And the MSDN docs *recommend* RunOnce as a way to finish application setups. It does seem unfair for an AV product to decide to prevent completion of application setup. InstallShield uses the RunOnce key too, judging from search hits and their content.
Phil W -----Original Message----- From: Rob Mensching [mailto:r...@robmensching.com] Sent: Friday, January 13, 2012 12:48 PM To: General discussion for Windows Installer XML toolset. Subject: Re: [WiX-users] Reopen Burn triggers virus checker - ID: 3431068 Burn is a little different because it is designed to recover from power failures and unexpected reboots. To do that it writes to the RunOnce registry key up front. Other bootstrappers/chainers may not write to RunOnce except when a force reboot is required in the middle of the chain. Then the bootstrapper/chainer must write to RunOnce in order to complete the installation. If something (anti-virus in this case) kills processes writing to RunOnce then those other chainers could end up in a bad state if they didn't save their data before getting killed. Burn won't have that problem since it tries to register with RunOnce before modifying machine state. So, basically, Burn exposes the configuration problem that could leave other chainers in a bad state. Or maybe they would just work okay but you'd have to go figure out why they didn't resume after reboot. On Fri, Jan 13, 2012 at 4:36 AM, Nikolaj Steensgaard <n...@panorama9.com>wrote: > On Fri, Jan 13, 2012 at 7:48 AM, Peter Hull <peterhul...@hotmail.com> > wrote: > > > > > > Date: Thu, 12 Jan 2012 20:56:15 +0100 > > > From: n...@panorama9.com > > > > I would start by digitally signing your burn bundle. > > > > > > > > > The bundle is already signed with a Thawte code signing certificate > > The reported file name looks more like it's the extracted engine than > your > > bundle itself. Have you signed the engine. > > > > I only think we have signed the bundle, so we are working on signing the > engine and retesting to see if it makes a difference. > > > > > Either should Trend Micro change there detection mechanism regarding > the > > > RunOnce key or > > > the bundling framework of burn should change its default behavior . > > >From the Trend docs I saw it seemed to suggest that 'Malware Behaviour > > Monitoring' could be turned off (indeed, terminating programs like this > was > > not the default) and also that signed executables were exempt. So it > maybe > > is a bug in Trend that means it doesn't work as documented? > > > > Maybe, but as this is the default setting for a Trend Micro installation it > is quite a problem. > > The other thing is that other installers (InstallShield) don't seem to do > > this so does anyone understand how InstallShield handles the reboot > issue? > > > > Don't know , but it could be that they don't look in the RunOnce key as > default behavior in their engine and thereby don't have this issue ? > > Pete > > > > > > > ------------------------------------------------------------------------------ > > RSA(R) Conference 2012 > > Mar 27 - Feb 2 > > Save $400 by Jan. 27 > > Register now! > > http://p.sf.net/sfu/rsa-sfdev2dev2 > > _______________________________________________ > > WiX-users mailing list > > WiX-users@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/wix-users > > > > > > -- > Best Regards > Nikolaj Steensgaard > > Panorama9 A/S > Langebrogade 5 > 1411 Copenhagen K > Phone: +45 7020 3565 > Mobile: +45 2124 3040 > n...@panorama9.com > > Panorama9 is an IT management platform that shows you everything you need > to know about your assets, IT availability, security vulnerabilities, and > non-compliant systems – from a single Dashboard that’s amazingly easy to > monitor and interpret. Your organization can cut IT costs through improved > uptime and as a cloud-based solution, there is no infrastructure to deploy > or manage. For more information - www.panorama9.com > > ------------------------------------------------------------------------------ > RSA(R) Conference 2012 > Mar 27 - Feb 2 > Save $400 by Jan. 27 > Register now! > http://p.sf.net/sfu/rsa-sfdev2dev2 > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > -- virtually, Rob Mensching - http://RobMensching.com LLC ------------------------------------------------------------------------------ RSA(R) Conference 2012 Mar 27 - Feb 2 Save $400 by Jan. 27 Register now! http://p.sf.net/sfu/rsa-sfdev2dev2 _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users *** Confidentiality Notice: This e-mail, including any associated or attached files, is intended solely for the individual or entity to which it is addressed. This e-mail is confidential and may well also be legally privileged. If you have received it in error, you are on notice of its status. Please notify the sender immediately by reply e-mail and then delete this message from your system. Please do not copy it or use it for any purposes, or disclose its contents to any other person. This email comes from a division of the Invensys Group, owned by Invensys plc, which is a company registered in England and Wales with its registered office at 3rd Floor, 40 Grosvenor Place, London, SW1X 7AW (Registered number 166023). For a list of European legal entities within the Invensys Group, please go to http://www.invensys.com/en/legal/default.aspx. You may contact Invensys plc on +44 (0)20 3155 1200 or e-mail recept...@invensys.com. This e-mail and any attachments thereto may be subject to the terms of any agreements between Invensys (and/or its subsidiaries and affiliates) and the recipient (and/or its subsidiaries and affiliates). ------------------------------------------------------------------------------ RSA(R) Conference 2012 Mar 27 - Feb 2 Save $400 by Jan. 27 Register now! http://p.sf.net/sfu/rsa-sfdev2dev2 _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
