Here's what I know so far anout this browser problem from digging through tons of aol7 traces.
Aol registers the WM_HTML_GETOBJECT message, which is usually used to create an IHtmlDocument2 object, but then never uses the message returned from RegisterWindowMessage.
08d10f38:Call kernel32.WideCharToMultiByte(00000000,00000000,70ccb00c L"WM_HTML_GETOBJECT",ffffffff,405b53ac,00000207,00000000,00000000) ret=70bd1cbf 08d10f38:Ret kernel32.WideCharToMultiByte() retval=00000012 ret=70bd1cbf 08d10f38:Call user32.RegisterWindowMessageA(405b53ac "WM_HTML_GETOBJECT") ret=70bd4171 08d10f38:Ret user32.RegisterWindowMessageA() retval=0000c07b ret=70bd4171 08d10f38:RET shlwapi.133: @(70ccb00c) retval = 0000c07b ret=70cca9d3
Also, at one point there are some UnmapNotify messages sent to an unknown window, but I don't know if that's related.
0313-2:warn:event:EVENT_ProcessEvent Got event UnmapNotify for unknown Window 02400030
There's also a call to this undocumented function, but it since I'm using the native dlls, it seems to work fine.
08d10f38:CALL urlmon.11: CoInternetCreateSecurityManager(<unknown, check return>) ret=70c5839f 08d10f38:CALL ole32.75: CoTaskMemAlloc(0000002c) ret=70291e12 08d10f38:Call kernel32.HeapAlloc(40380000,00000000,0000002c) ret=65f014f0 08d10f38:Ret kernel32.HeapAlloc() retval=42cb22e0 ret=65f014f0 08d10f38:RET ole32.75: CoTaskMemAlloc() retval = 42cb22e0 ret=70291e12 08d10f38:Call kernel32.InterlockedIncrement(702e6150) ret=70291e59 08d10f38:Ret kernel32.InterlockedIncrement() retval=00000001 ret=70291e59 08d10f38:CALL shlwapi.658: SHRegOpenUSKeyW(<unknown, check return>) ret=70291f21 08d10f38:Call kernel32.WideCharToMultiByte(00000000,00000000,70291fd4 L"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\",ffffffff,405b319c,00000100,00000000,00000000) ret=70bd55c0 08d10f38:Ret kernel32.WideCharToMultiByte() retval=00000045 ret=70bd55c0 08d10f38:Call kernel32.LocalAlloc(00000040,00000114) ret=70bd530b 08d10f38:Ret kernel32.LocalAlloc() retval=42cb2364 ret=70bd530b 08d10f38:Call kernel32.lstrlenA(42cb2374 "") ret=70bd536b 08d10f38:Ret kernel32.lstrlenA() retval=00000000 ret=70bd536b 08d10f38:Call kernel32.lstrcpynA(42cb2374,405b319c "Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\",000000ff) ret=70bd464a 08d10f38:Ret kernel32.lstrcpynA() retval=42cb2374 ret=70bd464a 08d10f38:CALL advapi32.239: RegOpenKeyExA(80000001,42cb2374,00000000,00020019,42cb2364) ret=70bd53ad 08d10f38:Call kernel32.IsBadWritePtr(42cb2364,00000004) ret=bfe814e2 08d10f38:Ret kernel32.IsBadWritePtr() retval=00000000 ret=bfe814e2 08d10f38:Call kernel32.VxDCall3(00010011) ret=bfe8150a fs=008f eax=80000001 ebx=42cb2364 ecx=40381570 edx=405b2fec esi=80000001 edi=42cb2364 ebp=405b314c esp=405b3138 ds=002b es=002b gs=0000 flags=00003282 08d10f38:Ret kernel32.VxDCall3() retval=00000000 ret=bfe8150a fs=008f eax=00000000 ebx=42cb2364 ecx=40381570 edx=405b2fec esi=80000001 edi=42cb2364 ebp=405b314c esp=405b3144 ds=002b es=002b gs=0000 flags=00003282 08d10f38:RET advapi32.239: RegOpenKeyExA() retval = 00000000 ret=70bd53ad 08d10f38:Call kernel32.lstrcpyA(42cb2374,405b319c "Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\") ret=70bd53bd 08d10f38:Ret kernel32.lstrcpyA() retval=42cb2374 ret=70bd53bd 08d10f38:RET shlwapi.658: SHRegOpenUSKeyW(70291fd4,00020019,00000000,405b32bc,00000000) retval = 00000000 ret=70291f21 08d10f38:Call ntdll.RtlEnterCriticalSection(702e6300) ret=702930c5 08d10f38:Ret ntdll.RtlEnterCriticalSection() retval=00000000 ret=702930c5 08d10f38:Call ntdll.RtlEnterCriticalSection(702e6300) ret=702a1a66 08d10f38:Ret ntdll.RtlEnterCriticalSection() retval=00000000 ret=702a1a66 08d10f38:CALL shlwapi.658: SHRegOpenUSKeyW(702a1adc,00020019,42cb2364,405b323c,00000000) ret=70291f21 08d10f38:Call kernel32.WideCharToMultiByte(00000000,00000000,702a1adc L"Ranges\",ffffffff,405b311c,00000100,00000000,00000000) ret=70bd55c0 08d10f38:Ret kernel32.WideCharToMultiByte() retval=00000008 ret=70bd55c0 08d10f38:Call kernel32.IsBadWritePtr(42cb2364,00000114) ret=70bd5420 08d10f38:Ret kernel32.IsBadWritePtr() retval=00000000 ret=70bd5420 08d10f38:Call kernel32.LocalAlloc(00000040,00000114) ret=70bd530b 08d10f38:Ret kernel32.LocalAlloc() retval=42cb2484 ret=70bd530b 08d10f38:Call kernel32.lstrlenA(42cb2494 "Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\") ret=70bd1aba 08d10f38:Ret kernel32.lstrlenA() retval=00000044 ret=70bd1aba 08d10f38:Call user32.CharPrevA(42cb2494 "Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\",42cb24d8 "") ret=70bd1ad5 08d10f38:Ret user32.CharPrevA() retval=42cb24d7 ret=70bd1ad5 08d10f38:Call kernel32.lstrlenA(42cb2494 "Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\") ret=70bd536b 08d10f38:Ret kernel32.lstrlenA() retval=00000044 ret=70bd536b 08d10f38:Call kernel32.lstrcpynA(42cb24d8,405b311c "Ranges\",000000bb) ret=70bd464a 08d10f38:Ret kernel32.lstrcpynA() retval=42cb24d8 ret=70bd464a 08d10f38:CALL advapi32.239: RegOpenKeyExA(000002e4,405b311c,00000000,00020019,42cb2484) ret=70bd5484 08d10f38:Call kernel32.IsBadWritePtr(42cb2484,00000004) ret=bfe814e2 08d10f38:Ret kernel32.IsBadWritePtr() retval=00000000 ret=bfe814e2 08d10f38:Call kernel32.VxDCall3(00010011) ret=bfe8150a fs=008f eax=00000001 ebx=42cb2484 ecx=40381570 edx=405b2f6c esi=000002e4 edi=42cb2484 ebp=405b30cc esp=405b30b8 ds=002b es=002b gs=0000 flags=00003202 08d10f38:Ret kernel32.VxDCall3() retval=00000000 ret=bfe8150a fs=008f eax=00000000 ebx=42cb2484 ecx=40381570 edx=405b2f6c esi=000002e4 edi=42cb2484 ebp=405b30cc esp=405b30c4 ds=002b es=002b gs=0000 flags=00003202 08d10f38:RET advapi32.239: RegOpenKeyExA() retval = 00000000 ret=70bd5484 08d10f38:RET shlwapi.658: SHRegOpenUSKeyW() retval = 00000000 ret=70291f21 08d10f38:CALL shlwapi.660: SHRegQueryInfoUSKeyW(<unknown, check return>) ret=702bdb74 08d10f38:Call kernel32.IsBadWritePtr(42cb2484,00000114) ret=70bf4637 08d10f38:Ret kernel32.IsBadWritePtr() retval=00000000 ret=70bf4637 08d10f38:CALL advapi32.242: RegQueryInfoKeyA(000002e8,00000000,00000000,00000000,702f03ec,405b32c0,00000000,00000000,00000000,00000000,00000000,00000000) ret=70bf4742 08d10f38:Call kernel32.IsBadWritePtr(702f03ec,00000004) ret=bfe81b09 08d10f38:Ret kernel32.IsBadWritePtr() retval=00000000 ret=bfe81b09 08d10f38:Call kernel32.IsBadWritePtr(405b32c0,00000004) ret=bfe81b28 08d10f38:Ret kernel32.IsBadWritePtr() retval=00000000 ret=bfe81b28 08d10f38:Call kernel32.VxDCall6(0001001d) ret=bfe81c36 fs=008f eax=00000001 ebx=00000000 ecx=40381570 edx=405b3048 esi=00000000 edi=00000000 ebp=405b31ac esp=405b3188 ds=002b es=002b gs=0000 flags=00003202 08d10f38:Ret kernel32.VxDCall6() retval=00000000 ret=bfe81c36 fs=008f eax=00000000 ebx=00000000 ecx=40381570 edx=405b3048 esi=00000000 edi=00000000 ebp=405b31ac esp=405b31a0 ds=002b es=002b gs=0000 flags=00003202 08d10f38:RET advapi32.242: RegQueryInfoKeyA() retval = 00000000 ret=70bf4742 08d10f38:RET shlwapi.660: SHRegQueryInfoUSKeyW(42cb2484,702f03ec,405b32c0,00000000,00000000,00000000) retval = 00000000 