On Thu, Jan 12, 2012 at 6:03 PM, Hoover, Jacob <jacob.hoo...@greenheck.com>wrote:
> I would start by digitally signing your burn bundle. The bundle is already signed with a Thawte code signing certificate > Most anti-virus > software provides more leeway to signed executables. If your bundle is > static, then you could also submit it to Trend Micro as a false > positive. Most AV vendors will update their signatures to work around > false positives in a timely manner. > Yes, but our bundle is dynamic as the version of the software changes. > The RunOnce key, from what I read in Rob's response, is written to from > the bundling framework of burn. It is done proactively rather than as > needed. > So isn't that really the issue then ? Either should Trend Micro change there detection mechanism regarding the RunOnce key or the bundling framework of burn should change its default behavior . I have already tried to get in contact to Trend Micro through several channels without luck and have also submitted a request to get access to Reputation Service and Verification Portal (RSVP). Looking in the Trend Micro software there does'nt seem to be a way to turn the "Malware detection feature" > > -----Original Message----- > From: NIkolaj Steensgaard [mailto:n...@panorama9.com] > Sent: Thursday, January 12, 2012 3:37 AM > To: General discussion for Windows Installer XML toolset. > Subject: Re: [WiX-users] Reopen Burn triggers virus checker - ID: > 3431068 > > On 01/12/2012 09:46 AM, Peter Hull wrote: > >> From: r...@robmensching.com > >> We'll need to teach this anti-virus program about Burn. Fortunately > big > >> programs, like Visual Studio, are using Burn and if it kills them I > hope we > >> can muster some change. > > So are you saying we need to raise this as an issue with Trend Micro? > I have been trying to debug this issue to answer that exact question ! > > Is the program that actually writes the registry always the same? (I'm > a bit confused about what the stages are when a burn exe is run, > particularly what the burn engine is and what the burn agent is) > I will explain the issue more detailed to better give insight in what we > > are seeing. > > For about year we have been deploying our software build with the WIX > installer as a MSI package and have not seen this issue. > > To Months ago we created a Bundled version ( exe build with WIX 3.6 ) > that checked for .net 3.51 + Win install 3.1 and > installed if needed before installing our software > > Then we got reports from client's about this issue occurring > > The Bundled version is quite simple and only checks for the above > mentioned software and downloads / installs if needed > > A complete AD with Trend Micro Office Scan were established to reproduce > > the error which we can. > > Some things that we so far have noticed : > > It only seem to occur on Windows XP for some reason. ( this machine > already have the needed .net and Win install so it's not there installer > > that's creates the problem ) > Our Code does not at anytime write or read from the RunOnce key > Also as the previous reporter of this issue ( ID: 3431068 ) > > We will be trying to use SysInternals tools to get a debug of whats > happening when the issue occurs, and post the result here. > > Hope this helps in explaining the issue we are seeing and we are more > that happy to run any test's you suggest !!! > > Nik > > > > > > Pete > > > > > > > ------------------------------------------------------------------------ > ------ > > RSA(R) Conference 2012 > > Mar 27 - Feb 2 > > Save $400 by Jan. 27 > > Register now! > > http://p.sf.net/sfu/rsa-sfdev2dev2 > > _______________________________________________ > > WiX-users mailing list > > WiX-users@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/wix-users > > > ------------------------------------------------------------------------ > ------ > RSA(R) Conference 2012 > Mar 27 - Feb 2 > Save $400 by Jan. 27 > Register now! > http://p.sf.net/sfu/rsa-sfdev2dev2 > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > > > ------------------------------------------------------------------------------ > RSA(R) Conference 2012 > Mar 27 - Feb 2 > Save $400 by Jan. 27 > Register now! > http://p.sf.net/sfu/rsa-sfdev2dev2 > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > -- Best Regards Nikolaj Steensgaard Panorama9 A/S Langebrogade 5 1411 Copenhagen K Phone: +45 7020 3565 Mobile: +45 2124 3040 n...@panorama9.com Panorama9 is an IT management platform that shows you everything you need to know about your assets, IT availability, security vulnerabilities, and non-compliant systems – from a single Dashboard that’s amazingly easy to monitor and interpret. Your organization can cut IT costs through improved uptime and as a cloud-based solution, there is no infrastructure to deploy or manage. For more information - www.panorama9.com ------------------------------------------------------------------------------ RSA(R) Conference 2012 Mar 27 - Feb 2 Save $400 by Jan. 27 Register now! http://p.sf.net/sfu/rsa-sfdev2dev2 _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
