Defender for Identity sensor install failing - error code 0x80070643

%3CLINGO-SUB%20id%3D%22lingo-sub-2735650%22%20slang%3D%22en-US%22%3EDefender%20for%20Identity%20sensor%20install%20failing%20-%20error%20code%200x80070643%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2735650%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%202%20Active%20Directory%2C%20it's%20running%20Windows%20server%202019%20(1809)%2C%20no%20proxy%2C%20no%20core.%20i%20try%20to%20install%20the%20Defender%20for%20Identity%20sensor%20on%20a%20DC%2C%20setup%20wizard%20is%20running%20until%20a%20point.%20Then%20setup%20fails%20with%200x80070643%20and%20do%20a%20rollback.%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22DatTran_0-1631180794865.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F309205iE2377784F8F9F402%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22DatTran_0-1631180794865.png%22%20alt%3D%22DatTran_0-1631180794865.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMsiPackage.log%20file%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3D%3D%3D%20Verbose%20logging%20started%3A%2008%2F09%2F2021%2023%3A27%3A58%20Build%20type%3A%20SHIP%20UNICODE%205.00.10011.00%20Calling%20process%3A%20C%3A%5CWindows%5CTemp%5C%7BB8D83596-2A70-4F3C-8FB8-792FB318C6C2%7D%5C.be%5CAzure%20ATP%20Sensor%20Setup.exe%20%3D%3D%3D%3CBR%20%2F%3EMSI%20(c)%20(60%3A50)%20%5B23%3A27%3A58%3A654%5D%3A%20Resetting%20cached%20policy%20values%3CBR%20%2F%3EMSI%20(c)%20(60%3A50)%20%5B23%3A27%3A58%3A654%5D%3A%20Machine%20policy%20value%20'Debug'%20is%200%3CBR%20%2F%3EMSI%20(c)%20(60%3A50)%20%5B23%3A27%3A58%3A654%5D%3A%20*******%20RunEngine%3A%3CBR%20%2F%3E*******%20Product%3A%20C%3A%5CProgramData%5CPackage%20Cache%5C%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7Dv2.0.0.0%5CMicrosoft.Tri.Sensor.Deployment.Package.msi%3CBR%20%2F%3E*******%20Action%3A%3CBR%20%2F%3E*******%20CommandLine%3A%20**********%3CBR%20%2F%3EMSI%20(c)%20(60%3A50)%20%5B23%3A27%3A58%3A670%5D%3A%20Client-side%20and%20UI%20is%20none%20or%20basic%3A%20Running%20entire%20install%20on%20the%20server.%3CBR%20%2F%3EMSI%20(c)%20(60%3A50)%20%5B23%3A27%3A58%3A670%5D%3A%20Grabbed%20execution%20mutex.%3CBR%20%2F%3EMSI%20(c)%20(60%3A50)%20%5B23%3A27%3A58%3A701%5D%3A%20Cloaking%20enabled.%3CBR%20%2F%3EMSI%20(c)%20(60%3A50)%20%5B23%3A27%3A58%3A701%5D%3A%20Attempting%20to%20enable%20all%20disabled%20privileges%20before%20calling%20Install%20on%20Server%3CBR%20%2F%3EMSI%20(c)%20(60%3A50)%20%5B23%3A27%3A58%3A707%5D%3A%20Incrementing%20counter%20to%20disable%20shutdown.%20Counter%20after%20increment%3A%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A40)%20%5B23%3A27%3A58%3A707%5D%3A%20Running%20installation%20inside%20multi-package%20transaction%20C%3A%5CProgramData%5CPackage%20Cache%5C%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7Dv2.0.0.0%5CMicrosoft.Tri.Sensor.Deployment.Package.msi%3CBR%20%2F%3EMSI%20(s)%20(94%3A40)%20%5B23%3A27%3A58%3A707%5D%3A%20Grabbed%20execution%20mutex.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A707%5D%3A%20Resetting%20cached%20policy%20values%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A707%5D%3A%20Machine%20policy%20value%20'Debug'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A707%5D%3A%20*******%20RunEngine%3A%3CBR%20%2F%3E*******%20Product%3A%20C%3A%5CProgramData%5CPackage%20Cache%5C%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7Dv2.0.0.0%5CMicrosoft.Tri.Sensor.Deployment.Package.msi%3CBR%20%2F%3E*******%20Action%3A%3CBR%20%2F%3E*******%20CommandLine%3A%20**********%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A707%5D%3A%20Machine%20policy%20value%20'DisableUserInstalls'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A707%5D%3A%20Note%3A%201%3A%202203%202%3A%20C%3A%5CWindows%5CInstaller%5Cinprogressinstallinfo.ipi%203%3A%20-2147287038%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A723%5D%3A%20SRSetRestorePoint%20skipped%20for%20this%20transaction.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A723%5D%3A%20File%20will%20have%20security%20applied%20from%20OpCode.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A739%5D%3A%20SOFTWARE%20RESTRICTION%20POLICY%3A%20Verifying%20package%20--%26gt%3B%20'C%3A%5CProgramData%5CPackage%20Cache%5C%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7Dv2.0.0.0%5CMicrosoft.Tri.Sensor.Deployment.Package.msi'%20against%20software%20restriction%20policy%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A739%5D%3A%20SOFTWARE%20RESTRICTION%20POLICY%3A%20C%3A%5CProgramData%5CPackage%20Cache%5C%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7Dv2.0.0.0%5CMicrosoft.Tri.Sensor.Deployment.Package.msi%20has%20a%20digital%20signature%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20SOFTWARE%20RESTRICTION%20POLICY%3A%20C%3A%5CProgramData%5CPackage%20Cache%5C%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7Dv2.0.0.0%5CMicrosoft.Tri.Sensor.Deployment.Package.msi%20is%20permitted%20to%20run%20at%20the%20'unrestricted'%20authorization%20level.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20MSCOREE%20not%20loaded%20loading%20copy%20from%20system32%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20End%20dialog%20not%20enabled%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20Original%20package%20%3D%3D%26gt%3B%20C%3A%5CProgramData%5CPackage%20Cache%5C%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7Dv2.0.0.0%5CMicrosoft.Tri.Sensor.Deployment.Package.msi%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20Package%20we're%20running%20from%20%3D%3D%26gt%3B%20C%3A%5CWindows%5CInstaller%5C901521.msi%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20APPCOMPAT%3A%20Compatibility%20mode%20property%20overrides%20found.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20APPCOMPAT%3A%20looking%20for%20appcompat%20database%20entry%20with%20ProductCode%20'%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7D'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20APPCOMPAT%3A%20no%20matching%20ProductCode%20found%20in%20database.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20Machine%20policy%20value%20'TransformsSecure'%20is%201%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20Note%3A%201%3A%202262%202%3A%20File%203%3A%20-2147287038%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20MsiFileHash%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20Machine%20policy%20value%20'DisablePatch'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20Machine%20policy%20value%20'AllowLockdownPatch'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20Machine%20policy%20value%20'DisableLUAPatching'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20Machine%20policy%20value%20'DisableFlyWeightPatching'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A823%5D%3A%20APPCOMPAT%3A%20looking%20for%20appcompat%20database%20entry%20with%20ProductCode%20'%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7D'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20APPCOMPAT%3A%20no%20matching%20ProductCode%20found%20in%20database.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Transforms%20are%20not%20secure.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Control%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20MsiLogFileLocation%20property.%20Its%20value%20is%20'C%3A%5CUsers%5CADMINI~1.GRE%5CAppData%5CLocal%5CTemp%5CAzure%20Advanced%20Threat%20Protection%20Sensor_20210908232740_000_MsiPackage.log'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Command%20Line%3A%20ARPSYSTEMCOMPONENT%3D1%20MSIFASTINSTALL%3D7%20ACCESSKEY%3D**********%20InstallationPath%3DC%3A%5CProgram%20Files%5CAzure%20Advanced%20Threat%20Protection%20Sensor%20InstalledVersion%3D%20PROXYCONFIGURATION%3D**********%20WixBundleOriginalSourceFolder%3DC%3A%5CAzure%20ATP%20Sensor%20Setup%5C%20REBOOT%3DReallySuppress%20CURRENTDIRECTORY%3DC%3A%5CAzure%20ATP%20Sensor%20Setup%20CLIENTUILEVEL%3D3%20MSICLIENTUSESEXTERNALUI%3D1%20CLIENTPROCESSID%3D12640%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20PackageCode%20property.%20Its%20value%20is%20'%7B6F8A7B28-5262-426D-A9E7-47443E6A6B39%7D'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Product%20Code%20passed%20to%20Engine.Initialize%3A%20''%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Product%20Code%20from%20property%20table%20before%20transforms%3A%20'%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7D'%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Product%20Code%20from%20property%20table%20after%20transforms%3A%20'%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7D'%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Product%20not%20registered%3A%20beginning%20first-time%20install%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Product%20%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7D%20is%20not%20managed.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20MSI_LUA%3A%20Credential%20prompt%20not%20required%2C%20user%20is%20an%20admin%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20ProductState%20property.%20Its%20value%20is%20'-1'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Entering%20CMsiConfigurationManager%3A%3ASetLastUsedSource.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20User%20policy%20value%20'SearchOrder'%20is%20'nmu'%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Adding%20new%20sources%20is%20allowed.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20PackagecodeChanging%20property.%20Its%20value%20is%20'1'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Package%20name%20extracted%20from%20package%20path%3A%20'Microsoft.Tri.Sensor.Deployment.Package.msi'%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Package%20to%20be%20registered%3A%20'Microsoft.Tri.Sensor.Deployment.Package.msi'%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Error%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Note%3A%201%3A%202262%202%3A%20AdminProperties%203%3A%20-2147287038%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Machine%20policy%20value%20'DisableMsi'%20is%201%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Machine%20policy%20value%20'AlwaysInstallElevated'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20User%20policy%20value%20'AlwaysInstallElevated'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Product%20installation%20will%20be%20elevated%20because%20user%20is%20admin%20and%20product%20is%20being%20installed%20per-machine.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Running%20product%20'%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7D'%20with%20elevated%20privileges%3A%20Product%20is%20assigned.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20ARPSYSTEMCOMPONENT%20property.%20Its%20value%20is%20'1'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20MSIFASTINSTALL%20property.%20Its%20value%20is%20'7'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20ACCESSKEY%20property.%20Its%20value%20is%20'**********'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20INSTALLATIONPATH%20property.%20Its%20value%20is%20'C%3A%5CProgram%20Files%5CAzure%20Advanced%20Threat%20Protection%20Sensor'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20WIXBUNDLEORIGINALSOURCEFOLDER%20property.%20Its%20value%20is%20'C%3A%5CAzure%20ATP%20Sensor%20Setup%5C'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20REBOOT%20property.%20Its%20value%20is%20'ReallySuppress'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20CURRENTDIRECTORY%20property.%20Its%20value%20is%20'C%3A%5CAzure%20ATP%20Sensor%20Setup'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20CLIENTUILEVEL%20property.%20Its%20value%20is%20'3'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20MSICLIENTUSESEXTERNALUI%20property.%20Its%20value%20is%20'1'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20CLIENTPROCESSID%20property.%20Its%20value%20is%20'12640'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20Machine%20policy%20value%20'DisableAutomaticApplicationShutdown'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20MsiRestartManagerSessionKey%20property.%20Its%20value%20is%20'6c5de35935e7d644830a241ae0bf7f8c'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20RESTART%20MANAGER%3A%20Session%20opened.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20MsiSystemRebootPending%20property.%20Its%20value%20is%20'1'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20TRANSFORMS%20property%20is%20now%3A%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20VersionDatabase%20property.%20Its%20value%20is%20'500'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CFavorites%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5CMicrosoft%5CWindows%5CNetwork%20Shortcuts%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CDocuments%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5CMicrosoft%5CWindows%5CPrinter%20Shortcuts%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5CMicrosoft%5CWindows%5CRecent%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5CMicrosoft%5CWindows%5CSendTo%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5CMicrosoft%5CWindows%5CTemplates%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CProgramData%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CLocal%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A839