Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1175
  • Last Modified:

Need help analyzing MSI install log Please.

This computer is windows 7, completely up to date.  I am running into a problem installing Jungle Disk Backup software.  This software was already installed on the computer at some point but somehow got corrupted and can't be installed and there's no way to uninstall.  I keep getting an error that the "installation ended prematurely due to an error" but no specifics from the software. By logging the install  I was able to find the error but not real sure how to fix this.

Please see the log from the installation below and do a "find" for "return value 3".  Right above this line "Action ended 10:11:19: InstallFinalize. Return value 3.", the 3-4 lines above showing an error installing "cbfs.cab" driver is the culprit but everything I've tried isn't working.

I've tried:
- clean boot,
-registerting the cbfs driver which fails because the dll is missing.
-reparing Windows installer but other programs install ok so that's sorta unneccessary
-unregistering/reregistering Windows installer

Thanks for your help in advance.
jd-install.log
0
Vontech615
Asked:
Vontech615
  • 6
  • 4
2 Solutions
 
CSI-Windows_comCommented:
Only the developer of cbfsinst.dll will know what this line means:

"Driver install failed: 8 (C:\Program Files\Jungle Disk Workgroup\cbfs.cab)"

The error 3 coming back from the InstallFinalize generates an overall 1603 - both of which are generic failures in MSI resulting from the DLL setting the entire package to fail.
0
 
Vontech615Author Commented:
So you think I should just contact Jungle Disk support?
0
 
Vontech615Author Commented:
There's got to be a way to rid this computer of this software and reinstall without having to contact Jungle disk and/or rummage through the registry? What about a repair install?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
CSI-Windows_comCommented:
You could monitor the install using Procmon (http://live.sysinternals.com/procmon.exe).  It would reveal simple things like incorrect registry key permissions on the existing service, etc.

I can also read procmon logs and help you out if you do a trace of the installation transaction.

Just keep in mind that it captures a LOT of records - so start capture as late as possible and end it as early as possible.
0
 
Vontech615Author Commented:
Ok.  So, obviously there's something else going on with this system because it's giving me error "unable to load Process Monitor device driver"?  I tried rebooting and re-downloading.  This computer had some malware I cleaned off of it about a week ago and it's possible something in the registry got muckered up.
0
 
Vontech615Author Commented:
Just tried to load TDS Killer and same error message "Can't load driver".
0
 
Vontech615Author Commented:
Just ran TDS Killer anyway and it found about 150 locked files listed as kernel drivers and found file 44e89afd9f486c81.sys as rootkit.win32.necurs.gen.  The locked files look to be legitimate .sys files and after running autoruns it's listing most of the files under services as "file not found".  There are no restore points.  I'm wondering if a complete reinstall is the way to go here.
0
 
CSI-Windows_comCommented:
Hmmm.... Certainly something is wrong at the higher level of being able load drivers - so you know your install package is not a fault.

If you're uncomfortable that the malware was not completely cleaned, I would start there - no sense in diagnosing dynamic driver loading if in the end you'd feel better about reimaging.
0
 
Vontech615Author Commented:
Yeah, I agree.  Plus deleting or quarantining the file TDS Killer finds is causing it to crash on booting.
0
 
CSI-Windows_comCommented:
If you have a confirmed rootkit a reimage or format and reload is definitely the way to go.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now