[Bug 32678] HQ Photo Resizer 5.x fails to start, reports corrupted or inaccessible Sandbox (XenoCode Postbuild 2009)('NtSetInformationFile' class 'FileRenameInformation' support missing)
wine-bugs at winehq.org
wine-bugs at winehq.org
Wed Jul 29 15:30:22 CDT 2015
https://bugs.winehq.org/show_bug.cgi?id=32678
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |obfuscation
Status|UNCONFIRMED |RESOLVED
CC| |focht at gmx.net
Component|-unknown |ntdll
Resolution|--- |DUPLICATE
Summary|HQ Photo Resizer: Fails to |HQ Photo Resizer 5.x fails
|start |to start, reports corrupted
| |or inaccessible Sandbox
| |(XenoCode Postbuild
| |2009)('NtSetInformationFile
| |' class
| |'FileRenameInformation'
| |support missing)
--- Comment #6 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
dupe of bug 30399
--- snip ---
-=[ ProtectionID v0.6.6.7 DECEMBER]=-
(c) 2003-2015 CDKiLLER & TippeX
Build 24/12/14-22:48:13
Ready...
Scanning -> C:\Program Files\High Quality Photo Resizer\Resizer.exe
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 1578503 (0181607h)
Byte(s)
Compilation TimeStamp : 0x52076A55 -> Sun 11th Aug 2013 10:41:25 (GMT)
[TimeStamp] 0x52076A55 -> Sun 11th Aug 2013 10:41:25 (GMT) | PE Header | - |
Offset: 0x00000088 | VA: 0x00400088 | -
-> File has 1549831 (017A607h) bytes of appended data starting at offset 07000h
[File Heuristics] -> Flag #1 : 00000000000001001000000000000100 (0x00048004)
[Entrypoint Section Entropy] : 6.37 (section #0) ".text " | Size : 0x3A4E
(14926) byte(s)
[DllCharacteristics] -> Flag : (0x8000) -> TSA
[SectionCount] 6 (0x6) | ImageSize 0x6C000 (442368) byte(s)
[VersionInfo] Company Name : Naturpic Software
[VersionInfo] Product Name : High Quality Photo Resizer
[VersionInfo] Product Version : 5.05
[VersionInfo] File Version : 5.05
[VersionInfo] Original FileName : Resizer.exe
[VersionInfo] Internal Name : Resizer
[VersionInfo] Legal Copyrights : Copyright (C) 2006-2013 Naturpic Software. All
rights Reserved.
[!] XenoCode Postbuild 2009 detected !
[CdKeySerial] found "Invalid code" @ VA: 0x00001E70 / Offset: 0x00001270
- Scan Took : 0.327 Second(s) [000000147h (327) tick(s)] [558 of 573 scan(s)
done]
--- snip ---
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files/High Quality Photo Resizer
$ WINEDEBUG=+tid,+seh,+relay wine ./Resizer.exe >>log.txt 2>&1
...
003c:Call ntdll.RtlInitUnicodeString(0032f2b8,00651ed8
L"\\??\\C:\\users\\focht\\Local Settings\\Application
Data\\Spoon\\Sandbox\\High Quality Photo Resizer\\5.05") ret=003687e0
003c:Ret ntdll.RtlInitUnicodeString() retval=0032f2b8 ret=003687e0
003c:Call
ntdll.NtOpenFile(0032f25c,00100000,0032f278,0032f2a8,00000007,00000021)
ret=00368846
003c:Ret ntdll.NtOpenFile() retval=00000000 ret=00368846
003c:Call ntdll.NtClose(00000070) ret=003875d7
003c:Ret ntdll.NtClose() retval=00000000 ret=003875d7
003c:Call
ntdll.NtSetInformationFile(00000074,0032f358,0053d360,000000ec,0000000a)
ret=00368ae8
003c:fixme:ntdll:NtSetInformationFile Unsupported class (10)
003c:Ret ntdll.NtSetInformationFile() retval=c0000002 ret=00368ae8
...
003c:Call ntdll.RtlInitUnicodeString(0032f350,00651c08
L"\\??\\C:\\users\\focht\\Local Settings\\Application
Data\\Spoon\\Sandbox\\High Quality Photo Resizer\\5.05\\xsandbox.bin.__tmp__")
ret=00368b37
003c:Ret ntdll.RtlInitUnicodeString() retval=0032f350 ret=00368b37
003c:Call
ntdll.NtOpenFile(0032f324,00110100,0032f338,0032f314,00000007,00000020)
ret=0036946f
003c:Ret ntdll.NtOpenFile() retval=00000000 ret=0036946f
003c:Call
ntdll.NtSetInformationFile(00000070,0032f31c,0032f2e8,00000028,00000004)
ret=003694ab
003c:Ret ntdll.NtSetInformationFile() retval=00000000 ret=003694ab
003c:Call
ntdll.NtSetInformationFile(00000070,0032f31c,0032f337,00000001,0000000d)
ret=003694c4
003c:fixme:ntdll:NtSetInformationFile Unsupported class (13)
003c:Ret ntdll.NtSetInformationFile() retval=c0000002 ret=003694c4
003c:Call ntdll.NtClose(00000070) ret=003875d7
003c:Ret ntdll.NtClose() retval=00000000 ret=003875d7
...
003c:Call user32.MessageBoxW(00000000,00651a18 L"The sandbox at
\\??\\C:\\users\\focht\\Local Settings\\Application Data\\Spoon\\Sandbox\\High
Quality Photo Resizer\\5.05 is corrupt or inaccessible. Please check the
location and try again.",0064d678 L"High Quality Photo Resizer",00000010)
ret=003bcb13
...
003c:Ret user32.MessageBoxW() retval=00000001 ret=003bcb13
...
003c:Call KERNEL32.TerminateProcess(ffffffff,ffffffff) ret=003a7efd
--- snip ---
Tidbit (+debugstr/debugger):
--- snip ---
ERROR: 0xC0000002, VMAPICALL(VmMoveFile(_hFile, _sFullPath))
ERROR: 0xD0000002, In call: pStmSandboxFile->Commit()
ERROR: 0x8007FF04, In call:
CSandbox::InitializeSandbox(CProcessSettings::VmFlagSet(eDeleteSandbox),
fCheckSandboxSpace, cMinSandboxSpaceAvail)
ERROR: 0x8007FF04, In call: g_vm.EssentialInit( hEntry, hBootstrapFileMapping,
cbFileSize, cbOffsetPayload, pbProcessBlock, pbApplicationBlock)
--- snip ---
$ sha1sum prsetup.zip
f35b3607d80d1e810af370d7d6cc8e8ba00f342f prsetup.zip
$ du -sh prsetup.zip
2.8M prsetup.zip
$ wine --version
wine-1.7.48
Regards
*** This bug has been marked as a duplicate of bug 30399 ***
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list