and ... keyboard unlocks.

as for now it seems weird

I had this keyboard and problems with it, i think it was because it installed some crappy keyboard manager software (unnecessary unless you legitimately use the media buttons).

When softice loads it halts all processes, so the keyboard manager dies until you can flush it (by using the onscreen display, or restarting the keyboard app).

Im pretty sure i got it working by disabling it, but i can't remember for sure, it was a while ago.

well.. in fact that could be it, but i believe you mistook my KB for some its newer version ) its plain, standard keyboard. alfanumerics, std keys like tab, caps etc, numpad, F1...F12.
...and keys 2x'Win',1x'DropLst', power,sleep,wake. i dont think they would mess with anything, as they're almost in any keyboard you can find now..
and i haven't installed any extra software, or drivers for it (it didn't have any). its running as "Std 101/102-Key or Ms Natural PS/2 Keyboard".

Howdy,

I had a hard time finding any quality info about "superpower" keyboards.
This could be a bad thing.

Procs, non vital:
i/u - installing/uninstalling - no efect <------says who ?

ctfmon (system) <-----shut this off
daemon (DaemonTools 3.43)
DAP (download accelerator plus, i/u) <-----shut this off
DASVCNT | <-----what is this ?
DPConfig | <-----shut this off
NCS | <----this could be anything
DSTrayAPP | (files from DriverSuite and DevPartner, DevPartner installed after SI rolled back)
mdm.exe (system something) <----I hope you are not using this
msiexec (ms installer)
netdde (std sys service, i/u) <-----You will know what this does if someone hacks your box. <----shut this off
nvsvc32 (nvidia helper service, from detonators i think)
point32 (ffrom mouse's driver. installed after rollback) <----shut this off
rundll32 (dunno what it did started and keeps running) <-----C'mon man!!! this runs a dll as an app
svchost x 5 <-----5 things that are running and you dont know what they are ?
vc5play | <-----shut this off
vc5secs | <----shut this off
vc5tray | from VirtualCD v5, i/u <-----shut this off
winampa (winamp agent, from winamp5.01, i/u) <----shut this off

www.blackviper.com
This place will help you to understand what is running and what/how to shut off the things you dont need.
Else you can keep on guessing and hope to get lucky.
If you want to keep guessing, go buy a 2 dollar used MS keyboard.

OBC

it seems that you didn't notice that small strange "|"
all four are from DriverSuite and DevPartner..
and I DO know what rundll23 does. i meant i dont know WHAT IT LAUNCHED


in fact, i know that they're just next 5 system services, that i turned on later. none of them are virus/trojan.


well, i have tried already.


all that program does is obtaining battery status from mouse, and maybe it adds few more configs to wins.. and maybe you didn't notice - i have installed it AFTER SI got crazy. now SI is a little better :P


is there anyone that doesn't know this site? why would it be me? <rotfl>


well, that keyboard is old as... i don't know what.. dinosaures? it is really PLAIN keyboard. "SuperPower" is its manufacturer, not super-duper-commercial-name-for-just-a-next-newest-gadget-on-the-market...


as i have checked, it came with MSVC++6.0 i have installed.
as i have read through much blahblahblah at compuware's SI should be 101% compatible and non-conflicting with this. i'll check it once again, but i don;t give it much chance to be the reason.


tough question. maybe me? if i say it doesn't have any, then it didn't have any effect when i removed it. i have removed things incrementally, so there is no way that several things could be conflicting with SI parrarelly.

Howdy,

rundll32,<--- I am glad you know what it is, what you dont know is what it is running.

svchost x 5, <--- they make progs that will tell you what is running.

www.blackviper.com : /snip/ <rotfl> <-----I dont see whats so funny. So you know about this place, /snip my bad thoughts/

i have read through much blahblahblah at compuware's SI should be 101% compatible and non-conflicting <----- I wish they had to pay me a dollar for every person who found this to be bullshit.

A lot of people have posted their thoughts about what may be happening and you seem unwilling to try most of them. --> | <-- means nothing in the realm of SI and the problems of getting it to work with XP.

Go get olly.

