Hello!
Any1 plz tell me where to find pdb symbol files of Windows XP sp3 (preview?)
Before install softice, I updated my xp pro to SP3, then I installed DS3.2 and softice can not work. I am getting mad for digging google for days now Btw, I did not succeed in installing softice into Win XP pro sp2 neither.
Any help will be appreciated.

Do a search of this forum!! there is reams of info on getting Sice running in XP SP2 - most of it probanly applies to your situation.

SiGiNT

From http://pcworld.com/article/id,122871-page,1/article.html?RSS=RSS ("http://pcworld.com/article/id,122871-page,1/article.html?RSS=RSS"): "Ethan Allen, creator and administrator of The Hotfix, said Wednesday that he assembled the preview pack from software updates sent by an internal Microsoft source that are expected to be released in SP3."

Good luck finding the pdb symbols for leaked binaries.

I've been running DS 3.2 for quite a while on XP SP2 and SP3. I've had no problems to speak of but I have noticed lately that my symbol names are not showing up on the softice screen.

I downloaded the XP SP2 symbols a while back and I was going to refresh my nms files. Problem is, I'm using symbol retriever from the DS32 package. I read in the archives that a Microsoft version of symbol retriever is available, and I think I used it at one time. It points to an address at Microsoft for symbols and that addy is now defunct.

I'm trying to figure out how to redirect the retriever to my files on the drive. I have tried 'file://localhost/f:/winxp/symbols', where I placd the XP SP2 symbols. Does this addressing format seem reasonable?

When I enter a file to retrieve in the symrtrvr.exe window, it just sits there saying 'PENDING'. Mind you, it did that sometimes when I was connected to the Microsoft site. Other times it just gives me a connection error. Any ideas?

The process is odd because if i hit the 'Get Symbols' button, it gives an 'error-download' message and at the same time gives a messagebox saying 'Please wait while the data is downloaded and translated'. It never comes.

Get latest symsrv/symchk from http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx ("http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx")

Usage instructions: http://support.microsoft.com/kb/311503 ("http://support.microsoft.com/kb/311503")

[Originally Posted by disavowed]Get latest symsrv/symchk from [URL="http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx"[/QUOTE]

thanks for tips Disavowed. I remembered as I was playing with symchk, that you can use the symsrv.dll from the Debugging tools directory in place of symrtrvr's (Symbol Retriever) own dll. The debugger dll is 359,424 bytes and dated 7/8/2006. It works great with the graphical interface on symrtrvr.exe, which is found in DS32 in the Softice subdirectory 'SymbolRetriever'.

I loaded about 15 dll's and exe's, like ntdll.dll, kernel32.dll, etc., into their own directory. I highlighted them all, held down the ctrl key, and dragged them onto the symrtrvr icon which was minimized at the bottom of the desktop. If you hold the dragged files for a couple of seconds, symrtrvr opens up and lets you drop the files into it's window. Then, I hit 'Get Symbols', and voila, they all showed up in my nms directory.

The stock directory listed in symbol retriever, under 'Symbol Site', is still the same download directory, http://msdl.microsoft.com/download/symbols. All you have to do is point Symbol Loader to your nms directory and you're in business.

Despite the superb FAQ from "grimani" and others I have read in this and other forums, SICE still does not want to run on my system with WinXP SP2 running on AMD 64 X2. Graphic Card is ATI Radeon X850.

I have spent several hour already today and have tried almost all the suggestions and hints in several threads I have sought for and read, but SICE still neither wants to run in Manual nor in BOOT Mode. I always get a system crash and had no other choice than to restart it.

The latest symsrv/symchk was downloaded a couple of hours ago from MS to replace the old ones in the SICE folder. Symbol Retriever runs find and fetches the symbols in .pdb-format, but does not convert it to the .nms-format, even though I have checked the options "Translate To NMS After Download" and "Load symbols into SoftICE" in the Symbol Retriever Mask.

I should however mention that I don't have any symbols (.nms) at all to start with. Which might also be part to the problem I am currently facing. The last time I used SICE was version 4.05 under Win98 SE and it is been some couple of years back.

Anybody with AMD 64 X2 and a clean running DS 3.2? Suggestions are highly appreciated and a few .nms file could also be needed for “Troubleshooting”.

Regards TempoMat

Try this:

http://www.woodmann.com/forum/showthread.php?t=7199&highlight=kayaker+video

Also, it might not be your video card. I was running an older version of Sygate personal firewall and it froze my system every time I tried to boot softice. Check other drivers as well, like virus monitors. Certain versions of Alcohol 120% are advertised to be incompatible with softice.

Have you got the 'Path To NMS' window in Symbol Retreiver filled in with a path where you want your NMS files to go?.

@WaxfordSqueers: I have tried the link
http://www.woodmann.com/forum/showthread.php?t=7199&highlight=kayaker+video already. I worked through it all night before posting. I have now got the files Kayaker suggested to be sent to him/them if all the steps still do not work. I will PM him with the files.

