mac53
March 24th, 2005, 09:37
I'm running Windows xp on the nt 5 file system. When I went to install SoftIce 3.25 nt a notice [warning] box apperared stating that there are several issues with installing SoftIce on NT 5. Below, I paste this warning:
*********************************************************
Using SoftICE with NT 5.0
-------------------------
NOTE: NT 5.0 is a beta operating system. Unfortunately, this means
that the subtle changes to NT 5.0 internals between interim builds can
break key functionality in SoftICE. We have tested SoftICE for NT
version 3.25 with Windows2000 (NT 5.0 beta 3) (1946). SoftICE is supported with known limitations on this build (see Windows2000 limitations later on in this section).
There are different manual configurations that can be made to SoftICE to
increase the chance of supporting builds other than 1946. However,
support cannot be guaranteed on builds of Windows2000 other than 1946 at this point.
Here is a list of changes that must be made for Windows2000 support.
1) Due to problems with file system access in boot drivers, if you want
to load SoftICE as a boot driver, you MUST read the text file
NT5BOOT.TXT in the SoftICE directory. It contains an explanation and
instructions to successfully use SoftICE as a boot device.
2) If using an Windows2000 build other than build 1946, you will need to do
the following. Place the NTSYMBOLS=ON keyword on a separate line in
winice.dat, and automatically load symbols for NTOSKRNL. This
keyword will allow SoftICE to use the kernel symbols for hooking key
routines and data. Be sure that the symbols being loaded are
properly matched to the build of NTOSKRNL.exe. The method that
SoftICE uses alternatively is impacted by binary changes in the
NTOSKRNL module. Using symbols eliminates this impact. Automatic
loading of symbols is done via the Symbol Loader (Loader32.exe)
Edit|SoftICE Initialization Settings menu item. Symbols for NTOSKRNL
are provide in the form of a ntoskrnl.dbg file. This file can be
translated, using the Loader32.exe or nmsym.exe, to create a .nms
file. NOTE: The debug binaries for Windows2000 Beta 3 are build with VC
6.0. Place the file 'mspdb60.dll' in the path to translate symbols
for this and later builds. This file is located on setup CD 1, in
the Common\MSDEV98\BIN directory.
3) Keyboard support will most likely break in builds of Windows2000 that are
not specifically tested. This is due to the fact that SoftICE's
keyboard driver patching is dependent on particular binary images.
For keyboard support on builds of Windows2000 that are not specifically
tested, download the i8042prt.sys driver on ftp.numega.com\anonymous\tech. Replace the driver currently
installed on your system with the downloaded driver (please backup
the original driver). This version of the driver is supported. It is
simply the i8042prt.sys driver from build 1946.
4) It is necessary to disable the boot GUI that was added in NT 5.0
build 1814. There have been some cases where the boot GUI causes
problems with SoftICE's VGA support. SoftICE will not be able to
popup in VGA or text mode if the boot GUI is not disabled. The
SoftICE version 3.25 installation will automatically add a /noguiboot switch to the Windows2000 configurations that are listed in the boot.ini file. To reenable the boot gui, remove the /noguiboot switch. Here is an example of boot.ini with a /noguiboot switch.
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINNT="Windows2000 Professional Edition" /noguiboot
* Known Limitations with SoftICE ver 3.25 and NT 5.0 builds 1773 and
greater:
1) SoftICE will most likely work improperly when loaded as a boot driver. One of two things can happen. One, the file I\O will not work in SoftICE. The file system is not initialized completely at this point. Therefore SoftICE cannot load symbol files, exports and configuration files. Secondly, a page fault can occur in the IoIsOperationSynchronous() kernel routine. These incompatibilities are a result of some major architectural changes in Windows2000. ICEPACK is the current solutions for this problem. If you experience either of these problems, read the NT5BOOT.txt file in the SoftICE install directory for instuctions on using this or, change the SoftICE startup mode to SYSTEM.
**********************************************************
The reason I do this is because after reading this I became very apprehensive as to whether to install it or not. I post this to get a professional opinion from one of our members. I see that according to this warning, they mention ICEPACK! Now whether that's the only solution to this issue, I don't know. Are there patches for this isue? Again, Idon't know! This is why I'm asking for help with this one.