OBC

hi there.

if it is still the problem with XP and SI 4.x just wanted to say (not too loud, but since it works - it works) i also have one machine with XP (need it, but cant live without sice, even at work ggg) and sice 4.05 for eg with a lil patch that made it run perfectly. if you want i can have a look which one it is ... as there is soooo much written here i must admit i did just read the start of your 1st topic. if it is about paricular win/keyb problem please gently "forget" my posting

greetz, 0xf001

0xf0001 - well.. it would be great if you would but dont bother if its the 3-files-patch, as i have tried it already a few times.. oh, and i have SI 4.30, so that probably won't work, but i'll try whatever you have..

woodman - there really were quite many ideas, i don't deny that. but you see, most of them i either tried already, or they were very similar to what i have done. or they were usual 'turn off xxx'/'uninstal xxx' while i either dont have 'xxx' at all, or tried to run SI earlier when i didn't have 'xxx' on the computer. and if you think i'm unwilling to try something, that would only mean that either i have tried it already and so i left the idea unreplyed, or i have tried it, it had no effect, and i have forgot about it (or accidentially posted the reply on another forum, but it is less likely).

one more thing: for me, you seem to be just as stubborn as i must look for you i can't understand, why do you stuck on those apps i have commented.. i know that earlier i've had a problem with firewall, but the firewall was the very thirst thing i have installed on the system, and if i remember well next was msdev, ACDSee, Winamp and SI DevPartner for example, came later, faar later. After solving problem with process termination (->firewall conflict) and after SI got crazy again. i believe i have written that.. i believe that i also said that i have treid turning off everything that is not vital for things i have to leave. and if you can trace back to the previous post - the problem with the keyboard have been there from the very beggining. so just after reinstalling wxp, installing 3..5 progz and installing SI, there were 2 problems. i/we have solved one, and the second (this) is now the target..

so if you still think, that any soft could be in conflict with SI, tell me, how it could be that:
i had X programs installed and Firewall => SI was malfunctioning in 2 matters. i uninstalled firewall => SI got cured. then i installed one or two programs, now i don't remember what => SI started to fuss with keyboard and mouse again. so i uninstalled them => no effect. so i searched for orphaned files/regkeys/blah an uninstaller could leave and removed that few i have found => no effect on SI. then i started installing/uninstalling different versions of SI again, tried with DevPartner (which was supposed to have it own debugger, also SI, as i have read somewhere), tried with OS/dat's, with registry, with (paste here all my posts at this forum about tried methods), and at last with swapping i8042prt.sys from W2000 SP4 which took the case to the present state....

to say it again (present state):
pressing numlock/capslock/scrolllock hang the keyboard, if SI is working in the background. if it is in fore- everything works fine. if keyboard hangs, i can de-hang it by turning OnScreenKeyboard and pressing num/caps/scroll (to turn off their function). DisableNumProgramming is not working. DisableKeyboardPatching turns off the keyboard at all. Other Troubleshooting options have no significant effect in ANY combination. My first question posted in this thread is still open :
*)how can i disable NUMLOCK (LED) PROGRAMMING when neither SoftIce's Options app, nor correcting the settings in winice.dat seem to have any effect? it seems just like SI is ignoring them completely.
*)maybe via registry? what key i need to change? hklm->service->nmfilter->i8042prt.sys? it has dword value of "1". what are other possible? if nmfilter is important, why SI works even with it uninstaled?
*)maybe via winince.dat? there is a great number of obsolete variables. NOLEDS that are set by the installer could be also obsolete, then it would be nothing strange if SI ignores it. but it being obsolete would be strange, because the SI OptionsApp sets it..

hi quetzalcoatl!
it is actually a patch that povides you with new siwvid.sys and ntice.sys
i remember i also tried a few - this finally worked for me. starting PN mode ...
think it should not be a file sharing board...

greetz, 0xf001

hey, i didn't ask you to post any file here i only asked what did you use but is like i thought, that was just that 3files-patch, which didn't work for me. well i have no idea how many versions of the patch are there, but i didn't find any for SI4.30


well.. thanks everyone for replys& ideas, but seasonal exams are close, and probably i will not have much time to keep on fighting with SI. fortunatelly i can use it if i don't touch several keys, but its rather a nuisance that serious problem.

SUMMARY (for this problem):
the 0.5-final solution was to overwrite the system32/drivers/i8042prt.sys with older wersion from W2K SP4. the file you can obtain at Compuware's KB or for friend :P

see ya later

aehm quetzalcoatl: 1 + 1 = ? or do you also count the zip file container ggg ... ok stop this now...

greetz, 0xf001

heh.. i thought it obvious :P 3filespatch is a collection of ntice.sys, siwvid.sys and siwsym.sys. however, if person who packed that files is a bit smarter than others, he/she could have noticed that siwsym.sys can be manually re-generated by user by using icepack.exe, so he/she didn'e include the file in the package, making it smaller and easier to distribute