the Server.exe bug report.
the Server.exe bug report.
I put the remote desktop application to sent by the server, but the server is easy to hang up, only use two connection. Connection is broken a few times the service side out of the questio.
date/time : 2014-12-07, 16:17:58, 720ms
computer name : VPS
wts client name : HYJ-THINK
user name : Administrator <admin>
registered owner : hyper-v / hyper-v
operating system : Windows 2003 Service Pack 2 build 3790
system language : Chinese
system up time : 9 days 17 hours
program up time : 1 hour 41 minutes
processors : 2x Intel(R) Xeon(R) CPU L5640 @ 2.27GHz
physical memory : 2039/2559 MB (free/total)
free disk space : (C:) 3.44 GB (D:) 26.01 GB
display mode : 1440x900, 16 bit
process id : $5b0
allocated memory : 7.55 MB
largest free block : 971.62 MB
executable : Server.exe
exec. date/time : 2014-12-07 14:36
version : 1.0.0.0
compiled with : Delphi XE6
madExcept version : 4.0.10
callstack crc : $4e6c189b, $107624a6, $5c37702d
exception number : 1
exception class : EReadError
exception message : Stream read error.
thread $728 (TCPClientThread):
00525cc0 +068 Server.exe System.Classes TStream.ReadBuffer
00679740 +210 Server.exe MRVMediaServer 1579 +39 LoadHeader
006799b5 +171 Server.exe MRVMediaServer 1635 +25 LoadPackTCP
00679d68 +0fc Server.exe MRVMediaServer 1731 +27 TRVMediaServerThread.DoRead
00408dc6 +09e Server.exe System 399 +0 TMonitor.Wait
00674395 +099 Server.exe MRVType 5102 +6 TCPClientThread.TCPRead
0067423f +1bb Server.exe MRVType 5067 +44 TCPClientThread.Execute
004a2853 +02b Server.exe madExcept HookedTThreadExecute
00534d95 +049 Server.exe System.Classes ThreadProc
00409b10 +028 Server.exe System 399 +0 ThreadWrapper
004a2739 +00d Server.exe madExcept CallThreadProcSafe
004a279e +032 Server.exe madExcept ThreadExceptFrame
>> created by thread $120 (TRVListenerThread) at:
00673e33 +023 Server.exe MRVType 4952 +1 TCPClientThread.Create
main thread ($d00):
77e2bf51 +00a USER32.dll WaitMessage
0064ada5 +149 Server.exe Vcl.Forms TApplication.Idle
00649fcb +017 Server.exe Vcl.Forms TApplication.HandleMessage
0064a2f1 +0c9 Server.exe Vcl.Forms TApplication.Run
0068bdef +03b Server.exe Server 25 +3 initialization
thread $fec (TRVListenerThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b5150e +5e WS2HELP.dll WahReferenceContextByHandle
71b62839 +9e WS2_32.dll select
00674534 +d8 Server.exe MRVType 5187 +14 WSSelect
00674803 +8b Server.exe MRVType 5272 +12 TRVListenerThread.ListenServer
0067469d +4d Server.exe MRVType 5222 +8 TRVListenerThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $c98 at:
00674593 +23 Server.exe MRVType 5199 +1 TRVListenerThread.Create
thread $120 (TRVListenerThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b5150e +5e WS2HELP.dll WahReferenceContextByHandle
71b62839 +9e WS2_32.dll select
00674534 +d8 Server.exe MRVType 5187 +14 WSSelect
00674803 +8b Server.exe MRVType 5272 +12 TRVListenerThread.ListenServer
0067469d +4d Server.exe MRVType 5222 +8 TRVListenerThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $f9c at:
00674593 +23 Server.exe MRVType 5199 +1 TRVListenerThread.Create
thread $d74 (TCPClientThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b694e2 +62 WS2_32.dll WSARecv
71b1114c +2c wsock32.dll recv
0066ff0b +37 Server.exe MRVType 1740 +6 ReadFromSocket
00674161 +dd Server.exe MRVType 5044 +21 TCPClientThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $120 (TRVListenerThread) at:
00673e33 +23 Server.exe MRVType 4952 +1 TCPClientThread.Create
thread $db4 (TCPClientThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b694e2 +62 WS2_32.dll WSARecv
71b1114c +2c wsock32.dll recv
0066ff0b +37 Server.exe MRVType 1740 +6 ReadFromSocket
00674161 +dd Server.exe MRVType 5044 +21 TCPClientThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $120 (TRVListenerThread) at:
00673e33 +23 Server.exe MRVType 4952 +1 TCPClientThread.Create
thread $948 (TCPClientThread):
7c956db7 +0a ntdll.dll NtDelayExecution
7c801ecf +47 kernel32.dll SleepEx
7c8024f8 +0a kernel32.dll Sleep
00674f93 +bb Server.exe MRVType 7024 +57 RecvNonBlock
0066ff2f +5b Server.exe MRVType 1743 +9 ReadFromSocket
00674161 +dd Server.exe MRVType 5044 +21 TCPClientThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $120 (TRVListenerThread) at:
00673e33 +23 Server.exe MRVType 4952 +1 TCPClientThread.Create
thread $808 (TCPClientThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b694e2 +62 WS2_32.dll WSARecv
71b1114c +2c wsock32.dll recv
0066ff0b +37 Server.exe MRVType 1740 +6 ReadFromSocket
00674161 +dd Server.exe MRVType 5044 +21 TCPClientThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $120 (TRVListenerThread) at:
00673e33 +23 Server.exe MRVType 4952 +1 TCPClientThread.Create
thread $a74 (TCPClientThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b694e2 +62 WS2_32.dll WSARecv
71b1114c +2c wsock32.dll recv
0066ff0b +37 Server.exe MRVType 1740 +6 ReadFromSocket
00674161 +dd Server.exe MRVType 5044 +21 TCPClientThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $120 (TRVListenerThread) at:
00673e33 +23 Server.exe MRVType 4952 +1 TCPClientThread.Create
thread $cf4 (TRVClientRedirect):
7c957b67 +0a ntdll.dll NtWaitForMultipleObjects
7c822026 +cc kernel32.dll WaitForMultipleObjectsEx
004abcfa +56 Server.exe System.SyncObjs THandleObject.WaitFor
0067750c +2c Server.exe MRVMediaServer 558 +11 TRVClientRedirect.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $d74 (TCPClientThread) at:
00676edd +51 Server.exe MRVMediaServer 387 +1 TRVClientRedirect.Create
thread $b74 (TRVClientRedirect):
7c957b67 +0a ntdll.dll NtWaitForMultipleObjects
7c822026 +cc kernel32.dll WaitForMultipleObjectsEx
004abcfa +56 Server.exe System.SyncObjs THandleObject.WaitFor
0067750c +2c Server.exe MRVMediaServer 558 +11 TRVClientRedirect.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $db4 (TCPClientThread) at:
00676edd +51 Server.exe MRVMediaServer 387 +1 TRVClientRedirect.Create
thread $8d8 (TRVClientRedirect):
7c957b67 +0a ntdll.dll NtWaitForMultipleObjects
7c822026 +cc kernel32.dll WaitForMultipleObjectsEx
004abcfa +56 Server.exe System.SyncObjs THandleObject.WaitFor
0067750c +2c Server.exe MRVMediaServer 558 +11 TRVClientRedirect.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $808 (TCPClientThread) at:
00676edd +51 Server.exe MRVMediaServer 387 +1 TRVClientRedirect.Create
thread $d78 (TRVClientRedirect):
7c957b67 +0a ntdll.dll NtWaitForMultipleObjects
7c822026 +cc kernel32.dll WaitForMultipleObjectsEx
004abcfa +56 Server.exe System.SyncObjs THandleObject.WaitFor
0067750c +2c Server.exe MRVMediaServer 558 +11 TRVClientRedirect.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $948 (TCPClientThread) at:
00676edd +51 Server.exe MRVMediaServer 387 +1 TRVClientRedirect.Create
thread $3e0 (TRVClientRedirect):
7c957b67 +0a ntdll.dll NtWaitForMultipleObjects
7c822026 +cc kernel32.dll WaitForMultipleObjectsEx
004abcfa +56 Server.exe System.SyncObjs THandleObject.WaitFor
0067750c +2c Server.exe MRVMediaServer 558 +11 TRVClientRedirect.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $a74 (TCPClientThread) at:
00676edd +51 Server.exe MRVMediaServer 387 +1 TRVClientRedirect.Create
modules:
00400000 Server.exe 1.0.0.0 D:\hyj
025d0000 Normaliz.dll 6.0.5441.0 C:\WINDOWS\system32
40270000 wininet.dll 8.0.6001.19298 C:\WINDOWS\system32
40910000 iertutil.dll 8.0.6001.19298 C:\WINDOWS\system32
439b0000 urlmon.dll 8.0.6001.19298 C:\WINDOWS\system32
4c510000 msctfime.ime 5.2.3790.3959 C:\WINDOWS\system32
69660000 hnetcfg.dll 5.2.3790.3959 C:\WINDOWS\system32
71a40000 wshtcpip.dll 5.2.3790.3959 C:\WINDOWS\System32
71a80000 mswsock.dll 5.2.3790.4318 C:\WINDOWS\system32
71ad0000 uxtheme.dll 6.0.3790.3959 C:\WINDOWS\system32
71b10000 wsock32.dll 5.2.3790.0 C:\WINDOWS\system32
71b20000 rdpsnd.dll 5.2.3790.0 C:\WINDOWS\system32
71b50000 WS2HELP.dll 5.2.3790.3959 C:\WINDOWS\system32
71b60000 WS2_32.dll 5.2.3790.3959 C:\WINDOWS\system32
71ba0000 NETAPI32.dll 5.2.3790.5030 C:\WINDOWS\system32
72f40000 winspool.drv 5.2.3790.3959 C:\WINDOWS\system32
73730000 ddraw.dll 5.3.3790.3959 C:\WINDOWS\system32
73a60000 DCIMAN32.dll 5.2.3790.0 C:\WINDOWS\system32
74430000 MSCTF.dll 5.2.3790.3959 C:\WINDOWS\system32
74ae0000 USP10.dll 1.422.3790.4695 C:\WINDOWS\system32
75d60000 apphelp.dll 5.2.3790.3959 C:\WINDOWS\system32
76180000 IMM32.DLL 5.2.3790.3959 C:\WINDOWS\system32
761a0000 comdlg32.dll 6.0.3790.3959 C:\WINDOWS\system32
769e0000 winmm.dll 5.2.3790.4916 C:\WINDOWS\system32
76ab0000 PSAPI.DLL 5.2.3790.3959 C:\WINDOWS\system32
76e60000 wtsapi32.dll 5.2.3790.3959 C:\WINDOWS\system32
76e70000 WLDAP32.dll 5.2.3790.3959 C:\WINDOWS\system32
76eb0000 Secur32.dll 5.2.3790.4530 C:\WINDOWS\system32
770d0000 SETUPAPI.dll 5.2.3790.3959 C:\WINDOWS\system32
774b0000 ole32.dll 5.2.3790.4926 C:\WINDOWS\system32
775f0000 oleaut32.dll 5.2.3790.4807 C:\WINDOWS\system32
777e0000 NTMARTA.DLL 5.2.3790.3959 C:\WINDOWS\system32
77b60000 version.dll 5.2.3790.3959 C:\WINDOWS\system32
77b70000 msvcrt.dll 7.0.3790.3959 C:\WINDOWS\system32
77bd0000 GDI32.dll 5.2.3790.4396 C:\WINDOWS\system32
77c20000 RPCRT4.dll 5.2.3790.4759 C:\WINDOWS\system32
77cd0000 comctl32.dll 6.0.3790.4770 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.4770_x-ww_05FDF087
77e10000 USER32.dll 5.2.3790.4033 C:\WINDOWS\system32
77eb0000 SHLWAPI.dll 6.0.3790.4603 C:\WINDOWS\system32
77f10000 WINSTA.dll 5.2.3790.3959 C:\WINDOWS\system32
77f30000 ADVAPI32.dll 5.2.3790.4455 C:\WINDOWS\system32
7c800000 kernel32.dll 5.2.3790.4480 C:\WINDOWS\system32
7c930000 ntdll.dll 5.2.3790.4937 C:\WINDOWS\system32
7ca10000 shell32.dll 6.0.3790.5018 C:\WINDOWS\system32
7e020000 SAMLIB.dll 5.2.3790.3959 C:\WINDOWS\system32
7f000000 LPK.DLL 5.2.3790.3959 C:\WINDOWS\system32
processes:
000 Idle 0 0 0
004 System 0 0 0 normal
14c smss.exe 0 0 0 normal C:\WINDOWS\system32
180 csrss.exe 0 0 0
198 winlogon.exe 0 0 0 high C:\WINDOWS\system32
1c8 services.exe 0 0 0 normal C:\WINDOWS\system32
1d4 lsass.exe 0 0 0 normal C:\WINDOWS\system32
288 svchost.exe 0 0 0 normal C:\WINDOWS\system32
2d8 svchost.exe 0 0 0
314 svchost.exe 0 0 0
338 svchost.exe 0 0 0 normal C:\WINDOWS\System32
388 svchost.exe 0 0 0 normal C:\WINDOWS\system32
3f8 msdtc.exe 0 0 0
444 svchost.exe 0 0 0
454 burroservice.exe 0 0 0 normal D:\hyj\qb\server
494 DUMeterSvc.exe 0 0 0 normal C:\Program Files\DU Meter
4d8 inetinfo.exe 0 0 0 normal C:\WINDOWS\system32\inetsrv
534 mysqld.exe 0 0 0 normal D:\Program Files\MySQL\MySQL Server 5.1\bin
5dc burroguard.exe 0 0 0 normal D:\hyj\qb\server
640 ServUDaemon.exe 0 0 0 normal C:\Program Files\Serv-U
6a8 svchost.exe 0 0 0 normal C:\WINDOWS\System32
6e4 svchost.exe 0 0 0
8c0 svchost.exe 0 0 0 normal C:\WINDOWS\System32
9a8 alg.exe 0 0 0
a78 svchost.exe 0 0 0 normal C:\WINDOWS\System32
ca8 wmiprvse.exe 0 0 0
d9c csrss.exe 1 0 0
db8 winlogon.exe 1 43 16 high C:\WINDOWS\system32
e70 rdpclip.exe 1 8 9 normal C:\WINDOWS\system32
eb8 Explorer.EXE 1 268 219 normal C:\WINDOWS
f44 ctfmon.exe 1 18 11 normal C:\WINDOWS\system32
f50 DUMeter.exe 1 50 39 normal C:\Program Files\DU Meter
f60 LedService.exe 1 69 47 normal D:\hyj\LedService
a34 logon.scr 0 0 0
898 taskmgr.exe 1 112 98 high C:\WINDOWS\system32
590 QQ.exe 1 381 108 normal D:\Program Files\Tencent\QQIntl\Bin
384 TXPlatform.exe 1 4 5 normal D:\Program Files\Tencent\QQIntl\Bin
5b0 Server.exe 1 118 87 normal D:\hyj
484 w3wp.exe 0 0 0 normal c:\windows\system32\inetsrv
404 csrss.exe 3 0 0
hardware:
+ DVD/CD-ROM 驱动器
- Msft Virtual CD/ROM
- Msft Virtual CD/ROM
+ IDE ATA/ATAPI 控制器
- Intel(R) 82371AB/EB PCI Bus Master IDE Controller
- 主要 IDE 通道
- 次要 IDE 通道
+ 人体学接口设备
- Microsoft Hyper-V Input
+ 声音、视频和游戏控制器
- 传统视频捕捉设备
- 传统音频驱动程序
- 媒体控制设备
- 视频编码解码器
- 音频编码解码器
+ 处理器
- Intel(R) Xeon(R) CPU L5640 @ 2.27GHz
- Intel(R) Xeon(R) CPU L5640 @ 2.27GHz
+ 显示卡
- Microsoft Hyper-V Video
+ 磁盘驱动器
- Virtual HD
- Virtual HD
+ 端口 (COM 和 LPT)
- 通信端口 (COM1)
- 通信端口 (COM2)
+ 系统设备
- ACPI Fixed Feature Button
- Direct memory access controller
- Intel 82371AB/EB PCI to ISA bridge (ISA mode)
- Intel 82443BX Pentium(R) II Processor to PCI Bridge
- ISAPNP Read Data Port
- Logical Disk Manager
- Microcode Update Device
- Microsoft ACPI-Compliant System
- Microsoft Hyper-V Data Exchange
- Microsoft Hyper-V Guest Shutdown
- Microsoft Hyper-V Heartbeat
- Microsoft Hyper-V S3 Cap
- Microsoft Hyper-V Storage Accelerator
- Microsoft Hyper-V Storage Accelerator
- Microsoft Hyper-V Time Synchronization
- Microsoft Hyper-V Virtual Machine Bus
- Microsoft Hyper-V Volume Shadow Copy
- Microsoft System Management BIOS Driver
- Motherboard resources
- Motherboard resources
- Numeric data processor
- PCI bus
- Plug and Play Software Device Enumerator
- Programmable interrupt controller
- System board
- System CMOS/real time clock
- System speaker
- System timer
- Volume Manager
- 控制台的全屏显示视频驱动程序
- 终端服务器设备重定向器
- 终端服务器键盘驱动程序
- 终端服务器鼠标驱动程序
+ 网络适配器
- Microsoft Hyper-V Network Adapter #4
- WAN 微型端口 (IP)
- WAN 微型端口 (L2TP)
- WAN 微型端口 (PPPOE)
- WAN 微型端口 (PPTP)
- 直接并口
+ 计算机
- ACPI Multiprocessor PC
+ 软盘控制器
- Standard floppy disk controller
+ 软盘驱动器
- 软盘驱动器
+ 键盘
- Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
+ 鼠标和其它指针设备
- HID-compliant mouse
- Microsoft PS/2 Mouse
cpu registers:
eax = 010d3560
ebx = 00000003
ecx = 00000000
edx = 001776a0
esi = 00000000
edi = 00000008
eip = 00525cc5
esp = 036cfd68
ebp = 036cfddc
stack dump:
036cfd68 c5 5c 52 00 de fa ed 0e - 01 00 00 00 07 00 00 00 .\R.............
036cfd78 7c fd 6c 03 c5 5c 52 00 - 60 35 0d 01 03 00 00 00 |.l..\R.`5......
036cfd88 00 00 00 00 08 00 00 00 - dc fd 6c 03 98 fd 6c 03 ..........l...l.
036cfd98 00 35 0d 01 78 fe 6c 03 - c6 fe 6c 03 11 1b 09 01 .5..x.l...l.....
036cfda8 40 ac 07 01 45 97 67 00 - c6 fe 6c 03 11 1b 09 01 @...E.g...l.....
036cfdb8 10 00 00 00 b6 fe 6c 03 - 00 00 00 00 d8 fd 6c 03 ......l.......l.
036cfdc8 3d 2e 52 00 00 00 00 00 - 00 00 00 00 11 1b 09 00 =.R.............
036cfdd8 00 35 0d 01 24 fe 6c 03 - ba 99 67 00 c8 fe 6c 03 .5..$.l...g...l.
036cfde8 c6 fe 6c 03 7e 94 09 01 - 44 5f 67 00 58 05 00 00 ..l.~...D_g.X...
036cfdf8 00 00 00 00 58 05 00 00 - 00 00 00 00 01 00 00 00 ....X...........
036cfe08 00 35 0d 01 2c 00 00 00 - 00 00 00 00 84 05 00 00 .5..,...........
036cfe18 00 00 00 00 58 05 00 00 - 00 00 00 00 c8 fe 6c 03 ....X.........l.
036cfe28 6d 9d 67 00 c8 fe 6c 03 - 04 ff 6c 03 40 92 40 00 m.g...l...l.@.@.
036cfe38 c8 fe 6c 03 00 00 00 00 - 30 14 0e 01 44 5f 67 00 ..l.....0...D_g.
036cfe48 c9 8d 40 00 14 02 00 00 - 20 33 0d 01 40 ac 07 01 ..@..... 3..@...
036cfe58 c0 1a 09 01 08 00 00 00 - 02 00 00 00 01 00 00 00 ................
036cfe68 02 00 00 00 10 00 00 00 - 04 00 00 00 31 00 00 00 ............1...
036cfe78 14 00 00 00 10 14 0e 01 - 52 67 40 00 2d 7e 05 00 ........Rg@.-~..
036cfe88 10 07 68 6d 48 54 00 00 - 00 00 00 00 00 00 51 07 ..hmHT........Q.
036cfe98 ba 58 5a ee cd 48 a2 ef - 0a e9 bb 8c ca 59 72 e7 .XZ..H.......Yr.
disassembling:
[...]
00679731 1579 mov eax, [ebp+8]
00679734 mov ecx, [eax-$6c]
00679737 mov eax, [ebp+8]
0067973a lea edx, [eax-$50]
0067973d mov eax, [ebp-4]
00679740 > call -$153aed ($525c58) ; System.Classes.TStream.ReadBuffer
00679745 1581 mov eax, [ebp+8]
00679748 mov eax, [eax+8]
0067974b cmp word ptr [eax], $10
0067974f jnz loc_67978b
00679751 mov eax, [ebp+8]
[...]
date/time : 2014-12-08, 21:21:22, 349ms
computer name : VPS
wts client name : HYJ-THINK
user name : Administrator <admin>
registered owner : hyper-v / hyper-v
operating system : Windows 2003 Service Pack 2 build 3790
system language : Chinese
system up time : 10 days 22 hours
program up time : 8 hours 8 minutes
processors : 2x Intel(R) Xeon(R) CPU L5640 @ 2.27GHz
physical memory : 2014/2559 MB (free/total)
free disk space : (C:) 3.44 GB (D:) 25.99 GB
display mode : 1440x900, 16 bit
process id : $f3c
allocated memory : 7.30 MB
largest free block : 970.37 MB
executable : Server.exe
exec. date/time : 2014-12-07 14:36
version : 1.0.0.0
compiled with : Delphi XE6
madExcept version : 4.0.10
callstack crc : $4e6c189b, $bb5dabbd, $cc82e602
exception number : 1
exception class : EReadError
exception message : Stream read error.
thread $d0c (TCPClientThread):
00525cc0 +068 Server.exe System.Classes TStream.ReadBuffer
0067968f +15f Server.exe MRVMediaServer 1567 +27 LoadHeader
006799b5 +171 Server.exe MRVMediaServer 1635 +25 LoadPackTCP
00679d68 +0fc Server.exe MRVMediaServer 1731 +27 TRVMediaServerThread.DoRead
00408dc6 +09e Server.exe System 399 +0 TMonitor.Wait
00674395 +099 Server.exe MRVType 5102 +6 TCPClientThread.TCPRead
0067423f +1bb Server.exe MRVType 5067 +44 TCPClientThread.Execute
004a2853 +02b Server.exe madExcept HookedTThreadExecute
00534d95 +049 Server.exe System.Classes ThreadProc
00409b10 +028 Server.exe System 399 +0 ThreadWrapper
004a2739 +00d Server.exe madExcept CallThreadProcSafe
004a279e +032 Server.exe madExcept ThreadExceptFrame
>> created by thread $484 (TRVListenerThread) at:
00673e33 +023 Server.exe MRVType 4952 +1 TCPClientThread.Create
main thread ($60c):
77e2bf51 +00a USER32.dll WaitMessage
0064ada5 +149 Server.exe Vcl.Forms TApplication.Idle
00649fcb +017 Server.exe Vcl.Forms TApplication.HandleMessage
0064a2f1 +0c9 Server.exe Vcl.Forms TApplication.Run
0068bdef +03b Server.exe Server 25 +3 initialization
thread $dec (TRVListenerThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b5150e +5e WS2HELP.dll WahReferenceContextByHandle
71b62839 +9e WS2_32.dll select
00674534 +d8 Server.exe MRVType 5187 +14 WSSelect
00674803 +8b Server.exe MRVType 5272 +12 TRVListenerThread.ListenServer
0067469d +4d Server.exe MRVType 5222 +8 TRVListenerThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $a2c at:
00674593 +23 Server.exe MRVType 5199 +1 TRVListenerThread.Create
thread $484 (TRVListenerThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b5150e +5e WS2HELP.dll WahReferenceContextByHandle
71b62839 +9e WS2_32.dll select
00674534 +d8 Server.exe MRVType 5187 +14 WSSelect
00674803 +8b Server.exe MRVType 5272 +12 TRVListenerThread.ListenServer
0067469d +4d Server.exe MRVType 5222 +8 TRVListenerThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $5bc at:
00674593 +23 Server.exe MRVType 5199 +1 TRVListenerThread.Create
modules:
00400000 Server.exe 1.0.0.0 D:\hyj
025d0000 Normaliz.dll 6.0.5441.0 C:\WINDOWS\system32
40270000 wininet.dll 8.0.6001.19298 C:\WINDOWS\system32
40910000 iertutil.dll 8.0.6001.19298 C:\WINDOWS\system32
439b0000 urlmon.dll 8.0.6001.19298 C:\WINDOWS\system32
4c510000 msctfime.ime 5.2.3790.3959 C:\WINDOWS\system32
69660000 hnetcfg.dll 5.2.3790.3959 C:\WINDOWS\system32
71a40000 wshtcpip.dll 5.2.3790.3959 C:\WINDOWS\System32
71a80000 mswsock.dll 5.2.3790.4318 C:\WINDOWS\system32
71ad0000 uxtheme.dll 6.0.3790.3959 C:\WINDOWS\system32
71b10000 wsock32.dll 5.2.3790.0 C:\WINDOWS\system32
71b20000 rdpsnd.dll 5.2.3790.0 C:\WINDOWS\system32
71b50000 WS2HELP.dll 5.2.3790.3959 C:\WINDOWS\system32
71b60000 WS2_32.dll 5.2.3790.3959 C:\WINDOWS\system32
71ba0000 NETAPI32.dll 5.2.3790.5030 C:\WINDOWS\system32
72f40000 winspool.drv 5.2.3790.3959 C:\WINDOWS\system32
73730000 ddraw.dll 5.3.3790.3959 C:\WINDOWS\system32
73a60000 DCIMAN32.dll 5.2.3790.0 C:\WINDOWS\system32
74430000 MSCTF.dll 5.2.3790.3959 C:\WINDOWS\system32
74ae0000 USP10.dll 1.422.3790.4695 C:\WINDOWS\system32
75d60000 apphelp.dll 5.2.3790.3959 C:\WINDOWS\system32
76180000 IMM32.DLL 5.2.3790.3959 C:\WINDOWS\system32
761a0000 comdlg32.dll 6.0.3790.3959 C:\WINDOWS\system32
769e0000 winmm.dll 5.2.3790.4916 C:\WINDOWS\system32
76ab0000 PSAPI.DLL 5.2.3790.3959 C:\WINDOWS\system32
76e60000 wtsapi32.dll 5.2.3790.3959 C:\WINDOWS\system32
76e70000 WLDAP32.dll 5.2.3790.3959 C:\WINDOWS\system32
76eb0000 Secur32.dll 5.2.3790.4530 C:\WINDOWS\system32
770d0000 SETUPAPI.dll 5.2.3790.3959 C:\WINDOWS\system32
774b0000 ole32.dll 5.2.3790.4926 C:\WINDOWS\system32
775f0000 oleaut32.dll 5.2.3790.4807 C:\WINDOWS\system32
777e0000 NTMARTA.DLL 5.2.3790.3959 C:\WINDOWS\system32
77b60000 version.dll 5.2.3790.3959 C:\WINDOWS\system32
77b70000 msvcrt.dll 7.0.3790.3959 C:\WINDOWS\system32
77bd0000 GDI32.dll 5.2.3790.4396 C:\WINDOWS\system32
77c20000 RPCRT4.dll 5.2.3790.4759 C:\WINDOWS\system32
77cd0000 comctl32.dll 6.0.3790.4770 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.4770_x-ww_05FDF087
77e10000 USER32.dll 5.2.3790.4033 C:\WINDOWS\system32
77eb0000 SHLWAPI.dll 6.0.3790.4603 C:\WINDOWS\system32
77f10000 WINSTA.dll 5.2.3790.3959 C:\WINDOWS\system32
77f30000 ADVAPI32.dll 5.2.3790.4455 C:\WINDOWS\system32
7c800000 kernel32.dll 5.2.3790.4480 C:\WINDOWS\system32
7c930000 ntdll.dll 5.2.3790.4937 C:\WINDOWS\system32
7ca10000 shell32.dll 6.0.3790.5018 C:\WINDOWS\system32
7e020000 SAMLIB.dll 5.2.3790.3959 C:\WINDOWS\system32
7f000000 LPK.DLL 5.2.3790.3959 C:\WINDOWS\system32
processes:
000 Idle 0 0 0
004 System 0 0 0 normal
14c smss.exe 0 0 0 normal C:\WINDOWS\system32
180 csrss.exe 0 0 0
198 winlogon.exe 0 0 0 high C:\WINDOWS\system32
1c8 services.exe 0 0 0 normal C:\WINDOWS\system32
1d4 lsass.exe 0 0 0 normal C:\WINDOWS\system32
288 svchost.exe 0 0 0 normal C:\WINDOWS\system32
2d8 svchost.exe 0 0 0
314 svchost.exe 0 0 0
338 svchost.exe 0 0 0 normal C:\WINDOWS\System32
388 svchost.exe 0 0 0 normal C:\WINDOWS\system32
3f8 msdtc.exe 0 0 0
444 svchost.exe 0 0 0
454 burroservice.exe 0 0 0 normal D:\hyj\qb\server
494 DUMeterSvc.exe 0 0 0 normal C:\Program Files\DU Meter
4d8 inetinfo.exe 0 0 0 normal C:\WINDOWS\system32\inetsrv
534 mysqld.exe 0 0 0 normal D:\Program Files\MySQL\MySQL Server 5.1\bin
5dc burroguard.exe 0 0 0 normal D:\hyj\qb\server
640 ServUDaemon.exe 0 0 0 normal C:\Program Files\Serv-U
6a8 svchost.exe 0 0 0 normal C:\WINDOWS\System32
6e4 svchost.exe 0 0 0
8c0 svchost.exe 0 0 0 normal C:\WINDOWS\System32
9a8 alg.exe 0 0 0
a78 svchost.exe 0 0 0 normal C:\WINDOWS\System32
ca8 wmiprvse.exe 0 0 0
d9c csrss.exe 1 0 0
db8 winlogon.exe 1 44 18 high C:\WINDOWS\system32
e70 rdpclip.exe 1 8 9 normal C:\WINDOWS\system32
eb8 Explorer.EXE 1 245 209 normal C:\WINDOWS
f44 ctfmon.exe 1 18 11 normal C:\WINDOWS\system32
f50 DUMeter.exe 1 50 39 normal C:\Program Files\DU Meter
f60 LedService.exe 1 74 65 normal D:\hyj\LedService
a34 logon.scr 0 0 0
898 taskmgr.exe 1 112 98 high C:\WINDOWS\system32
590 QQ.exe 1 381 108 normal D:\Program Files\Tencent\QQIntl\Bin
384 TXPlatform.exe 1 4 5 normal D:\Program Files\Tencent\QQIntl\Bin
f3c Server.exe 1 117 82 normal D:\hyj
bd4 WinRAR.exe 1 124 45 normal C:\Program Files\WinRAR
d38 scrnsave.scr 1 4 1 idle C:\WINDOWS\system32
bac w3wp.exe 0 0 0 normal c:\windows\system32\inetsrv
958 csrss.exe 5 0 0
15c winlogon.exe 5 0 0 high C:\WINDOWS\system32
71c csrss.exe 3 0 0
e10 winlogon.exe 3 0 0 high C:\WINDOWS\system32
hardware:
+ DVD/CD-ROM 驱动器
- Msft Virtual CD/ROM
- Msft Virtual CD/ROM
+ IDE ATA/ATAPI 控制器
- Intel(R) 82371AB/EB PCI Bus Master IDE Controller
- 主要 IDE 通道
- 次要 IDE 通道
+ 人体学接口设备
- Microsoft Hyper-V Input
+ 声音、视频和游戏控制器
- 传统视频捕捉设备
- 传统音频驱动程序
- 媒体控制设备
- 视频编码解码器
- 音频编码解码器
+ 处理器
- Intel(R) Xeon(R) CPU L5640 @ 2.27GHz
- Intel(R) Xeon(R) CPU L5640 @ 2.27GHz
+ 显示卡
- Microsoft Hyper-V Video
+ 磁盘驱动器
- Virtual HD
- Virtual HD
+ 端口 (COM 和 LPT)
- 通信端口 (COM1)
- 通信端口 (COM2)
+ 系统设备
- ACPI Fixed Feature Button
- Direct memory access controller
- Intel 82371AB/EB PCI to ISA bridge (ISA mode)
- Intel 82443BX Pentium(R) II Processor to PCI Bridge
- ISAPNP Read Data Port
- Logical Disk Manager
- Microcode Update Device
- Microsoft ACPI-Compliant System
- Microsoft Hyper-V Data Exchange
- Microsoft Hyper-V Guest Shutdown
- Microsoft Hyper-V Heartbeat
- Microsoft Hyper-V S3 Cap
- Microsoft Hyper-V Storage Accelerator
- Microsoft Hyper-V Storage Accelerator
- Microsoft Hyper-V Time Synchronization
- Microsoft Hyper-V Virtual Machine Bus
- Microsoft Hyper-V Volume Shadow Copy
- Microsoft System Management BIOS Driver
- Motherboard resources
- Motherboard resources
- Numeric data processor
- PCI bus
- Plug and Play Software Device Enumerator
- Programmable interrupt controller
- System board
- System CMOS/real time clock
- System speaker
- System timer
- Volume Manager
- 控制台的全屏显示视频驱动程序
- 终端服务器设备重定向器
- 终端服务器键盘驱动程序
- 终端服务器鼠标驱动程序
+ 网络适配器
- Microsoft Hyper-V Network Adapter #4
- WAN 微型端口 (IP)
- WAN 微型端口 (L2TP)
- WAN 微型端口 (PPPOE)
- WAN 微型端口 (PPTP)
- 直接并口
+ 计算机
- ACPI Multiprocessor PC
+ 软盘控制器
- Standard floppy disk controller
+ 软盘驱动器
- 软盘驱动器
+ 键盘
- Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
+ 鼠标和其它指针设备
- HID-compliant mouse
- Microsoft PS/2 Mouse
cpu registers:
eax = 010d3300
ebx = 00000004
ecx = 00000000
edx = 00178828
esi = 00000000
edi = 00000010
eip = 00525cc5
esp = 036cfd68
ebp = 036cfddc
stack dump:
036cfd68 c5 5c 52 00 de fa ed 0e - 01 00 00 00 07 00 00 00 .\R.............
036cfd78 7c fd 6c 03 c5 5c 52 00 - 00 33 0d 01 04 00 00 00 |.l..\R..3......
036cfd88 00 00 00 00 10 00 00 00 - dc fd 6c 03 98 fd 6c 03 ..........l...l.
036cfd98 a0 35 0d 01 96 fe 6c 03 - c6 fe 6c 03 11 1b 09 01 .5....l...l.....
036cfda8 44 5f 67 00 94 96 67 00 - c6 fe 6c 03 11 1b 09 01 D_g...g...l.....
036cfdb8 ea 6c 52 00 00 00 00 00 - 00 00 00 00 d8 fd 6c 03 .lR...........l.
036cfdc8 3d 2e 52 00 00 00 00 00 - 00 00 00 00 11 1b 09 00 =.R.............
036cfdd8 a0 35 0d 01 24 fe 6c 03 - ba 99 67 00 c8 fe 6c 03 .5..$.l...g...l.
036cfde8 c6 fe 6c 03 5e 90 09 01 - 44 5f 67 00 94 89 0e 01 ..l.^...D_g.....
036cfdf8 b0 18 67 00 b8 18 67 00 - 44 5f 67 00 01 00 00 00 ..g...g.D_g.....
036cfe08 a0 35 0d 01 1a 00 00 00 - 00 00 00 00 1a 00 00 00 .5..............
036cfe18 00 00 00 00 00 00 00 00 - 00 00 00 00 c8 fe 6c 03 ..............l.
036cfe28 6d 9d 67 00 c8 fe 6c 03 - 04 ff 6c 03 40 92 40 00 m.g...l...l.@.@.
036cfe38 c8 fe 6c 03 00 00 00 00 - 50 14 0e 01 44 5f 67 00 ..l.....P...D_g.
036cfe48 c9 8d 40 00 94 02 00 00 - 80 34 0d 01 40 ac 07 01 ..@......4..@...
036cfe58 c0 1a 09 01 08 00 00 00 - 02 00 00 00 01 00 00 00 ................
036cfe68 02 00 00 00 10 00 00 00 - 04 00 00 00 31 00 00 00 ............1...
036cfe78 b8 7f 40 00 00 14 0e 01 - 52 67 40 00 2d 7e 40 00 ..@.....Rg@.-~@.
036cfe88 00 14 00 00 00 00 00 00 - 00 00 00 00 00 00 d5 d0 ................
036cfe98 f4 41 00 00 00 00 00 00 - 00 00 00 00 00 00 26 50 .A............&P
disassembling:
[...]
