It is possible to debug a Windows NE-File ?

Trit0n · #1 10-02-2009, 07:19 AM

For a study of a routine i need a Debugger for Windows NE (NOT PE).
Disassembly is not the problem.

The program runs under WIN98 in VMware.

I have tried everything possible without success
- Dos debuggers: CodeView, Hack, D86 ...
(program requires Microsoft Windows..)

- Kernel Debugger: TRW123 and Softice
(Both do not work properly with VMware)

- Windbg: V4.0/ V5.0/ V6.4/ V 6.7
(not working properly, possibly V6.2 works but is no longer available)

the other Debugger like IDA, Hickwall, Rock, Olly, Syser ... either not run under Win98 or do not know the NE-Format.

anybody knows a solution?

BfoX · #2 10-02-2009, 07:49 AM

use a Borland's v3.1 'td.exe' or 'td286.exe'

it used in old OS like Windows 3.1

kao · #3 10-02-2009, 07:53 AM

TDW (Turbo Debugger for Windows) - available with Borland Pascal, for example here: http://www.tud.ttu.ee/material/BP/BIN/

If you need WinDbg 6.2: ftp://priede.bf.lu.lv/pub/Service_Pa...6_6.2.13.1.exe

foffa · #4 10-03-2009, 12:52 AM

also if you want to work with softice here is a trick
open the configuration file (.vmx) for the virtual machine in a text editor and add the following two lines:

vmmouse.present = FALSE
svga.forceTraces = "TRUE"

Otherwise, your mouse and screen may become unresponsive when breaking into the SoftICE debugger, making it appear as if your guest operating system has hung.

Changing these lines allows you to use SoftICE in your virtual machine, but may reduce the performance of the guest operating system when SoftICE is not running. We recommend removing or commenting out these configuration options when you are not using SoftICE.

Sometimes, even with these configuration options, pressing Ctrl-D does not display the SoftICE window and your mouse and screen appear unresponsive. Exit SoftICE by pressing Ctrl-D again, then use SoftICE in VGA mode as explained below.

1. Open a command prompt (for instance, choose Start > Run, type cmd and click OK).
2. Press Alt-Enter to enter VGA mode.
3. Press Ctrl-D to enter SoftICE.

Trit0n · #5 10-03-2009, 10:07 AM

@ Bfox and kao
with TDW, it is actually possible to debug a NE,
but only with Windows 3.11 (not a protected mode program, 16bit code)
I have found a set of floppy disks and installed under VMware.
Nice operating system

@foffa
Very good tip, thank you

benito · #6 10-03-2009, 02:22 PM

2foffa
Thanks for tip!

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode