w2k3sp1, ie6 crash

Guest · Jun 3, 2005

Seems a lot of problems with ie6/java for server2003 after last updates...

IE6+last_updates running on Server 2003sp1.
Problem: IE6 windows are all off when clicking on links (opening pages) like
http://us.ard.yahoo.com/SIG=1254bi5...yahoo.com&cm_pla=forecastpage&cm_ite=CityPage
..
If enhanced security is on (means java/activex and oth. is off), the page is
visible in general. But if I just set active scripting to ON - IE6 crashes ..
..Event log says: "Faulting application iexplore.exe, version 6.0.3790.1830,
faulting module unknown, version 0.0.0.0, fault address 0x7865695c." or
simmilar...

During 4 weeks no fun at all

(
Have you any ideas on fix this?

Regards,
Sarunas
(e-mail address removed)

Guest · Jun 7, 2005

Additionally the Opera has been installed. works perfect, but what to do with
IE6..?

Robert Aldwinckle · Jun 8, 2005

sarukri said:
Seems a lot of problems with ie6/java for server2003 after last updates...

IE6+last_updates running on Server 2003sp1.
Problem: IE6 windows are all off when clicking on links (opening pages) like
http://us.ard.yahoo.com/SIG=1254bi5...yahoo.com&cm_pla=forecastpage&cm_ite=CityPage
.
If enhanced security is on (means java/activex and oth. is off), the page is
visible in general. But if I just set active scripting to ON - IE6 crashes ..
.Event log says: "Faulting application iexplore.exe, version 6.0.3790.1830,
faulting module unknown, version 0.0.0.0, fault address 0x7865695c." or
simmilar...

During 4 weeks no fun at all (
Have you any ideas on fix this?

No fix but you could try refining your symptom description by trying this approximation
of where the above URL ends up and using Prompts to trace how far you are getting:

http://www.weather.com/outlook/travel/businesstraveler/extended/LUXX0003

E.g. when I change default security options to Prompt wherever Enable is set
I see multiple prompts for Scripting interleaved with a few prompts for ActiveX controls.

Tip: the simplest way I have found to make this change is to doubleclick on the
security zone icon in the Status bar (to open the Security dialog), press Alt-C
(to get into the Security Settings dialog) and then repeatedly press P to scroll
to Prompt settings. Only when the preceding Enable setting is set (e.g. Green)
do I press Space to set the Prompt instead of the Enable. Then I can safely
reply Yes or No to any prompt I get without worrying if I might be allowing something
which might normally be disallowed by the default settings.

So, if you use the same procedure and reply Yes to prompts for Scripting
and No to prompts for ActiveX does it reproduce your symptom?
And if so when in the sequence of prompts does the crash occur?

Note: to undo the above diagnostic settings just enter the Security dialog again
and click on the Default Level button (assuming you don't have any custom settings
of your own; in that case do whatever is necessary to restore them.)

Good luck

Robert Aldwinckle
---

Guest · Jun 10, 2005

Hi, Robert,
I tried to simulate your suggested steps
So, after my second "Yes" allowing script to run, IE6 "disapears" like in
the past.

Robert Aldwinckle · Jun 10, 2005

....

....

Hi, Robert,
I tried to simulate your suggested steps
So, after my second "Yes" allowing script to run, IE6 "disapears" like in
the past.

I think it would be interesting to know what gets loaded at 0x78650000 (e.g.,
if your crash address always has those first 4 hex digits.) For example, if your
crash represents the possibility that a module is loaded there and then deleted
but not all references to it are dropped, it might be loaded by the time you get
to your second prompt. You could use SysInternals Process Explorer to check
then if a .dll is loaded there then. Then you would have more information than
the "Unknown" module which is currently being reported for that crash address.
FWIW I don't have anything loading there on my XPsp2.

Hint: Process Explorer's defaults aren't set up for this analysis. You would have to
do things such as switch the view in the lower pane to Dlls (e.g. press Ctrl-d)
enable all of that view's columns (either right-click on that view's column headers
or use the View menu's, Select Columns... item and that dialog's DLL tab).
Then click on the Base column to sort the DLLs by load address. Of course you want
to select the iexplore.exe PID which will cause the problem before looking for DLLs.
Can you find a DLL loaded by that task which is loaded at 0x7865000?

OTOH that address could just represent a "wild branch" from another module.
Unfortunately, none of the standard diagnostics show us exactly what causes
something like that. The best we have is the Stack Back Trace in drwtsn32.log.
Hint: the one you are interested in is the one which follows the line where your crash
address is prefixed by FAULT -> Sometimes (though rarely) the following section,
Raw Stack Dump also contains useful clues in its interpreted bytes column.

Another approach to dealing with your symptom would be to assume that it represents
some spyware which used to run benignly under your old version but since your
update, it is now incompatible. Updating with malware present can have the effect
of locking it in so even if it once could have been removed easily it might now be harder
to get rid of. In that case uninstalling the update and then doing a full scan using some
of the techniques which others here advise could be worthwhile.

Good luck

Robert

w2k3sp1, ie6 crash

Guest

Guest

Robert Aldwinckle

Guest

Robert Aldwinckle