Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page Low level WinNT debugger
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #8  
Old 04-21-2004, 23:58
_kin_
 
Posts: n/a
SoftICE have at least two components ALL components load as standard
drivers:
1. siwvid.sys - mostly UI code load as SERVICE_BOOT_START driver

2. ntice.sys - SoftICE heart can load as SERVICE_BOOT_START but also
can load as SERVICE_SYSTEM_START or SERVICE_DEMAND_START drver

Most frequently ntice.sys configured as SERVICE_SYSTEM_START driver

3. Sometimes if ntice.sys load as SERVICE_BOOT_START it use third part:
siwsym.sys - SERVICE_BOOT_START driver where packed symbolic and config
info. This module used because in time when loaded SERVICE_BOOT_START drivers no file I/O services available (this drivers load by NTLDR).

P.S. Sorry for my poor english
Reply With Quote
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT +8. The time now is 20:43.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )