Has anyone ever messed around with VXD's?

[jimmsta]

Just a question - while waiting for a virus scan to finish on an old hard drive, I dove into the "old backup" folder, to find a Windows 95 GOLD installation... upon which, I went to the system folder, and looked at a few files under a hex editor... (I'm at work, and bought said hex editor for advanced data recovery purposes). What I found intriguing was NTKERN.VxD, which seems to have imports/exports for the NT Kernel. Is this in anyway associated with Kernel32.dll, or is it just a compatibility layer for some executables?

I've always wondered what the Virtual Device Drivers were for, (I do know that the VMM files are part of Win9x's HAL, or Windowing server).

My questions: Has anyone ever tried hacking away at these files? Is there any reason to attempt to do so? What is NTKERN.VXD?

[Marius '95]

Great ideea! Since now Win9x supports large HDs and WinXP programs, what next? Some patches for "too much RAM" bug?

I always wondered what is BIGMEM.DRV for?

[oscardog]

Found this, hope it is of some help

Win32+ Driver Model (WDM) The Win32 Driver Model (WDM) is an all

new, common driver model for Windows 95

and Windows NT+ . WDM will enable some

common types of devices using USB and IEEE

1394 to have a single driver for both

operating systems. The WDM has been

implemented by adding selected NT Kernel

services into Memphis Beta 1 via a special

virtual device driver (NTKERN.VXD). This

allows Memphis Beta 1 to maintain full

legacy device driver support while adding

support for new WDM drivers.

and

as it turned out, in the win98's VMM there is a cool vxd, called NTKERN.VXD, which provides some NT's INT 2E services. Mmoreover, INT 2E is used when win98 is loading, at that time such functions as ntoskrnl!NtPowerInformation are called.

[jimmsta]

So, now the question is: How do we create them? Is there a way, or an advantage to creating a VxD as opposed to, say, an external program loaded at startup?

It seems to me that VxD's are supposed to be Services running on the Win9x platform.In which case, is there a way to implement more functionality into NTKern.VxD, or what?

What I'm trying to get at here, is... would it make more sense to hack ntkern.VxD instead of kernel32.dll, for the Kernel Update Project? NTKern is supposed to be some sort of supporting library/service for NT-specific system calls... which I take to mean that it would be the best place to put updated functionality, instead of kernel32.dll.

I'm probably wrong, of course. I'd love to know the exact boot order of Win9x. (NT's bootorder wikipedia page is incredibly informative: http://en.wikipedia.org/wiki/Windows_NT_Startup_Process )