00679680 mov eax, [ebp+8]
00679683 mov ecx, [eax-$5c]
00679686 mov eax, [ebp+8]
00679689 lea edx, [eax-$32]
0067968c mov eax, [ebp-4]
0067968f > call -$153a3c ($525c58) ; System.Classes.TStream.ReadBuffer
00679694 jmp loc_6796b5
00679696 1568 mov eax, [ebp+8]
00679699 add eax, -$32
0067969c mov [ebp-$18], eax
0067969f mov eax, [ebp+8]
[...]
computer name : VPS
wts client name : HYJ-THINK
user name : Administrator <admin>
registered owner : hyper-v / hyper-v
operating system : Windows 2003 Service Pack 2 build 3790
system language : Chinese
system up time : 9 days 17 hours
program up time : 1 hour 41 minutes
processors : 2x Intel(R) Xeon(R) CPU L5640 @ 2.27GHz
physical memory : 2039/2559 MB (free/total)
free disk space : (C:) 3.44 GB (D:) 26.01 GB
display mode : 1440x900, 16 bit
process id : $5b0
allocated memory : 7.55 MB
largest free block : 971.62 MB
executable : Server.exe
exec. date/time : 2014-12-07 14:36
version : 1.0.0.0
compiled with : Delphi XE6
madExcept version : 4.0.10
callstack crc : $4e6c189b, $107624a6, $5c37702d
exception number : 1
exception class : EReadError
exception message : Stream read error.
thread $728 (TCPClientThread):
00525cc0 +068 Server.exe System.Classes TStream.ReadBuffer
00679740 +210 Server.exe MRVMediaServer 1579 +39 LoadHeader
006799b5 +171 Server.exe MRVMediaServer 1635 +25 LoadPackTCP
00679d68 +0fc Server.exe MRVMediaServer 1731 +27 TRVMediaServerThread.DoRead
00408dc6 +09e Server.exe System 399 +0 TMonitor.Wait
00674395 +099 Server.exe MRVType 5102 +6 TCPClientThread.TCPRead
0067423f +1bb Server.exe MRVType 5067 +44 TCPClientThread.Execute
004a2853 +02b Server.exe madExcept HookedTThreadExecute
00534d95 +049 Server.exe System.Classes ThreadProc
00409b10 +028 Server.exe System 399 +0 ThreadWrapper
004a2739 +00d Server.exe madExcept CallThreadProcSafe
004a279e +032 Server.exe madExcept ThreadExceptFrame
>> created by thread $120 (TRVListenerThread) at:
00673e33 +023 Server.exe MRVType 4952 +1 TCPClientThread.Create
main thread ($d00):
77e2bf51 +00a USER32.dll WaitMessage
0064ada5 +149 Server.exe Vcl.Forms TApplication.Idle
00649fcb +017 Server.exe Vcl.Forms TApplication.HandleMessage
0064a2f1 +0c9 Server.exe Vcl.Forms TApplication.Run
0068bdef +03b Server.exe Server 25 +3 initialization
thread $fec (TRVListenerThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b5150e +5e WS2HELP.dll WahReferenceContextByHandle
71b62839 +9e WS2_32.dll select
00674534 +d8 Server.exe MRVType 5187 +14 WSSelect
00674803 +8b Server.exe MRVType 5272 +12 TRVListenerThread.ListenServer
0067469d +4d Server.exe MRVType 5222 +8 TRVListenerThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $c98 at:
00674593 +23 Server.exe MRVType 5199 +1 TRVListenerThread.Create
thread $120 (TRVListenerThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b5150e +5e WS2HELP.dll WahReferenceContextByHandle
71b62839 +9e WS2_32.dll select
00674534 +d8 Server.exe MRVType 5187 +14 WSSelect
00674803 +8b Server.exe MRVType 5272 +12 TRVListenerThread.ListenServer
0067469d +4d Server.exe MRVType 5222 +8 TRVListenerThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $f9c at:
00674593 +23 Server.exe MRVType 5199 +1 TRVListenerThread.Create
thread $d74 (TCPClientThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b694e2 +62 WS2_32.dll WSARecv
71b1114c +2c wsock32.dll recv
0066ff0b +37 Server.exe MRVType 1740 +6 ReadFromSocket
00674161 +dd Server.exe MRVType 5044 +21 TCPClientThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $120 (TRVListenerThread) at:
00673e33 +23 Server.exe MRVType 4952 +1 TCPClientThread.Create
thread $db4 (TCPClientThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b694e2 +62 WS2_32.dll WSARecv
71b1114c +2c wsock32.dll recv
0066ff0b +37 Server.exe MRVType 1740 +6 ReadFromSocket
00674161 +dd Server.exe MRVType 5044 +21 TCPClientThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $120 (TRVListenerThread) at:
00673e33 +23 Server.exe MRVType 4952 +1 TCPClientThread.Create
thread $948 (TCPClientThread):
7c956db7 +0a ntdll.dll NtDelayExecution
7c801ecf +47 kernel32.dll SleepEx
7c8024f8 +0a kernel32.dll Sleep
00674f93 +bb Server.exe MRVType 7024 +57 RecvNonBlock
0066ff2f +5b Server.exe MRVType 1743 +9 ReadFromSocket
00674161 +dd Server.exe MRVType 5044 +21 TCPClientThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $120 (TRVListenerThread) at:
00673e33 +23 Server.exe MRVType 4952 +1 TCPClientThread.Create
thread $808 (TCPClientThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b694e2 +62 WS2_32.dll WSARecv
71b1114c +2c wsock32.dll recv
0066ff0b +37 Server.exe MRVType 1740 +6 ReadFromSocket
00674161 +dd Server.exe MRVType 5044 +21 TCPClientThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $120 (TRVListenerThread) at:
00673e33 +23 Server.exe MRVType 4952 +1 TCPClientThread.Create
thread $a74 (TCPClientThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b694e2 +62 WS2_32.dll WSARecv
71b1114c +2c wsock32.dll recv
0066ff0b +37 Server.exe MRVType 1740 +6 ReadFromSocket
00674161 +dd Server.exe MRVType 5044 +21 TCPClientThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $120 (TRVListenerThread) at:
00673e33 +23 Server.exe MRVType 4952 +1 TCPClientThread.Create
thread $cf4 (TRVClientRedirect):
7c957b67 +0a ntdll.dll NtWaitForMultipleObjects
7c822026 +cc kernel32.dll WaitForMultipleObjectsEx
004abcfa +56 Server.exe System.SyncObjs THandleObject.WaitFor
0067750c +2c Server.exe MRVMediaServer 558 +11 TRVClientRedirect.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $d74 (TCPClientThread) at:
00676edd +51 Server.exe MRVMediaServer 387 +1 TRVClientRedirect.Create
thread $b74 (TRVClientRedirect):
7c957b67 +0a ntdll.dll NtWaitForMultipleObjects
7c822026 +cc kernel32.dll WaitForMultipleObjectsEx
004abcfa +56 Server.exe System.SyncObjs THandleObject.WaitFor
0067750c +2c Server.exe MRVMediaServer 558 +11 TRVClientRedirect.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $db4 (TCPClientThread) at:
00676edd +51 Server.exe MRVMediaServer 387 +1 TRVClientRedirect.Create
thread $8d8 (TRVClientRedirect):
7c957b67 +0a ntdll.dll NtWaitForMultipleObjects
7c822026 +cc kernel32.dll WaitForMultipleObjectsEx
004abcfa +56 Server.exe System.SyncObjs THandleObject.WaitFor
0067750c +2c Server.exe MRVMediaServer 558 +11 TRVClientRedirect.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $808 (TCPClientThread) at:
00676edd +51 Server.exe MRVMediaServer 387 +1 TRVClientRedirect.Create
thread $d78 (TRVClientRedirect):
7c957b67 +0a ntdll.dll NtWaitForMultipleObjects
7c822026 +cc kernel32.dll WaitForMultipleObjectsEx
004abcfa +56 Server.exe System.SyncObjs THandleObject.WaitFor
0067750c +2c Server.exe MRVMediaServer 558 +11 TRVClientRedirect.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $948 (TCPClientThread) at:
00676edd +51 Server.exe MRVMediaServer 387 +1 TRVClientRedirect.Create
thread $3e0 (TRVClientRedirect):
7c957b67 +0a ntdll.dll NtWaitForMultipleObjects
7c822026 +cc kernel32.dll WaitForMultipleObjectsEx
004abcfa +56 Server.exe System.SyncObjs THandleObject.WaitFor
0067750c +2c Server.exe MRVMediaServer 558 +11 TRVClientRedirect.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $a74 (TCPClientThread) at:
00676edd +51 Server.exe MRVMediaServer 387 +1 TRVClientRedirect.Create
modules:
00400000 Server.exe 1.0.0.0 D:\hyj