I don't have Alcohol 120% Installed and the only Virus monitor(s) running is Norton Internet Security 2006 which expired a few days ago, because it came bundled with a MB and have now bought Trend Micro Internet Security 2006 to replace the Norton. Only Spybot is running besides the Norton.



Yes, I have the path set but still nothing happens after symbols are retrieved. I have tried several folders for the output of the pdb and nms files but yet no .nms files are generated after the .pdb files are downloaded successfully.

Hi. Umm, that list of diagnostic output that was mentioned in that post is supposed to go to Numega support, not to me, I am in no way affiliated ;-) Still, go ahead and attach it to a new post in this thread and I'll take a look (you can't attach files to PM's which is why you couldn't do it..)

Before going any further though, please do make sure you are using the latest official patch:

ftp.compuware.com/pub/driverstudio/outgoing/patch/DS3.2.1.zip

And for the time being, don't bother worrying about symbols! Softice will work without symbols, so you've either got it working or not, the symbol translation can come later.

I hate to keep harping, but you need to investigate whether the Symantec driver is still being loaded, or not. Also, you replaced it with another driver, and you have the Spybot driver running. Symantec is notorious for not cleaning up after itself and for interfering with the normal operation of Windows. I refuse to put anything from Symantec onto my system for that reason.

On their site, you will find instructions as to how you can remove their products 'after' their installer has supposedly removed it. I couldn't see that the older Sygate was the problem till I unloaded it completely, drivers and all. The best way to troubleshoot Ice is on a clean system with no competing drivers, like on VMWare, or something. If you go that route, there are certain issue with VMWare that have to be addressed.

What exactly is happening? When you have a video driver problem with softice, it tries to load, but the screen is broken up into weird colours. Often, you can see part of the softice screen, but it has vertical lines obliterating it. If you are trying to boot from the desktop, does the DOS-type window appear at all? That window should appear with 'Start Ice' written on the banner at the top of the window. Then the softice screen should flicker on for a second or two and disappear. The DOS-type window should disappear too. After that, you can control-D into Ice.

If you are getting the DOS-type window, and it is freezing on you, I'd go looking for driver issues, especially firewall drivers. One guy had a problem with a wireless mouse. There should be a setup feature called 'Settings' (DSConfig.exe), which gives you a fair amount of control. I'm assuming you have already used it to setup your vid card. I also assume you have 'Universal Video Driver' selected under video. You can also edit winice.dat directly.

Another thing you can try is to remove the X temporarily from the end of the intialization string. That keep softice up so you can read it's initialization log in it's window. I'm not sure from your description what you are getting, but softice writes an extensive log to it's own window when it's booted. It will indicate errors for you.

I assume you have the current NTICE.SYS, OSINFO.DAT and OSINFOB.DAT. The version of NTICE should match the version of DS you are using.

@ Kayaker;
Sorry for the misunderstanding that, the diagnostic output was to be sent to you.
I have applied the patch for DS3.2.1 but the situation is still the same.

@WaxfordSqueers:
Well the Symantec driver was not completely unloaded and the other driver is not yet installed. Unfortunately when I finished deinstalling the Norton Internet Security software, I would still be left with some common drivers from Symantec i.e. pcAnywhere, which is needed from time to time for remote connections to some systems. I believe I should now go for the VMWare option. I cannot consider my current system status as clean at all as I have a lot of programs I need almost all of them only loaded when needed. I check running process once in a while to make sure no unwanted progies or drivers are running, except rootkits, which I hope none is running.

I will be leaving home tomorrow and be back at the weekend. I have another system which is currently running Win 98 SE. I will use it for a fresh install of WinXP and test DS 3.2 on it.

The X; has been removed from the initialization string already.
Softice doesn.t pop up all, so the chances of getting a log file is small.
I have played with the “Settings” also for a while and also edited WinIce.dat directly.
Most of the things you have assumed have either been tested or checked. As I wrote earlier on I had spent several hours going reading through threads and googling for stuffs related to SICE and WinXP before posting.



With a manual loading of SICE first a rectangle box (presumable an intro/splash form from SICE, but nothing can be read because it never gets fully painted) starts to pop-up and a few seconds after that the screen turns dark and then a BSoD occurs. The Dos-Type Window does not appear at all.

With a BOOT load, I see the typical SICE DOS box pop up shortly but the system hangs shortly afterwards and then the BSoD.

So when I return next weekend I'll consider the VMWare on this line and a clean WinXP with SICE on the other system..

Thanks everyone for the fantastic response as usual.

