Symantec Critical System Protection Agent 5.2 Strangeness

Anyone seen this before..

1) Ran the vendor's setup "agent.exe" to extract their own msi and issetup11.msi.
2) Manually run issetup.msi to install script engine (required for app to install)
3) Manually run vendor's msi as usual and run through install as per normal
4) Once MSI install complete it THEN PROCEEDS TO DELETE source MSI and all files in same folder.

#4 can be in ANY local or network directory no matter what and it still deletes everything in it.

I captured the log during this moment and found this:

1: *** IMPORTANT!!! Must reboot machine for Symantec Critical System Protection Agent to work correctly.
1: ***
1: *** Copying log file. args = /C copy "C:\DOCUME~1\EDWINC~1.ADM\LOCALS~1\Temp\SISAgentSetup.log" "C:\Program Files\Symantec\Critical System Protection\Agent\SISAgentSetup.log"
1: *** Successful copying the log file.
1: *** Deleting temp file directory in ...
1: *** Running command: cmd /c rmdir /s /q "C:\DOCUME~1\EDWINC~1.ADM\Desktop\Source\"
1: *** InstallCommitAlways() -> end.

I cannot remotely find in the MSI or Issetup info the rmdir command especially in any custom action. This has stumped alot of us here in the lab so any advice would be MOST appreciated.

0 Comments   [ + ] Show comments

Answers (3)

Posted by: jmcfadyen 13 years ago
5th Degree Black Belt
looks like this is perhaps a commit CA based on the last entry in the log.

find the value of Commit CA's

msidbCustomActionTypeInScript + msidbCustomActionTypeRollback

Hexadecimal: 0x00000400 + 0x00000100
Decimal: 1280
Queues for execution at scheduled point within script. Executes only upon an installation rollback. This flag designates that this is a rollback custom action.

msidbCustomActionTypeInScript + msidbCustomActionTypeCommit

Hexadecimal: 0x00000400 + 0x00000200
Decimal: 1536
Queues for execution at scheduled point within script. Executes only upon install commit. This flag designates that this is a commit custom action.

see if you can locate the CA by finding a Type value that contains one of these.

i like it, nice touch I thought Symantec engineers would know better. They seem to be quite aware of general windows installer packaging techniques this is rather odd from them.
Posted by: anonymous_9363 13 years ago
Red Belt
Manually run issetup.msi to install script engine (required for app to install) I don't doubt that this is true for this app but it's not always required. Unless the Custom Actions actually do something, they're dead weight. We have a ton of IS-based MSIs at my current client in which we have conditioned-out the IS Custom Actions, to no ill effect. Junk like ISForceReboot, DisplayError MSIServerStartup...Holy cow...
Posted by: thudo 13 years ago
Senior Yellow Belt
No such CA Commit values like "0x00000400" or "0x00000100" or "1280" exist.

Yes I agree this is quite a brainfart on the part of Symantec to allow the actual source to be purged instead of just purging the \local settings\temp\<msi cache>. Really stumped on this one as the work initially looked like a few mins instead its turned into a fiacso.

And yes Isscript11 is specifically required by this vendor MSI otherwise it won't install. Its quite locked down. :(
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login


This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