Google Talk - another candidate for testing

Message

crownixx · #1 Post by **crownixx** » Fri Sep 14, 2007 8:39 am

i being trying to jped gtalk when we still in 015
http://www.google.com/talk/

1. I got a directory structure & jpe registry by hooking its installer using default jauntepe runtime.ini. The installer able to run without any crash.
2. i install the gtalk normally in the pc. then try to use the Discover Registry Usage but get an error message. So i had to use information in jpe registry to set up my gtalk jpe runtime ini. if i'm right, i got 34 registry key
3. look into the gtalk jpe registry, i found alot of absolute path pointed to "Program Files\Google\Google Talk". So i use the technique that redllar teach Chris how to handle those type of registry. Below is my jpe runtime ini

In the "Files\ProgramFiles\Google\Google Talk", i have jauntePE_jauntePE.ini contain

Code: Select all

[Registry]
Ini=..\..\..\..\portable.ini

[Filesystem]
Ini=..\..\..\..\portable.ini

At root, i have portable.ini contain

Code: Select all

[Redirection] 
Logging=0 
FlashDisco=1 
IconDisco=1 
ModFrame=1 
RedirMisc=1
MemRegistry=0

[Registry]
Use=1
Ini=.\%appname%_registry.reg

[Filesystem]
Use=1
Ini=.\

[RegistryExclude]
1=*

[RegistryInclude]
1=HKEY_CLASSES_ROOT\gtalk
2=HKEY_CLASSES_ROOT\TypeLib\{7B29C130-826A-4070-BA18-EC01E703D244}
3=HKEY_CLASSES_ROOT\Interface\{7A9D1480-C6A1-11DA-95AB-00E08161165F}
4=HKEY_CLASSES_ROOT\Interface\{74C992C7-BA13-4E6A-A469-B43AE8FD557A}
5=HKEY_CLASSES_ROOT\Interface\{65D12388-C5E9-468C-83B9-60AEA2E658DF}
6=HKEY_CLASSES_ROOT\Interface\{5A9FF74C-53D0-4513-9481-0F61EDEEFFE2}
7=HKEY_CLASSES_ROOT\Interface\{4C9DC108-C73F-11DA-95AB-00E08161165F}
8=HKEY_CLASSES_ROOT\Interface\{4A1527F6-C11F-4131-82BC-FE891D4E3B70}
9=HKEY_CLASSES_ROOT\Interface\{38FDD2C4-9164-4EAF-8C74-24D764FF613E}
10=HKEY_CLASSES_ROOT\Interface\{2C876D28-FB0C-11DA-9804-B622A1EF5492}
11=HKEY_CLASSES_ROOT\CLSID\{82ec66ad-6a51-4aa5-8788-dea156a4580b}
12=HKEY_CLASSES_ROOT\CLSID\{226b64e8-dc75-4eea-a6c8-abcb496320f2}
13=HKEY_CLASSES_ROOT\CLSID\{0507EEDE-3AE7-49C7-BF37-0EB4A62D8638}
14=HKEY_CURRENT_USER\Software\Classes\TypeLib\{7B29C130-826A-4070-BA18-EC01E703D244}
15=HKEY_CURRENT_USER\Software\Classes\Interface\{7a9d1480-c6a1-11da-95ab-00e08161165f}
16=HKEY_CURRENT_USER\Software\Classes\Interface\{65D12388-C5E9-468c-83B9-60AEA2E658DF}
17=HKEY_CURRENT_USER\Software\Classes\Interface\{62d14448-68ff-4c37-a7f2-31105a1be427}
18=HKEY_CURRENT_USER\Software\Classes\Interface\{5A9FF74C-53D0-4513-9481-0F61EDEEFFE2}
19=HKEY_CURRENT_USER\Software\Classes\Interface\{4c9dc108-c73f-11da-95ab-00e08161165f}
20=HKEY_CURRENT_USER\Software\Classes\Interface\{4A1527F6-C11F-4131-82BC-FE891D4E3B70}
21=HKEY_CURRENT_USER\Software\Classes\Interface\{38FDD2C4-9164-4eaf-8C74-24D764FF613E}
22=HKEY_CURRENT_USER\Software\Classes\CLSID\{d33f3ced-d7d5-44f1-a9fe-6927dabb1934}
23=HKEY_CURRENT_USER\Software\Classes\CLSID\{A8F086C3-2497-4229-82FE-586F2D326F95}
24=HKEY_CURRENT_USER\Software\Classes\CLSID\{33b07fd4-5917-43e1-968d-4c79231836bf}
25=HKEY_CURRENT_USER\Software\Classes\CLSID\{0507EEDE-3AE7-49c7-BF37-0EB4A62D8638}
26=HKEY_CURRENT_USER\Software\Google\Google Talk
27=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\UIPlugins\{82ec66ad-6a51-4aa5-8788-dea156a4580b}
28=HKEY_CURRENT_USER\Software\Classes\Interface\{74C992C7-BA13-4E6A-A469-B43AE8FD557A}
29=HKEY_CURRENT_USER\Software\Classes\CLSID\{226b64e8-dc75-4eea-a6c8-abcb496320f2}
30=HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
31=HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{226b64e8-dc75-4eea-a6c8-abcb496320f2}
32=HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{0507EEDE-3AE7-49C7-BF37-0EB4A62D8638}
33=HKEY_CURRENT_USER\Software\Accounts
34=HKEY_CURRENT_USER\Software\Autoupdate