Regard TempoMat

consider a dual boot setup if you have plenty of disk space. I loaded win98SE first on Partition c:, then added XP on partition D:. They work fine together with the bonus that I can use Win 98 to access XP files. Of course, Win 98 has to be on a FAT 32 partition, and I put XP on FAT 32 as well. I'm sure you could use a native XP format on the second partition if you wanted, but then you can't access it's files from Win 98.


that rectangle is what I'm calling a DOS-type box. The softice screen appears in it during a normal load, then both disappear. When I had the problem with the Sygate personal firewall, the box appeared, and everything froze...no mouse...nothing. I had to reboot. I upgraded to version 5.6 build 2808, and everything worked fine.

I have such a combination with SICE 4.05 running on the Win98. I am now going to try the other way round, ie with DS 3.2 and patch 3.2.1 on the XP partition.



I will try fresh WinXP install and then the option of a different personal firewall on the current system with the problems also.

I am revisiting this thought about old drivers. I decided to practice what I was preaching.

I went into the XP device manager section and pruned the old drivers that I 'knew' were no longer on my system. Even at that, I managed to dislodge a video driver and had to reload the NVidia driver. Luckily, I was just about to upgrade to the latest version.

Before my pruning expedition, I could not get softice to break on conditional breakpoints. Afterwards, it worked fine. I had several old Starforce drivers from games, an old AMI diagnostic driver, and other debris. Something in there was interfering with softice.

If you try this, be careful. If you don't know what a driver does, check it on Google. Also, right-click it and choose 'Properties'. If that window indicates the driver is working fine, I'd leave it unless you're sure the software that installed it is no longer there. I had one situation, with a virtual CDROM, where it said the device was working fine, but I knew the software had been removed. I have disabled that driver temporarily till I find out how to remove it.

To help in the pruning, I made the following alterations to the 'Environment Variables' window under Start/Settings/Control Panel/System/Device Manager/Advanced/Environment Variables:

DEVMGR_SHOW_DETAILS
devmgr_show_nonpresent_devices

In the 'System Variables' window of Environment Variables, click 'NEW'. In the window that pops up, under Variable Name, insert one of the commands above, 'exactly' as shown. In the Variable Value window, insert a 1. Hit OK to close the popup. Repeat with the other command, then press OK to close the Environment Variable window.

Go back to the Hardware tab on the System Properties window. Click Device Manager. Under 'View', click 'Show Hidden Devices'. Run through all the devices and look for drivers with washed out icons. That means they are not installed. You can verify that by right clicking on them and selecting 'Properties'. The first window will tell you if the device is functional, or not. Uninstall the duplicates by right-clicking them and selecting uninstall.

I found many duplicated devices, and under 'Non Plug and Play Devices', which doesn't seem to be available without 'Show Hidden Devices', I found many old drivers. Removing them seemed to do the trick as far as getting softice working correctly with conditional breakpoints.

Well,
I just wanted to drop some words that I can at least start DS32 without the 3.1 Patch on a fresh WinXP SP2 install, after I was forced to reinstall my system at least 3 times. But finally the lights are on.

Right now only some needed software are installed and everything that has to do with "Syman..." it has been left out for the time been. I had already installed Trend Micro as firewall and there was no problem installing and starting DS. I was surprise though that Nero 6x and its associate in the Nero Ultra 6 versions were complaining about found Debugger almost at the end of their installation and refused to finish with their registration routines (in the Registry), when softice is in memory. I had to reboot and finish installing the respective software before enabling Softice. After that no complains again when the programs are started and Softice is in memory. But serious RCE with softice has not been done yet.

Side note:
Due to a few mishaps with some Programs I was debugging, I decided to try the Virtual Machines. (One particular program with a very simple Reg-Algorithm started deleting system dlls after it was released by olly to run and I had to reinstall WinXP after that. It was on the second time that I was able to catch it and stop it before more damages could be done.)

I had once downloaded M$ Virtual PC 2004 SP1 and wanted to install it but it did not work, because the file was somewhat corrupted after restoring it from an image on to a bigger hard drive. I wasn't prepared to buy VMWare and due to too many trojans coming with such files on the net, I decided to go back to M$ homepage for the VPC 2004 and lo an behold there was a VPC 2007 there to be downloaded for free.

And then the nightmare began. I spent several hours today trying to install a streamlined WinXP with SP2 on it. After several hours of failed attempts I went for Win 2000 with SP3 in a different language. This went through like a charm. So far I have tried debugging simple programs with fewer anti debugging tricks only on it to get the feeling for the VM. It works fine. I will use it to try out Programs before letting them on the main machine, from now on.

The biggest drawback of the M$ VPC is the speed. Even with 512MB RAM allocated for it, it took a quite some time before debuggees were loaded fully in Olly. Maybe I should allocate half of the total memory for it if it will run better.

So once again thanks to all that did reply and happy "RCEing"

PS I will step by step start installing the Norton Programs I need and check SICE after every install and hopefully, I will be able to catch the trouble maker.

Regards and ,
TempoMat.

Thanks for the info, and please let us know who the trouble maker is when you find him!