https://bugs.winehq.org/show_bug.cgi?id=32907
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- URL|http://www.ammyy.com/AA_v3. |http://www.ammyy.com/AA_v3. |0.exe |exe CC| |focht@gmx.net Component|-unknown |ntdll Summary|AMMYY Admin v3.0 crashes at |AMMYY Admin v3.0 crashes at |startup in Win7 mode |startup in Win7 mode | |('NtSetInformationToken' | |needs to support | |'TokenSessionId')
--- Comment #10 from Anastasius Focht focht@gmx.net --- Hello folks,
confirming.
It seems my browser flags this download as spyware/malware probably due to repeated (ab)use by shady guys ;-)
The client launches a service which fails to start up properly and then spins forever waiting for the service.
--- snip --- $ WINEDEBUG=+tid,+seh,+relay,+service,+msvcrt wine ./AA_v3.exe >>log.txt 2>&1 ... 0009:Call advapi32.CreateServiceW(00153fa0,004d1d3c L"AmmyyAdmin_8",004d1d6c L"AmmyyAdmin_8",000f01ff,00000010,00000002,00000001,004d1e0c L""Z:\home\focht\Downloads\AA_v3.exe" -service -lunch",00000000,00000000,00000000,00000000,00000000) ret=0042003c ... 0009:trace:service:CreateServiceW 0x153fa0 L"AmmyyAdmin_8" L"AmmyyAdmin_8" ... 0017:trace:service:svcctl_CreateServiceW (L"AmmyyAdmin_8", L"AmmyyAdmin_8", 0xf01ff, L""Z:\home\focht\Downloads\AA_v3.exe" -service -lunch") 0017:trace:service:create_serviceW (L"AmmyyAdmin_8", L"AmmyyAdmin_8", 0xf01ff, L""Z:\home\focht\Downloads\AA_v3.exe" -service -lunch") ... 0016:Call KERNEL32.CreateProcessW(00000000,0011a588 L""Z:\home\focht\Downloads\AA_v3.exe" -service -lunch",00000000,00000000,00000000,00000400,00540000,00000000,0084e3c4,0084e408) ret=7ed5756f ... 0029:Call KERNEL32.__wine_kernel_init() ret=7bc6b3cb ... 0016:Ret KERNEL32.CreateProcessW() retval=00000001 ret=7ed5756f ... 0016:trace:service:service_send_start_message L"AmmyyAdmin_8" 0x11a298 2 ... 0009:Call advapi32.QueryServiceStatus(00153e30,0032f3d0) ret=00420835 0009:trace:service:QueryServiceStatus 0x153e30 0x32f3d0 0009:trace:service:QueryServiceStatusEx 0x153e30 0 0x32f318 36 0x32f314 ... 0009:Ret advapi32.QueryServiceStatus() retval=00000001 ret=00420835 ... <repeats forever> --- snip ---
The failing service:
--- snip --- ... 002d:Starting thread proc 0x7ebd0fc4 (arg=0x14c468) 002d:trace:service:service_thread 0x14c468 002d:Call advapi32.RegisterServiceCtrlHandlerExA(004a10b8 "AmmyyAdmin",0041f4cb,00000021) ret=0041f339 002d:trace:service:RegisterServiceCtrlHandlerExW L"AmmyyAdmin" 0x41f4cb 0x21 002d:Ret advapi32.RegisterServiceCtrlHandlerExA() retval=0014c5b0 ret=0041f339 002d:Call advapi32.SetServiceStatus(0014c5b0,004af9dc) ret=0041f566 002d:trace:service:SetServiceStatus 0x14c5b0 30 2 0 0 0 1 3a98 ... 002d:Ret advapi32.SetServiceStatus() retval=00000001 ret=0041f566 ... 002d:Call advapi32.OpenProcessToken(ffffffff,000f01ff,007de8d8) ret=0041fb49 002d:Ret advapi32.OpenProcessToken() retval=00000001 ret=0041fb49 002d:Call advapi32.DuplicateTokenEx(00000084,02000000,00000000,00000002,00000001,007de8dc) ret=0041fb8f 002d:Ret advapi32.DuplicateTokenEx() retval=00000001 ret=0041fb8f 002d:Call KERNEL32.CloseHandle(00000084) ret=0041fbcf 002d:Ret KERNEL32.CloseHandle() retval=00000001 ret=0041fbcf 002d:Call advapi32.SetTokenInformation(00000088,0000000c,007de8e8,00000004) ret=0041fbf1 002d:fixme:ntdll:NtSetInformationToken unimplemented class 12 002d:Ret advapi32.SetTokenInformation() retval=00000000 ret=0041fbf1 002d:Call KERNEL32.GetLastError() ret=0041fbfb 002d:Ret KERNEL32.GetLastError() retval=00000001 ret=0041fbfb 002d:Call KERNEL32.CloseHandle(00000088) ret=0041fc02 002d:Ret KERNEL32.CloseHandle() retval=00000001 ret=0041fc02 ... 002d:Call msvcrt.vsprintf(004d18bc,004a414c "ERROR: SetTokenInformation() error=%d",007de8c0) ret=0042b972 002d:trace:msvcrt:pf_printf_a Format is: "ERROR: SetTokenInformation() error=%d" 002d:Ret msvcrt.vsprintf() retval=00000024 ret=0042b972 002d:Call KERNEL32.lstrlenA(004d18bc "ERROR: SetTokenInformation() error=1") ret=0042ad86 002d:Ret KERNEL32.lstrlenA() retval=00000024 ret=0042ad86 002d:Call msvcrt._CxxThrowException(007de8cc,0048f06c) ret=0041fc22 002d:Call KERNEL32.RaiseException(e06d7363,00000001,00000003,007de864) ret=7e579df5 002d:trace:seh:raise_exception code=e06d7363 flags=1 addr=0x7b845d3d ip=7b845d3d tid=002d 002d:trace:seh:raise_exception info[0]=19930520 002d:trace:seh:raise_exception info[1]=007de8cc 002d:trace:seh:raise_exception info[2]=0048f06c 002d:trace:seh:raise_exception eax=7b832afd ebx=00000000 ecx=0000000c edx=007de7b4 esi=007de860 edi=007de820 002d:trace:seh:raise_exception ebp=007de7f8 esp=007de794 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00200202 ... 002d:trace:msvcrt:pf_printf_a Format is: "ERROR: ERROR: Unhandled Exception eip=7B845D3D esp=007DE794 ebp=007DE7F8" ... 002d:Call KERNEL32.CreateFileW(004afb18 L"Z:\home\focht\Downloads\AMMYY_service.log",00000002,00000003,00000000,00000004,00000080,00000000) ret=0042830c ... 002d:Call KERNEL32.ExitProcess(00000000) ret=00425625 --- snip --
$ sha1sum AA_v3.exe 63c52b0ac68ab7464e2cd777442a5807db9b5383 AA_v3.exe
$ du -sh AA_v3.exe 756K AA_v3.exe
$ wine --version wine-1.7.49
Regards