025d0000 Normaliz.dll 6.0.5441.0 C:\WINDOWS\system32
40270000 wininet.dll 8.0.6001.19298 C:\WINDOWS\system32
40910000 iertutil.dll 8.0.6001.19298 C:\WINDOWS\system32
439b0000 urlmon.dll 8.0.6001.19298 C:\WINDOWS\system32
4c510000 msctfime.ime 5.2.3790.3959 C:\WINDOWS\system32
69660000 hnetcfg.dll 5.2.3790.3959 C:\WINDOWS\system32
71a40000 wshtcpip.dll 5.2.3790.3959 C:\WINDOWS\System32
71a80000 mswsock.dll 5.2.3790.4318 C:\WINDOWS\system32
71ad0000 uxtheme.dll 6.0.3790.3959 C:\WINDOWS\system32
71b10000 wsock32.dll 5.2.3790.0 C:\WINDOWS\system32
71b20000 rdpsnd.dll 5.2.3790.0 C:\WINDOWS\system32
71b50000 WS2HELP.dll 5.2.3790.3959 C:\WINDOWS\system32
71b60000 WS2_32.dll 5.2.3790.3959 C:\WINDOWS\system32
71ba0000 NETAPI32.dll 5.2.3790.5030 C:\WINDOWS\system32
72f40000 winspool.drv 5.2.3790.3959 C:\WINDOWS\system32
73730000 ddraw.dll 5.3.3790.3959 C:\WINDOWS\system32
73a60000 DCIMAN32.dll 5.2.3790.0 C:\WINDOWS\system32
74430000 MSCTF.dll 5.2.3790.3959 C:\WINDOWS\system32
74ae0000 USP10.dll 1.422.3790.4695 C:\WINDOWS\system32
75d60000 apphelp.dll 5.2.3790.3959 C:\WINDOWS\system32
76180000 IMM32.DLL 5.2.3790.3959 C:\WINDOWS\system32
761a0000 comdlg32.dll 6.0.3790.3959 C:\WINDOWS\system32
769e0000 winmm.dll 5.2.3790.4916 C:\WINDOWS\system32
76ab0000 PSAPI.DLL 5.2.3790.3959 C:\WINDOWS\system32
76e60000 wtsapi32.dll 5.2.3790.3959 C:\WINDOWS\system32
76e70000 WLDAP32.dll 5.2.3790.3959 C:\WINDOWS\system32
76eb0000 Secur32.dll 5.2.3790.4530 C:\WINDOWS\system32
770d0000 SETUPAPI.dll 5.2.3790.3959 C:\WINDOWS\system32
774b0000 ole32.dll 5.2.3790.4926 C:\WINDOWS\system32
775f0000 oleaut32.dll 5.2.3790.4807 C:\WINDOWS\system32
777e0000 NTMARTA.DLL 5.2.3790.3959 C:\WINDOWS\system32
77b60000 version.dll 5.2.3790.3959 C:\WINDOWS\system32
77b70000 msvcrt.dll 7.0.3790.3959 C:\WINDOWS\system32
77bd0000 GDI32.dll 5.2.3790.4396 C:\WINDOWS\system32
77c20000 RPCRT4.dll 5.2.3790.4759 C:\WINDOWS\system32
77cd0000 comctl32.dll 6.0.3790.4770 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.4770_x-ww_05FDF087
77e10000 USER32.dll 5.2.3790.4033 C:\WINDOWS\system32
77eb0000 SHLWAPI.dll 6.0.3790.4603 C:\WINDOWS\system32
77f10000 WINSTA.dll 5.2.3790.3959 C:\WINDOWS\system32
77f30000 ADVAPI32.dll 5.2.3790.4455 C:\WINDOWS\system32
7c800000 kernel32.dll 5.2.3790.4480 C:\WINDOWS\system32
7c930000 ntdll.dll 5.2.3790.4937 C:\WINDOWS\system32
7ca10000 shell32.dll 6.0.3790.5018 C:\WINDOWS\system32
7e020000 SAMLIB.dll 5.2.3790.3959 C:\WINDOWS\system32
7f000000 LPK.DLL 5.2.3790.3959 C:\WINDOWS\system32
processes:
000 Idle 0 0 0
004 System 0 0 0 normal
14c smss.exe 0 0 0 normal C:\WINDOWS\system32
180 csrss.exe 0 0 0
198 winlogon.exe 0 0 0 high C:\WINDOWS\system32
1c8 services.exe 0 0 0 normal C:\WINDOWS\system32
1d4 lsass.exe 0 0 0 normal C:\WINDOWS\system32
288 svchost.exe 0 0 0 normal C:\WINDOWS\system32
2d8 svchost.exe 0 0 0
314 svchost.exe 0 0 0
338 svchost.exe 0 0 0 normal C:\WINDOWS\System32
388 svchost.exe 0 0 0 normal C:\WINDOWS\system32
3f8 msdtc.exe 0 0 0
444 svchost.exe 0 0 0
454 burroservice.exe 0 0 0 normal D:\hyj\qb\server
494 DUMeterSvc.exe 0 0 0 normal C:\Program Files\DU Meter
4d8 inetinfo.exe 0 0 0 normal C:\WINDOWS\system32\inetsrv
534 mysqld.exe 0 0 0 normal D:\Program Files\MySQL\MySQL Server 5.1\bin
5dc burroguard.exe 0 0 0 normal D:\hyj\qb\server
640 ServUDaemon.exe 0 0 0 normal C:\Program Files\Serv-U
6a8 svchost.exe 0 0 0 normal C:\WINDOWS\System32
6e4 svchost.exe 0 0 0
8c0 svchost.exe 0 0 0 normal C:\WINDOWS\System32
9a8 alg.exe 0 0 0
a78 svchost.exe 0 0 0 normal C:\WINDOWS\System32
ca8 wmiprvse.exe 0 0 0
d9c csrss.exe 1 0 0
db8 winlogon.exe 1 43 16 high C:\WINDOWS\system32
e70 rdpclip.exe 1 8 9 normal C:\WINDOWS\system32
eb8 Explorer.EXE 1 268 219 normal C:\WINDOWS
f44 ctfmon.exe 1 18 11 normal C:\WINDOWS\system32
f50 DUMeter.exe 1 50 39 normal C:\Program Files\DU Meter
f60 LedService.exe 1 69 47 normal D:\hyj\LedService
a34 logon.scr 0 0 0
898 taskmgr.exe 1 112 98 high C:\WINDOWS\system32
590 QQ.exe 1 381 108 normal D:\Program Files\Tencent\QQIntl\Bin
384 TXPlatform.exe 1 4 5 normal D:\Program Files\Tencent\QQIntl\Bin
5b0 Server.exe 1 118 87 normal D:\hyj
484 w3wp.exe 0 0 0 normal c:\windows\system32\inetsrv
404 csrss.exe 3 0 0
hardware:
+ DVD/CD-ROM 驱动器
- Msft Virtual CD/ROM
- Msft Virtual CD/ROM
+ IDE ATA/ATAPI 控制器
- Intel(R) 82371AB/EB PCI Bus Master IDE Controller
- 主要 IDE 通道
- 次要 IDE 通道
+ 人体学接口设备
- Microsoft Hyper-V Input
+ 声音、视频和游戏控制器
- 传统视频捕捉设备
- 传统音频驱动程序
- 媒体控制设备
- 视频编码解码器
- 音频编码解码器
+ 处理器
- Intel(R) Xeon(R) CPU L5640 @ 2.27GHz
- Intel(R) Xeon(R) CPU L5640 @ 2.27GHz
+ 显示卡
- Microsoft Hyper-V Video
+ 磁盘驱动器
- Virtual HD
- Virtual HD
+ 端口 (COM 和 LPT)
- 通信端口 (COM1)
- 通信端口 (COM2)
+ 系统设备
- ACPI Fixed Feature Button
- Direct memory access controller
- Intel 82371AB/EB PCI to ISA bridge (ISA mode)
- Intel 82443BX Pentium(R) II Processor to PCI Bridge
- ISAPNP Read Data Port
- Logical Disk Manager
- Microcode Update Device
- Microsoft ACPI-Compliant System
- Microsoft Hyper-V Data Exchange
- Microsoft Hyper-V Guest Shutdown
- Microsoft Hyper-V Heartbeat
- Microsoft Hyper-V S3 Cap
- Microsoft Hyper-V Storage Accelerator
- Microsoft Hyper-V Storage Accelerator
- Microsoft Hyper-V Time Synchronization
- Microsoft Hyper-V Virtual Machine Bus
- Microsoft Hyper-V Volume Shadow Copy
- Microsoft System Management BIOS Driver
- Motherboard resources
- Motherboard resources
- Numeric data processor
- PCI bus
- Plug and Play Software Device Enumerator
- Programmable interrupt controller
- System board
- System CMOS/real time clock
- System speaker
- System timer
- Volume Manager
- 控制台的全屏显示视频驱动程序
- 终端服务器设备重定向器
- 终端服务器键盘驱动程序
- 终端服务器鼠标驱动程序
+ 网络适配器
- Microsoft Hyper-V Network Adapter #4
- WAN 微型端口 (IP)
- WAN 微型端口 (L2TP)
- WAN 微型端口 (PPPOE)
- WAN 微型端口 (PPTP)
- 直接并口
+ 计算机
- ACPI Multiprocessor PC
+ 软盘控制器
- Standard floppy disk controller
+ 软盘驱动器
- 软盘驱动器
+ 键盘
- Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
+ 鼠标和其它指针设备
- HID-compliant mouse
- Microsoft PS/2 Mouse
cpu registers:
eax = 010d3560
ebx = 00000003
ecx = 00000000
edx = 001776a0
esi = 00000000
edi = 00000008
eip = 00525cc5
esp = 036cfd68
ebp = 036cfddc
stack dump:
036cfd68 c5 5c 52 00 de fa ed 0e - 01 00 00 00 07 00 00 00 .\R.............
036cfd78 7c fd 6c 03 c5 5c 52 00 - 60 35 0d 01 03 00 00 00 |.l..\R.`5......
036cfd88 00 00 00 00 08 00 00 00 - dc fd 6c 03 98 fd 6c 03 ..........l...l.
036cfd98 00 35 0d 01 78 fe 6c 03 - c6 fe 6c 03 11 1b 09 01 .5..x.l...l.....
036cfda8 40 ac 07 01 45 97 67 00 - c6 fe 6c 03 11 1b 09 01 @...E.g...l.....
036cfdb8 10 00 00 00 b6 fe 6c 03 - 00 00 00 00 d8 fd 6c 03 ......l.......l.
036cfdc8 3d 2e 52 00 00 00 00 00 - 00 00 00 00 11 1b 09 00 =.R.............
036cfdd8 00 35 0d 01 24 fe 6c 03 - ba 99 67 00 c8 fe 6c 03 .5..$.l...g...l.
036cfde8 c6 fe 6c 03 7e 94 09 01 - 44 5f 67 00 58 05 00 00 ..l.~...D_g.X...
036cfdf8 00 00 00 00 58 05 00 00 - 00 00 00 00 01 00 00 00 ....X...........
036cfe08 00 35 0d 01 2c 00 00 00 - 00 00 00 00 84 05 00 00 .5..,...........
036cfe18 00 00 00 00 58 05 00 00 - 00 00 00 00 c8 fe 6c 03 ....X.........l.
036cfe28 6d 9d 67 00 c8 fe 6c 03 - 04 ff 6c 03 40 92 40 00 m.g...l...l.@.@.
036cfe38 c8 fe 6c 03 00 00 00 00 - 30 14 0e 01 44 5f 67 00 ..l.....0...D_g.
036cfe48 c9 8d 40 00 14 02 00 00 - 20 33 0d 01 40 ac 07 01 ..@..... 3..@...
