Anti-Debugging ? ?

[TechLord]

My personal experience is that IceExt v0.67 tends to make the system unstable , especially when used on WinXP SP2...
In fact, i tend to do these types of troublesome cases on an old machine with Win 98 on it with the good old sice 3.25 ( Or some other 3.x version...I don't remember...)
This usually solves the prob as the FrogsIce is quite stable and dependably hides the sice.

Anyway I don't think the 99 % CPU usage is an anti-debugging measure...Since the app is a registry tracer, I think it maybe having problems with the way it interacts with ring-0 level drivers etc.

Also...You can do a runtrace in Olly WITHOUT SICE BEING ACTIVE and compare it with what is the sequence and the instructions executed WHEN ONLY SICE IS USED (with the olly not running of course) ,this time using the trace dumper in SICE ( forgot the exact name...) which performs a similar function with SICE as that of RunTrace wit Olly...

This should give you an idea if additional code is excuted when SICE is active, and not when only OLLY is used.