Thank you...
*********************************************************
Using SoftICE with NT 5.0
-------------------------
NOTE: NT 5.0 is a beta operating system. Unfortunately, this means
that the subtle changes to NT 5.0 internals between interim builds can
break key functionality in SoftICE. We have tested SoftICE for NT
version 3.25 with Windows2000 (NT 5.0 beta 3) (1946). SoftICE is supported with known limitations on this build (see Windows2000 limitations later on in this section).
There are different manual configurations that can be made to SoftICE to
increase the chance of supporting builds other than 1946. However,
support cannot be guaranteed on builds of Windows2000 other than 1946 at this point.
Here is a list of changes that must be made for Windows2000 support.
1) Due to problems with file system access in boot drivers, if you want
to load SoftICE as a boot driver, you MUST read the text file
NT5BOOT.TXT in the SoftICE directory. It contains an explanation and
instructions to successfully use SoftICE as a boot device.
2) If using an Windows2000 build other than build 1946, you will need to do
the following. Place the NTSYMBOLS=ON keyword on a separate line in
winice.dat, and automatically load symbols for NTOSKRNL. This
keyword will allow SoftICE to use the kernel symbols for hooking key
routines and data. Be sure that the symbols being loaded are
properly matched to the build of NTOSKRNL.exe. The method that
SoftICE uses alternatively is impacted by binary changes in the
NTOSKRNL module. Using symbols eliminates this impact. Automatic
loading of symbols is done via the Symbol Loader (Loader32.exe)
Edit|SoftICE Initialization Settings menu item. Symbols for NTOSKRNL
are provide in the form of a ntoskrnl.dbg file. This file can be
translated, using the Loader32.exe or nmsym.exe, to create a .nms
file. NOTE: The debug binaries for Windows2000 Beta 3 are build with VC
6.0. Place the file 'mspdb60.dll' in the path to translate symbols
for this and later builds. This file is located on setup CD 1, in
the Common\MSDEV98\BIN directory.
3) Keyboard support will most likely break in builds of Windows2000 that are
not specifically tested. This is due to the fact that SoftICE's
keyboard driver patching is dependent on particular binary images.
For keyboard support on builds of Windows2000 that are not specifically
tested, download the i8042prt.sys driver on ftp.numega.com\anonymous\tech. Replace the driver currently
installed on your system with the downloaded driver (please backup
the original driver). This version of the driver is supported. It is
simply the i8042prt.sys driver from build 1946.
4) It is necessary to disable the boot GUI that was added in NT 5.0
build 1814. There have been some cases where the boot GUI causes
problems with SoftICE's VGA support. SoftICE will not be able to
popup in VGA or text mode if the boot GUI is not disabled. The
SoftICE version 3.25 installation will automatically add a /noguiboot switch to the Windows2000 configurations that are listed in the boot.ini file. To reenable the boot gui, remove the /noguiboot switch. Here is an example of boot.ini with a /noguiboot switch.
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINNT="Windows2000 Professional Edition" /noguiboot
* Known Limitations with SoftICE ver 3.25 and NT 5.0 builds 1773 and
greater:
1) SoftICE will most likely work improperly when loaded as a boot driver. One of two things can happen. One, the file I\O will not work in SoftICE. The file system is not initialized completely at this point. Therefore SoftICE cannot load symbol files, exports and configuration files. Secondly, a page fault can occur in the IoIsOperationSynchronous() kernel routine. These incompatibilities are a result of some major architectural changes in Windows2000. ICEPACK is the current solutions for this problem. If you experience either of these problems, read the NT5BOOT.txt file in the SoftICE install directory for instuctions on using this or, change the SoftICE startup mode to SYSTEM.
**********************************************************
The reason I do this is because after reading this I became very apprehensive as to whether to install it or not. I post this to get a professional opinion from one of our members. I see that according to this warning, they mention ICEPACK! Now whether that's the only solution to this issue, I don't know. Are there patches for this isue? Again, Idon't know! This is why I'm asking for help with this one.
Thank you...