036cfe58 c0 1a 09 01 08 00 00 00 - 02 00 00 00 01 00 00 00 ................
036cfe68 02 00 00 00 10 00 00 00 - 04 00 00 00 31 00 00 00 ............1...
036cfe78 14 00 00 00 10 14 0e 01 - 52 67 40 00 2d 7e 05 00 ........Rg@.-~..
036cfe88 10 07 68 6d 48 54 00 00 - 00 00 00 00 00 00 51 07 ..hmHT........Q.
036cfe98 ba 58 5a ee cd 48 a2 ef - 0a e9 bb 8c ca 59 72 e7 .XZ..H.......Yr.
disassembling:
[...]
00679731 1579 mov eax, [ebp+8]
00679734 mov ecx, [eax-$6c]
00679737 mov eax, [ebp+8]
0067973a lea edx, [eax-$50]
0067973d mov eax, [ebp-4]
00679740 > call -$153aed ($525c58) ; System.Classes.TStream.ReadBuffer
00679745 1581 mov eax, [ebp+8]
00679748 mov eax, [eax+8]
0067974b cmp word ptr [eax], $10
0067974f jnz loc_67978b
00679751 mov eax, [ebp+8]
[...]
date/time : 2014-12-08, 21:21:22, 349ms
computer name : VPS
wts client name : HYJ-THINK
user name : Administrator <admin>
registered owner : hyper-v / hyper-v
operating system : Windows 2003 Service Pack 2 build 3790
system language : Chinese
system up time : 10 days 22 hours
program up time : 8 hours 8 minutes
processors : 2x Intel(R) Xeon(R) CPU L5640 @ 2.27GHz
physical memory : 2014/2559 MB (free/total)
free disk space : (C:) 3.44 GB (D:) 25.99 GB
display mode : 1440x900, 16 bit
process id : $f3c
allocated memory : 7.30 MB
largest free block : 970.37 MB
executable : Server.exe
exec. date/time : 2014-12-07 14:36
version : 1.0.0.0
compiled with : Delphi XE6
madExcept version : 4.0.10
callstack crc : $4e6c189b, $bb5dabbd, $cc82e602
exception number : 1
exception class : EReadError
exception message : Stream read error.
thread $d0c (TCPClientThread):
00525cc0 +068 Server.exe System.Classes TStream.ReadBuffer
0067968f +15f Server.exe MRVMediaServer 1567 +27 LoadHeader
006799b5 +171 Server.exe MRVMediaServer 1635 +25 LoadPackTCP
00679d68 +0fc Server.exe MRVMediaServer 1731 +27 TRVMediaServerThread.DoRead
00408dc6 +09e Server.exe System 399 +0 TMonitor.Wait
00674395 +099 Server.exe MRVType 5102 +6 TCPClientThread.TCPRead
0067423f +1bb Server.exe MRVType 5067 +44 TCPClientThread.Execute
004a2853 +02b Server.exe madExcept HookedTThreadExecute
00534d95 +049 Server.exe System.Classes ThreadProc
00409b10 +028 Server.exe System 399 +0 ThreadWrapper
004a2739 +00d Server.exe madExcept CallThreadProcSafe
004a279e +032 Server.exe madExcept ThreadExceptFrame
>> created by thread $484 (TRVListenerThread) at:
00673e33 +023 Server.exe MRVType 4952 +1 TCPClientThread.Create
main thread ($60c):
77e2bf51 +00a USER32.dll WaitMessage
0064ada5 +149 Server.exe Vcl.Forms TApplication.Idle
00649fcb +017 Server.exe Vcl.Forms TApplication.HandleMessage
0064a2f1 +0c9 Server.exe Vcl.Forms TApplication.Run
0068bdef +03b Server.exe Server 25 +3 initialization
thread $dec (TRVListenerThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b5150e +5e WS2HELP.dll WahReferenceContextByHandle
71b62839 +9e WS2_32.dll select
00674534 +d8 Server.exe MRVType 5187 +14 WSSelect
00674803 +8b Server.exe MRVType 5272 +12 TRVListenerThread.ListenServer
0067469d +4d Server.exe MRVType 5222 +8 TRVListenerThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $a2c at:
00674593 +23 Server.exe MRVType 5199 +1 TRVListenerThread.Create
thread $484 (TRVListenerThread):
7c957b77 +0a ntdll.dll NtWaitForSingleObject
71b5150e +5e WS2HELP.dll WahReferenceContextByHandle
71b62839 +9e WS2_32.dll select
00674534 +d8 Server.exe MRVType 5187 +14 WSSelect
00674803 +8b Server.exe MRVType 5272 +12 TRVListenerThread.ListenServer
0067469d +4d Server.exe MRVType 5222 +8 TRVListenerThread.Execute
004a2853 +2b Server.exe madExcept HookedTThreadExecute
00534d95 +49 Server.exe System.Classes ThreadProc
00409b10 +28 Server.exe System 399 +0 ThreadWrapper
004a2739 +0d Server.exe madExcept CallThreadProcSafe
004a279e +32 Server.exe madExcept ThreadExceptFrame
>> created by thread $5bc at:
00674593 +23 Server.exe MRVType 5199 +1 TRVListenerThread.Create
modules:
00400000 Server.exe 1.0.0.0 D:\hyj
025d0000 Normaliz.dll 6.0.5441.0 C:\WINDOWS\system32
40270000 wininet.dll 8.0.6001.19298 C:\WINDOWS\system32
40910000 iertutil.dll 8.0.6001.19298 C:\WINDOWS\system32
439b0000 urlmon.dll 8.0.6001.19298 C:\WINDOWS\system32
4c510000 msctfime.ime 5.2.3790.3959 C:\WINDOWS\system32
69660000 hnetcfg.dll 5.2.3790.3959 C:\WINDOWS\system32
71a40000 wshtcpip.dll 5.2.3790.3959 C:\WINDOWS\System32
71a80000 mswsock.dll 5.2.3790.4318 C:\WINDOWS\system32
71ad0000 uxtheme.dll 6.0.3790.3959 C:\WINDOWS\system32
71b10000 wsock32.dll 5.2.3790.0 C:\WINDOWS\system32
71b20000 rdpsnd.dll 5.2.3790.0 C:\WINDOWS\system32
71b50000 WS2HELP.dll 5.2.3790.3959 C:\WINDOWS\system32
71b60000 WS2_32.dll 5.2.3790.3959 C:\WINDOWS\system32
71ba0000 NETAPI32.dll 5.2.3790.5030 C:\WINDOWS\system32
72f40000 winspool.drv 5.2.3790.3959 C:\WINDOWS\system32
73730000 ddraw.dll 5.3.3790.3959 C:\WINDOWS\system32
73a60000 DCIMAN32.dll 5.2.3790.0 C:\WINDOWS\system32
74430000 MSCTF.dll 5.2.3790.3959 C:\WINDOWS\system32
74ae0000 USP10.dll 1.422.3790.4695 C:\WINDOWS\system32
75d60000 apphelp.dll 5.2.3790.3959 C:\WINDOWS\system32
76180000 IMM32.DLL 5.2.3790.3959 C:\WINDOWS\system32
761a0000 comdlg32.dll 6.0.3790.3959 C:\WINDOWS\system32
769e0000 winmm.dll 5.2.3790.4916 C:\WINDOWS\system32
76ab0000 PSAPI.DLL 5.2.3790.3959 C:\WINDOWS\system32
76e60000 wtsapi32.dll 5.2.3790.3959 C:\WINDOWS\system32
76e70000 WLDAP32.dll 5.2.3790.3959 C:\WINDOWS\system32
76eb0000 Secur32.dll 5.2.3790.4530 C:\WINDOWS\system32
770d0000 SETUPAPI.dll 5.2.3790.3959 C:\WINDOWS\system32
774b0000 ole32.dll 5.2.3790.4926 C:\WINDOWS\system32
775f0000 oleaut32.dll 5.2.3790.4807 C:\WINDOWS\system32
777e0000 NTMARTA.DLL 5.2.3790.3959 C:\WINDOWS\system32
77b60000 version.dll 5.2.3790.3959 C:\WINDOWS\system32
77b70000 msvcrt.dll 7.0.3790.3959 C:\WINDOWS\system32
77bd0000 GDI32.dll 5.2.3790.4396 C:\WINDOWS\system32
77c20000 RPCRT4.dll 5.2.3790.4759 C:\WINDOWS\system32
77cd0000 comctl32.dll 6.0.3790.4770 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.4770_x-ww_05FDF087
77e10000 USER32.dll 5.2.3790.4033 C:\WINDOWS\system32
77eb0000 SHLWAPI.dll 6.0.3790.4603 C:\WINDOWS\system32
77f10000 WINSTA.dll 5.2.3790.3959 C:\WINDOWS\system32
77f30000 ADVAPI32.dll 5.2.3790.4455 C:\WINDOWS\system32
7c800000 kernel32.dll 5.2.3790.4480 C:\WINDOWS\system32
7c930000 ntdll.dll 5.2.3790.4937 C:\WINDOWS\system32
7ca10000 shell32.dll 6.0.3790.5018 C:\WINDOWS\system32
7e020000 SAMLIB.dll 5.2.3790.3959 C:\WINDOWS\system32
7f000000 LPK.DLL 5.2.3790.3959 C:\WINDOWS\system32
processes:
000 Idle 0 0 0
004 System 0 0 0 normal
14c smss.exe 0 0 0 normal C:\WINDOWS\system32
180 csrss.exe 0 0 0
198 winlogon.exe 0 0 0 high C:\WINDOWS\system32
1c8 services.exe 0 0 0 normal C:\WINDOWS\system32
