Ilfak describes three ways how to load several files in one IDB. first solution: use pe_dlls.idc IDC-script, written by Atli Mar Gudmundsson (the original link is broken, was fixed, and then broken again. so, download it from OpenRCE). this is a really good script. guess what it does? well, it loads all dlls using by the main file and supporting recursive loading. wow! it's easy-to-use and reliable. but... it works with PE files only and what if I want to load ELF or two NT-drivers or linux kernel modules?! my plug-in handles this, coz it uses IDA loaders, so it supports all formant supported by IDA. however, I recommend you pe_dlls.idc, since, I just love it. second solution: Ilfak tell us: use the debugger and take the memory snapshot. very well! everyone knows about this trick and does it almost everyday. this is best way to analyze packed file - just run the program, dump it with your favorite dumper and disassemble the dump. don't care about restoring import table or something like that. dumped program might be unable to run, but it's quite enough to analyze it. however, this strategy doesn't work with trickily protections as well as drivers third solution: IDA Debugger are involved. what I can say?! theoretically, we can get accurate dump, including only those DLLs we need, however, IDA has _extremely_ "weak" debugger and almost any protection is able to defeat it. how we're supposed to analyze malware packed with modern protectors?! I simple don't know. this is not my way. this is very restricted way (is it possible to load drivers or something like that?!). the answer is no. so, use my plug-in. it's really simple, useful and supports every file-format, supported by IDA. it also allow to load user-land and kernel-land files at the same time