[RegistryIgnore]
1=HKEY_CLASSES_ROOT\gtalk
2=HKEY_CLASSES_ROOT\TypeLib\{7B29C130-826A-4070-BA18-EC01E703D244}
3=HKEY_CLASSES_ROOT\Interface\{7A9D1480-C6A1-11DA-95AB-00E08161165F}
;4,5...same registry as RegistryInclude

[FilesystemExclude]
1=*

[FilesystemInclude]
;username\appdata
1=%26%\Macromedia
;username\localsettings\appdata
2=%28%\Google
;programfiles
3=%38%\Google
;mydocuments
3=%46%
4=%5%

[FilesystemIgnore]
;username\appdata
1=%26%\Macromedia
;username\localsettings\appdata
2=%28%\Google
;programfiles
3=%38%\Google
;mydocuments
3=%46%
4=%5%

[ModuleExclude]

[ModuleInclude]
1=%appname%.exe

[SpecialFolders]
5=Files\Documents
26=Files\AppData
28=Files\AppData
38=Files\ProgramFiles
46=Files\Documents

I think i have set up it properly. Run it under XP and based on my observation, i think jauntepe able to hook all the Filesystem & Registry that i set in my runtime ini. I can log in my gtalk successfully.. BUT the only problem i faced is my jpe gtalk give 100% CPU usage when running.

i use 015, 0160 & 0161 dll and they give the same problem. try to use the log dll but gtalk give an error and wont run. So i dont have any log info to show. What should i do next?

EDIT:
An error when trying to use jauntepelog.dll 0161

A half log of DebugView before the error appear
http://www.geocities.com/crownixx/gtalkerror.zip

redllar · #2 Post by **redllar** » Sun Sep 16, 2007 6:45 pm

First, let me commend you for trying to set this up on your own. I think, however, that the sequence you went through is a bit off. At least it isn't the sequence I would have gone through. I also see a number of errors in the jpe runtime ini that you created. Some are of the typo-variety. Others, like having a [ModuleExclude] section with no entries for it, I can't say whether they're in error or not. It depends upon what you really wanted to do.

Anyway, I always start working with a new app that I want to portablize by using the default distributed jpe runtime ini. I also never install the app unless I absolutely have to. I would have just tried to run the app via jpe and let my use of the app create the .reg and the redirected file system for me. This is what serves as "discovery" so you never need to install the app just to discover what it's doing in the registry and file system. You already have that info in your portable .reg and file system. Only when the app runs fine but is just slow would I begin creating an app-specific jpe runtime ini.

Using this approach I was able to portablize google talk early on last year. I'm pretty sure it was with one of the early versions before PortaPotty became JauntePE.

As far as the log file goes, I'm afraid all I can say is that things seem to be going along fine until the app goes after a "googltalk" value under the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run registry key. Because you don't have this key redirected, the request goes to the system and is returned with a "not found" error. At this point the app begins what looks like a shutdown sequence of itself, but eventually it looks like a system "debug" sequence is started and that is probably what leads to the popup you got.

Here's the sequence in the log that I'm talking about. An initial RegOpenKeyW call is made for the HKLM\...\Run key, which is not found in the .reg and is set up to be "ignored" so a "not found" is returned:

Code: Select all

RegOpenKeyW (hKey=80000002, other=Software\Microsoft\Windows\CurrentVersion\Run)	
    ** caller= ** (other=googletalk.exe)	
    bypass call?  (other=** NO **)	
    OpnIniKeyW: just want to open the key (hKey=80000002, other=Software\Microsoft\Windows\CurrentVersion\Run)	
    IgnoreItW: ignoring (hKey=80000002, other=Software\Microsoft\Windows\CurrentVersion\Run)	
    return code: 2

Then a second RegOpenKeyW call is made for the HKCU\...\Run key, which is "bypassed", i.e., not looked for in the ini, because you have excluded all registry entries except the few you explicitly included, and this key is not one of them, so it is passed directly onto the system for processing so a "okay" is returned since that key exists in the system registry:

Code: Select all

RegOpenKeyW (hKey=80000001, other=Software\Microsoft\Windows\CurrentVersion\Run)	
    ** caller= ** (other=googletalk.exe)	
    bypass call?  (other=** NO **)	
    ByPassItW: bypassing (hKey=80000001, other=Software\Microsoft\Windows\CurrentVersion\Run)	
RegOpenKeyExW (hKey=80000001, other=Software\Microsoft\Windows\CurrentVersion\Run)	
    ** caller= ** (other=advapi32.dll)	
    bypass call?  (other=** NO **)	
    ByPassItW: bypassing (hKey=80000001, other=Software\Microsoft\Windows\CurrentVersion\Run)	
    return code: 0	
    return code: 0

Then a RegQueryValueExW call is made for a "googletalk" value under the HKCU\...\Run key, which again is passed onto the system and is "not found":

Code: Select all

RegQueryValueExW (hKey=00000464, other=googletalk)	
    ** caller= ** (other=googletalk.exe)	
    bypass call?  (other=** NO **)	
    KeyName: IN  (hKey=00000464, other=USER\S-1-5-21-796845957-573735546-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run)	
    KeyName: OUT (hKey=00000464, other=HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run)	
    ByPassItW: bypassing (hKey=00000464, other=)	
    return code: 2

Then the app closes down that key and immediately follows that with a RegDeleteKeyW call to delete the google talk options key, and this begins the sequence of calls that ultimately lead to the app shutdown and debug popup:

Code: Select all

RegCloseKey (hKey=00000464)	
    ** caller= ** (other=googletalk.exe)	
    bypass call?  (other=** NO **)	
    KeyName: IN  (hKey=00000464, other=USER\S-1-5-21-796845957-573735546-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run)	
    KeyName: OUT (hKey=00000464, other=HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run)	
    ByPassItA: bypassing (hKey=00000464, other=)	
    return code: 0	
RegDeleteKeyW (hKey=80000001, other=Software\Google\Google Talk\Options)
    ** caller= ** (other=googletalk.exe)	
    bypass call?  (other=** NO **)	
    DelSect: HKEY_CURRENT_USER\Software\Google\Google Talk\Options	
    return code: 0

crownixx · #3 Post by **crownixx** » Fri Sep 21, 2007 7:19 am

ops, i forgot to reply here..
i have a working gtalk jpe here. i tried it for few days - chat with my friends, transferring file and so far no problem happen
thanks redllar for your advice on the right way to jpe app and teach me how to use debugview..
i have a question
1. the jauntePE_jauntePE.ini [Registry]Ini= is to point to other ini runtime settings, but why in portable.ini, we used it to point [Registry]Ini=.\%appname%_registry.reg and not [Registry]Data=.\%appname%_registry.reg?

