In trying to patch the IDT. When I use the SoftIce "IDT" command, I get some different values for the table entries than when I list out the table using my own code from our driver. The values I print out correspond to a memory dump of the table.
The difference between IDT table you see using memory dump and SoftIce IDT command is simply because SoftIce hooks some of the IDT entries and therefore when you look at the memory when SoftIce is running you will see some of the IDT entries pointing to SoftIce (ntice.sys module). When you use SoftIce IDT command SoftIce is smart enough to realize that you probably want to see the original values and copies them from its internal buffer.