ret=702bdb74 08d10f38:Call ntdll.RtlLeaveCriticalSection(702e6300) ret=702a1ac2 08d10f38:Ret ntdll.RtlLeaveCriticalSection() retval=00000000 ret=702a1ac2 08d10f38:CALL shlwapi.639: SHRegCloseUSKey(<unknown, check return>) ret=702919ee 08d10f38:Call kernel32.IsBadWritePtr(42cb2484,00000114) ret=70bd4e19 08d10f38:Ret kernel32.IsBadWritePtr() retval=00000000 ret=70bd4e19 08d10f38:CALL advapi32.216: RegCloseKey(000002e8) ret=70bd4e58 08d10f38:Call kernel32.VxDCall1(00010013) ret=bfe8165f fs=008f eax=00000001 ebx=00000000 ecx=40381570 edx=405b30e0 esi=000002e8 edi=408c0e47 ebp=405b32cc esp=405b3228 ds=002b es=002b gs=0000 flags=00003202 08d10f38:Ret kernel32.VxDCall1() retval=00000000 ret=bfe8165f fs=008f eax=00000000 ebx=00000000 ecx=40381570 edx=405b30e0 esi=000002e8 edi=408c0e47 ebp=405b32cc esp=405b322c ds=002b es=002b gs=0000 flags=00003202 08d10f38:RET advapi32.216: RegCloseKey() retval = 00000000 ret=70bd4e58 08d10f38:Call kernel32.LocalFree(42cb2484) ret=70bd4e6b 08d10f38:Ret kernel32.LocalFree() retval=00000000 ret=70bd4e6b 08d10f38:RET shlwapi.639: SHRegCloseUSKey(42cb2484) retval = 00000000 ret=702919ee 08d10f38:Call ntdll.RtlLeaveCriticalSection(702e6300) ret=702930d5 08d10f38:Ret ntdll.RtlLeaveCriticalSection() retval=00000000 ret=702930d5 08d10f38:RET urlmon.11: CoInternetCreateSecurityManager(00000000,42cb2124,00000000) retval = 00000000 ret=70c5839f
There's also this, which is of interest, but shlwapi.55, which is CreateWindowExW, seems to correctly return a handle to the window requested...
08d10f38:Call kernel32.WideCharToMultiByte(00000000,00000000,405b54f4 L"Internet Explorer_Hidden",ffffffff,405b52a0,00000207,00000000,00000000) ret=70bd1cbf 08d10f38:Ret kernel32.WideCharToMultiByte() retval=00000019 ret=70bd1cbf 08d10f38:Call user32.RegisterClassExA(405b54ac) ret=70bdbf42 08d10f38:Ret user32.RegisterClassExA() retval=0000c07a ret=70bdbf42 08d10f38:RET shlwapi.314: @(405b5574) retval = 0000c07a ret=70cccd4a 08d10f38:CALL shlwapi.55: @(<unknown, check return>) ret=70cc7223 08d10f38:Call user32.CreateWindowExA(00000000,0000c07a,00000000,80000000,00000000,00000000,00000000,00000000,00000000,00000000,70c30000,00000000) ret=70bd3fda 08d10f38:Call x11drv.CreateWindow(0001006f,405b5034,00000000) ret=406fdaa5 08d10f38:Call window proc 0x70c31930 (hwnd=0001006f,msg=WM_NCCREATE,wp=00000000,lp=405b5034) 08d10f38:Call kernel32.VirtualQuery(405b3000,405b4ad0,0000001c) ret=70c31b1e 08d10f38:Ret kernel32.VirtualQuery() retval=0000001c ret=70c31b1e 08d10f38:Call kernel32.VirtualQuery(405b2000,405b4ad0,0000001c) ret=70c31b1e 08d10f38:Ret kernel32.VirtualQuery() retval=0000001c ret=70c31b1e 08d10f38:Call kernel32.VirtualQuery(405b1000,405b4ad0,0000001c) ret=70c31b1e 08d10f38:Ret kernel32.VirtualQuery() retval=0000001c ret=70c31b1e 08d10f38:Call kernel32.VirtualQuery(405b0000,405b4ad0,0000001c) ret=70c31b1e 08d10f38:Ret kernel32.VirtualQuery() retval=0000001c ret=70c31b1e 08d10f38:Call kernel32.VirtualQuery(405af000,405b4ad0,0000001c) ret=70c31b1e
if anyone has any other suggestions, they would be greatly appreciated.
thank you
michael
So, I think I found the problem.
michael cardenas wrote:
08d10f38:Call kernel32.WideCharToMultiByte(00000000,00000000,405b54f4 L"Internet Explorer_Hidden",ffffffff,405b52a0,00000207,00000000,00000000) ret=70bd1cbf 08d10f38:Ret kernel32.WideCharToMultiByte() retval=00000019 ret=70bd1cbf
It seems that WideCharToMultiByte thinks it can't translate _ to the ascii codepage. I'm trying to dig in and fix this now.