1d4 lsass.exe 0 0 0 normal C:\WINDOWS\system32
288 svchost.exe 0 0 0 normal C:\WINDOWS\system32
2d8 svchost.exe 0 0 0
314 svchost.exe 0 0 0
338 svchost.exe 0 0 0 normal C:\WINDOWS\System32
388 svchost.exe 0 0 0 normal C:\WINDOWS\system32
3f8 msdtc.exe 0 0 0
444 svchost.exe 0 0 0
454 burroservice.exe 0 0 0 normal D:\hyj\qb\server
494 DUMeterSvc.exe 0 0 0 normal C:\Program Files\DU Meter
4d8 inetinfo.exe 0 0 0 normal C:\WINDOWS\system32\inetsrv
534 mysqld.exe 0 0 0 normal D:\Program Files\MySQL\MySQL Server 5.1\bin
5dc burroguard.exe 0 0 0 normal D:\hyj\qb\server
640 ServUDaemon.exe 0 0 0 normal C:\Program Files\Serv-U
6a8 svchost.exe 0 0 0 normal C:\WINDOWS\System32
6e4 svchost.exe 0 0 0
8c0 svchost.exe 0 0 0 normal C:\WINDOWS\System32
9a8 alg.exe 0 0 0
a78 svchost.exe 0 0 0 normal C:\WINDOWS\System32
ca8 wmiprvse.exe 0 0 0
d9c csrss.exe 1 0 0
db8 winlogon.exe 1 44 18 high C:\WINDOWS\system32
e70 rdpclip.exe 1 8 9 normal C:\WINDOWS\system32
eb8 Explorer.EXE 1 245 209 normal C:\WINDOWS
f44 ctfmon.exe 1 18 11 normal C:\WINDOWS\system32
f50 DUMeter.exe 1 50 39 normal C:\Program Files\DU Meter
f60 LedService.exe 1 74 65 normal D:\hyj\LedService
a34 logon.scr 0 0 0
898 taskmgr.exe 1 112 98 high C:\WINDOWS\system32
590 QQ.exe 1 381 108 normal D:\Program Files\Tencent\QQIntl\Bin
384 TXPlatform.exe 1 4 5 normal D:\Program Files\Tencent\QQIntl\Bin
f3c Server.exe 1 117 82 normal D:\hyj
bd4 WinRAR.exe 1 124 45 normal C:\Program Files\WinRAR
d38 scrnsave.scr 1 4 1 idle C:\WINDOWS\system32
bac w3wp.exe 0 0 0 normal c:\windows\system32\inetsrv
958 csrss.exe 5 0 0
15c winlogon.exe 5 0 0 high C:\WINDOWS\system32
71c csrss.exe 3 0 0
e10 winlogon.exe 3 0 0 high C:\WINDOWS\system32
hardware:
+ DVD/CD-ROM 驱动器
- Msft Virtual CD/ROM
- Msft Virtual CD/ROM
+ IDE ATA/ATAPI 控制器
- Intel(R) 82371AB/EB PCI Bus Master IDE Controller
- 主要 IDE 通道
- 次要 IDE 通道
+ 人体学接口设备
- Microsoft Hyper-V Input
+ 声音、视频和游戏控制器
- 传统视频捕捉设备
- 传统音频驱动程序
- 媒体控制设备
- 视频编码解码器
- 音频编码解码器
+ 处理器
- Intel(R) Xeon(R) CPU L5640 @ 2.27GHz
- Intel(R) Xeon(R) CPU L5640 @ 2.27GHz
+ 显示卡
- Microsoft Hyper-V Video
+ 磁盘驱动器
- Virtual HD
- Virtual HD
+ 端口 (COM 和 LPT)
- 通信端口 (COM1)
- 通信端口 (COM2)
+ 系统设备
- ACPI Fixed Feature Button
- Direct memory access controller
- Intel 82371AB/EB PCI to ISA bridge (ISA mode)
- Intel 82443BX Pentium(R) II Processor to PCI Bridge
- ISAPNP Read Data Port
- Logical Disk Manager
- Microcode Update Device
- Microsoft ACPI-Compliant System
- Microsoft Hyper-V Data Exchange
- Microsoft Hyper-V Guest Shutdown
- Microsoft Hyper-V Heartbeat
- Microsoft Hyper-V S3 Cap
- Microsoft Hyper-V Storage Accelerator
- Microsoft Hyper-V Storage Accelerator
- Microsoft Hyper-V Time Synchronization
- Microsoft Hyper-V Virtual Machine Bus
- Microsoft Hyper-V Volume Shadow Copy
- Microsoft System Management BIOS Driver
- Motherboard resources
- Motherboard resources
- Numeric data processor
- PCI bus
- Plug and Play Software Device Enumerator
- Programmable interrupt controller
- System board
- System CMOS/real time clock
- System speaker
- System timer
- Volume Manager
- 控制台的全屏显示视频驱动程序
- 终端服务器设备重定向器
- 终端服务器键盘驱动程序
- 终端服务器鼠标驱动程序
+ 网络适配器
- Microsoft Hyper-V Network Adapter #4
- WAN 微型端口 (IP)
- WAN 微型端口 (L2TP)
- WAN 微型端口 (PPPOE)
- WAN 微型端口 (PPTP)
- 直接并口
+ 计算机
- ACPI Multiprocessor PC
+ 软盘控制器
- Standard floppy disk controller
+ 软盘驱动器
- 软盘驱动器
+ 键盘
- Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
+ 鼠标和其它指针设备
- HID-compliant mouse
- Microsoft PS/2 Mouse
cpu registers:
eax = 010d3300
ebx = 00000004
ecx = 00000000
edx = 00178828
esi = 00000000
edi = 00000010
eip = 00525cc5
esp = 036cfd68
ebp = 036cfddc
stack dump:
036cfd68 c5 5c 52 00 de fa ed 0e - 01 00 00 00 07 00 00 00 .\R.............
036cfd78 7c fd 6c 03 c5 5c 52 00 - 00 33 0d 01 04 00 00 00 |.l..\R..3......
036cfd88 00 00 00 00 10 00 00 00 - dc fd 6c 03 98 fd 6c 03 ..........l...l.
036cfd98 a0 35 0d 01 96 fe 6c 03 - c6 fe 6c 03 11 1b 09 01 .5....l...l.....
036cfda8 44 5f 67 00 94 96 67 00 - c6 fe 6c 03 11 1b 09 01 D_g...g...l.....
036cfdb8 ea 6c 52 00 00 00 00 00 - 00 00 00 00 d8 fd 6c 03 .lR...........l.
036cfdc8 3d 2e 52 00 00 00 00 00 - 00 00 00 00 11 1b 09 00 =.R.............
036cfdd8 a0 35 0d 01 24 fe 6c 03 - ba 99 67 00 c8 fe 6c 03 .5..$.l...g...l.
036cfde8 c6 fe 6c 03 5e 90 09 01 - 44 5f 67 00 94 89 0e 01 ..l.^...D_g.....
036cfdf8 b0 18 67 00 b8 18 67 00 - 44 5f 67 00 01 00 00 00 ..g...g.D_g.....
036cfe08 a0 35 0d 01 1a 00 00 00 - 00 00 00 00 1a 00 00 00 .5..............
036cfe18 00 00 00 00 00 00 00 00 - 00 00 00 00 c8 fe 6c 03 ..............l.
036cfe28 6d 9d 67 00 c8 fe 6c 03 - 04 ff 6c 03 40 92 40 00 m.g...l...l.@.@.
036cfe38 c8 fe 6c 03 00 00 00 00 - 50 14 0e 01 44 5f 67 00 ..l.....P...D_g.
036cfe48 c9 8d 40 00 94 02 00 00 - 80 34 0d 01 40 ac 07 01 ..@......4..@...
036cfe58 c0 1a 09 01 08 00 00 00 - 02 00 00 00 01 00 00 00 ................
036cfe68 02 00 00 00 10 00 00 00 - 04 00 00 00 31 00 00 00 ............1...
036cfe78 b8 7f 40 00 00 14 0e 01 - 52 67 40 00 2d 7e 40 00 ..@.....Rg@.-~@.
036cfe88 00 14 00 00 00 00 00 00 - 00 00 00 00 00 00 d5 d0 ................
036cfe98 f4 41 00 00 00 00 00 00 - 00 00 00 00 00 00 26 50 .A............&P
disassembling:
[...]
00679680 mov eax, [ebp+8]
00679683 mov ecx, [eax-$5c]
00679686 mov eax, [ebp+8]
00679689 lea edx, [eax-$32]
0067968c mov eax, [ebp-4]
0067968f > call -$153a3c ($525c58) ; System.Classes.TStream.ReadBuffer
00679694 jmp loc_6796b5
00679696 1568 mov eax, [ebp+8]
00679699 add eax, -$32
0067969c mov [ebp-$18], eax
0067969f mov eax, [ebp+8]
[...]
-
- Site Admin
- Posts: 17559
- Joined: Sat Aug 27, 2005 10:28 am
- Contact:
-
- Site Admin
- Posts: 17559
- Joined: Sat Aug 27, 2005 10:28 am
- Contact:
Hello,
Do I understand correctly - they problems happen when you run several instances of your clients?
If yes, it is happens because of duplicate GUID. Your settings are correct for the case of one sender and one receiver client. But if you run more senders or more receivers, there will be problems, because several clients have the same identifiers. Such clients disconnects each other - it is by design. They also can cause errors in the server - it will be fixed in future updates, but not now.
Do I understand correctly - they problems happen when you run several instances of your clients?
If yes, it is happens because of duplicate GUID. Your settings are correct for the case of one sender and one receiver client. But if you run more senders or more receivers, there will be problems, because several clients have the same identifiers. Such clients disconnects each other - it is by design. They also can cause errors in the server - it will be fixed in future updates, but not now.