Архив форумов ЦИТФорума

[El_Bug]

[color=red][/color]
PRIVET!
My name Is Michael i'm writing you with the hope that you'll be so kind to give me some advice or just to direct me to the place that someone can help me.I'm working on my project that unfortunetly untill now i can't finish.I'm stucked in the place that i dont know how to get out and find solution.
I'm surching for information over the Internet already about 2 months typing any kind of key-word in google and chating with people that stand to be a programmers and so on, and so on but nothing it seems that, like someone wants me to give up but I say no.

Its about a program that loads itself before the OS-in my case Win98 and hooks itslef in int13h substitute the original int13h with itself.My problem is that this program reads and modifys all the data that is taken from the hdd trough int 13h and then gives back the control to the program that made the call.
Its exactly like this:CALLER(PROGRAM-OS-WIN98[io.sys]) <=>MY_INT13H(Extended Read)<=>INT13H(BIOS Extended Read)<=>HDD.
The problem first occur when io.sys loads itself from hdd and executing itself from RAM ->I'm Monitoring the buffer that contain the data taken from hdd and its fine until its reach assume this is point 2-Using Extended Read (Multy Sector Read >1 sector).So io.sys request ExtRead(8-sectors).BUT here the data in the buffer is not actualy taken from the physical surface but from somewhere else(unknown to me) where this data is saved in modifyed state.I figured out that this is the same data that was readed before but using Myint13h ExtRead (1sector) and i think that io.sys save that data in some kind of buffer or cache when it get back its request to int13h(My).But how the original int 13h takes and why it takes that data from there first before it takes it from the physical surface???
I know that my explanations are pretty bad but i hope that you will get the essential of the problem.
Also in addition of the above the data that is not taken from the physical surface is only 256bytes from the one that has been taken from from previouse call to Int13h(My 1sector).
Thank you very much for your attention!
THANK YOU!
I hope that you will decide to help me.Maybe this is some kind of cache but why it decide to put data in this cache when myint13h returns the data to the caller?Why?
Thank you and sorry for interrupting you.
Best Regards
Michael Dervahanian[color=red][/color]