Is this the typo mistake that you mention earlier? coz i just pick this setting from chris topic and i start to wonder whats the different between Ini= and Data=

redllar · #4 Post by **redllar** » Mon Sep 24, 2007 7:50 pm

Is this the typo mistake that you mention earlier? coz i just pick this setting from chris topic and i start to wonder whats the different between Ini= and Data=

Yes, that was one of them. Ini= points to a secondary ini. Data= points to the "data," i.e., the redirected registry (the .reg) or file system (the "root" portable directory).

I'll go check my posts in Chris' thread and change any typos I made there. Let me know if you run across anymore please.

As for the other typos I saw in your ini, you had two 3= in both your [FilesystemInclude] and [FilesystemIgnore] sections. You also had a [ModuleInclude] entry but no [ModuleExclude]1=* entry, but maybe that was for testing purposes?

And just as additional info, it's normally not a good idea to exclude all modules except for the main exe, for an app that uses its own COM, OCX, VBX, etc., components, e.g., that has code that needs to be registered in the system registry, which is what most of those HKEY_CLASSES_ROOT registry entries are about. Unless, of course, you've done the proper research and know that only the main app makes the registry api calls to load and access those components. For that reason, you probably want to at least include gtalkwmp1.dll in your module inclusion list. Especially since doing a "dependency view" on it shows that it uses a number of the "modifying" registry apis such as RegCreateKey, RegDeleteKey, and RegSetValue. It also is using WriteFile. And a lot of times you also need to include the ole*.dlls for an app.

I'm working on a way to extend the discovery mode usage so you'll be able to find out this sort of stuff while an app is being redirected, but for now your best bet is to either run the app with the jpe log dll and look at what modules do what to the registry that way, or install and run the app normally in discovery mode to get the proper list of modules. Or if it's not too slow, just run the app with the default jpe runtime ini.

crownixx · #5 Post by **crownixx** » Tue Sep 25, 2007 5:04 am

As for the other typos I saw in your ini, you had two 3= in both your [FilesystemInclude] and [FilesystemIgnore] sections.

i overlook at that. thanks..

I also see a number of errors in the jpe runtime ini that you created. Some are of the typo-variety. Others, like having a
[ModuleExclude] section with no entries for it,

I checked the package JauntePE015corrected2.zip and there are empty section in [RegistryInclude] [RegistryIgnore] [FilesystemExclude][FilesystemInclude] [FilesystemIgnore] [ModuleExclude] [ModuleInclude] in the default jpe runtime ini. I took your advice and comment them out but Is there any effect if we leave the section empty?

You also had a [ModuleInclude] entry but no [ModuleExclude]1=* entry, but maybe that was for testing purposes?

Yes, it was for the testing in my vista, as you already know i still having a problem ModuleExclude in those OS. But lucky me coz you said it is not always a good idea to exclude all modules right. my googletalk can run without having problems. But from the way you asked, is it [ModuleInclude] and [ModuleExclude] must be configure together?

but for now your best bet is to either run the app with the jpe log dll and look at what modules do what to the registry that way, or install and run the app normally in discovery mode to get the proper list of modules. Or if it's not too slow, just run the app with the default jpe runtime ini.

I remember that.thanks.. for know 0163 pretty seems stable. dont have any report from other members yet . i had move forward to try on the "bestfriend" Google Talk, Yahoo Messenger. i experiment it 3 days ago and here's the result that you might interested

1. using the jpe runtime ini in 12steps, try to hook the installer. the installer runs fine at initial but got stuck at the end of final installation. i tried it on 012 - 0163 and they produce the same problem. But the installation finish until end succesfully if i'm using 011

2. if i using setting Data=.\%appname%_registry.reg i will get multiple files of JPE registry upon installation. But if i use Ini=.\%appname%_registry.reg i able to have one JPE registry file

I'll try to do the setup again to see if i able to produce the same problem. Currently my JPEd Yahoo Messenger doesnt want to login..YM also need flash to have it IMvorenment work.Is there a way i can include that too? hurm, one question pop in my head. Is it possible to JPEd application that require Netframework 2.0, or mybe java app?