Results 1 to 2 of 2
2015-09-14, 16:49 #1
- Join Date
- Nov 2013
- Thanked 0 Times in 0 Posts
viewing installation attempts (logs, process explore) - (low-level?) 'driver' install
When an application is installed, or attempted, is there always a log?
are there applications that expose these logs?
I'm trying to get visibility of installation-activity - ie with itunes12, what device drivers are installed
tried nirsoft procxp (and folderchangesview) and have too much noise, and not sure it'll capture the attempted (sandboxed install) driver installation...
systracer reports various registry changes (comparing before/after install snapshots), but can't see anything discernable - re what is being written (in reg, for example) and how it being done - so I might re-attempt it manually using some cmd-fu like regsvr
2015-09-16, 10:36 #2
- Join Date
- Jan 2010
- Fort McMurray, Alberta, Canada
- Thanked 62 Times in 60 Posts
Logs don't always go down to the level of detail you appear to be talking about. Many log entries work on a fairly simple pass/fail idea.
As far as existence reliability, the one set of logs that always exist are the Windows system logs:
Start | Control Panel | Administrative Tools | Computer Management | System Tools | Event Viewer | Windows Logs | Application/Security/Setup/System.
These are logged to with high reliability but the level of detail you seek isn't there. You seek either a trace or a detailed log.
Dedicated installer formats (MSI, some EXEs) will often log in excruciating detail, but it's mainly to allow reliable uninstalls. AFAIK these logs are typically meant for automated processing and human readability is an afterthought. As for where these logs/traces go, I don't actually know. It's always been a bit of a mystery to me.
There are 3rd party uninstallers too, meant to tackle the problem of software installs that were difficult or impossible to remove. Revo, IOBit, Wise, Geek, ... even CCleaner borders on relevance here. However my understanding is that nearly all of these orient towards machine processing (i.e. don't tell me the details, just uninstall what I tell you to). Therefore the readability of their logging systems is uncertain.