%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CPictures%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CProgramData%5CMicrosoft%5CWindows%5CStart%20Menu%5CPrograms%5CAdministrative%20Tools%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CProgramData%5CMicrosoft%5CWindows%5CStart%20Menu%5CPrograms%5CStartup%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CProgramData%5CMicrosoft%5CWindows%5CStart%20Menu%5CPrograms%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CProgramData%5CMicrosoft%5CWindows%5CStart%20Menu%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5CPublic%5CDesktop%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5CMicrosoft%5CWindows%5CStart%20Menu%5CPrograms%5CAdministrative%20Tools%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5CMicrosoft%5CWindows%5CStart%20Menu%5CPrograms%5CStartup%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5CMicrosoft%5CWindows%5CStart%20Menu%5CPrograms%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5CMicrosoft%5CWindows%5CStart%20Menu%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CUsers%5Cadministrator.xxx%5CDesktop%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CProgramData%5CMicrosoft%5CWindows%5CTemplates%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20SHELL32%3A%3ASHGetFolderPath%20returned%3A%20C%3A%5CWindows%5CFonts%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20Note%3A%201%3A%202898%202%3A%20MS%20Sans%20Serif%203%3A%20MS%20Sans%20Serif%204%3A%200%205%3A%2016%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20MSI_LUA%3A%20Setting%20MsiRunningElevated%20property%20to%201%20because%20the%20install%20is%20already%20running%20elevated.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20MsiRunningElevated%20property.%20Its%20value%20is%20'1'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20Privileged%20property.%20Its%20value%20is%20'1'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20Note%3A%201%3A%201402%202%3A%20HKEY_CURRENT_USER%5CSoftware%5CMicrosoft%5CMS%20Setup%20(ACME)%5CUser%20Info%203%3A%202%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20USERNAME%20property.%20Its%20value%20is%20'Administrator'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20Note%3A%201%3A%201402%202%3A%20HKEY_CURRENT_USER%5CSoftware%5CMicrosoft%5CMS%20Setup%20(ACME)%5CUser%20Info%203%3A%202%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20COMPANYNAME%20property.%20Its%20value%20is%20'N%2FA'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20DATABASE%20property.%20Its%20value%20is%20'C%3A%5CWindows%5CInstaller%5C901521.msi'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20OriginalDatabase%20property.%20Its%20value%20is%20'C%3A%5CProgramData%5CPackage%20Cache%5C%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7Dv2.0.0.0%5CMicrosoft.Tri.Sensor.Deployment.Package.msi'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20Machine%20policy%20value%20'MsiDisableEmbeddedUI'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20EEUI%20-%20Disabling%20MsiEmbeddedUI%20due%20to%20existing%20external%20or%20embedded%20UI%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A855%5D%3A%20EEUI%20-%20Disabling%20MsiEmbeddedUI%20for%20service%20because%20it's%20not%20a%20quiet%2Fbasic%20install%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20PatchPackage%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Machine%20policy%20value%20'DisableRollback'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20User%20policy%20value%20'DisableRollback'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20UILevel%20property.%20Its%20value%20is%20'2'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20MsiUISourceResOnly%20property.%20Its%20value%20is%20'1'.%3CBR%20%2F%3E%3D%3D%3D%20Logging%20started%3A%2008%2F09%2F2021%2023%3A27%3A58%20%3D%3D%3D%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202203%202%3A%20C%3A%5CWindows%5CInstaller%5Cinprogressinstallinfo.ipi%203%3A%20-2147287038%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20APPCOMPAT%3A%20%5BDetectVersionLaunchCondition%5D%20Launch%20condition%20already%20passes.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20ACTION%20property.%20Its%20value%20is%20'INSTALL'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Doing%20action%3A%20INSTALL%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20ActionText%3CBR%20%2F%3EAction%20start%2023%3A27%3A58%3A%20INSTALL.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Running%20ExecuteSequence%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Doing%20action%3A%20FindRelatedProducts%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20ActionText%3CBR%20%2F%3EAction%20start%2023%3A27%3A58%3A%20FindRelatedProducts.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Doing%20action%3A%20LaunchConditions%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20ActionText%3CBR%20%2F%3EAction%20ended%2023%3A27%3A58%3A%20FindRelatedProducts.%20Return%20value%201.%3CBR%20%2F%3EAction%20start%2023%3A27%3A58%3A%20LaunchConditions.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Doing%20action%3A%20ValidateProductID%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20ActionText%3CBR%20%2F%3EAction%20ended%2023%3A27%3A58%3A%20LaunchConditions.%20Return%20value%201.%3CBR%20%2F%3EAction%20start%2023%3A27%3A58%3A%20ValidateProductID.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Doing%20action%3A%20CostInitialize%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20ActionText%3CBR%20%2F%3EAction%20ended%2023%3A27%3A58%3A%20ValidateProductID.%20Return%20value%201.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Machine%20policy%20value%20'MaxPatchCacheSize'%20is%2010%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20ROOTDRIVE%20property.%20Its%20value%20is%20'C%3A%5C'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20CostingComplete%20property.%20Its%20value%20is%20'0'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Patch%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20PatchPackage%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20MsiPatchHeaders%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20__MsiPatchFileList%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20PatchPackage%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202228%202%3A%203%3A%20PatchPackage%204%3A%20SELECT%20%60DiskId%60%2C%20%60PatchId%60%2C%20%60LastSequence%60%20FROM%20%60Media%60%2C%20%60PatchPackage%60%20WHERE%20%60Media%60.%60DiskId%60%3D%60PatchPackage%60.%60Media_%60%20ORDER%20BY%20%60DiskId%60%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Patch%3CBR%20%2F%3EAction%20start%2023%3A27%3A58%3A%20CostInitialize.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Doing%20action%3A%20FileCost%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20ActionText%3CBR%20%2F%3EAction%20ended%2023%3A27%3A58%3A%20CostInitialize.%20Return%20value%201.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20MsiAssembly%3CBR%20%2F%3EAction%20start%2023%3A27%3A58%3A%20FileCost.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Doing%20action%3A%20CostFinalize%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20ActionText%3CBR%20%2F%3EAction%20ended%2023%3A27%3A58%3A%20FileCost.%20Return%20value%201.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20OutOfDiskSpace%20property.%20Its%20value%20is%20'0'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20OutOfNoRbDiskSpace%20property.%20Its%20value%20is%20'0'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20PrimaryVolumeSpaceAvailable%20property.%20Its%20value%20is%20'0'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20PrimaryVolumeSpaceRequired%20property.%20Its%20value%20is%20'0'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20PrimaryVolumeSpaceRemaining%20property.%20Its%20value%20is%20'0'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Patch%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Condition%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20TARGETDIR%20property.%20Its%20value%20is%20'C%3A%5C'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Target%20path%20resolution%20complete.%20Dumping%20Directory%20table...%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%20target%20paths%20subject%20to%20change%20(via%20custom%20actions%20or%20browsing)%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Dir%20(target)%3A%20Key%3A%20TARGETDIR%20%2C%20Object%3A%20C%3A%5C%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20PROPERTY%20CHANGE%3A%20Adding%20INSTALLLEVEL%20property.%20Its%20value%20is%20'1'.%3CBR%20%2F%3EAction%20start%2023%3A27%3A58%3A%20CostFinalize.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Doing%20action%3A%20MigrateFeatureStates%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A870%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20ActionText%3CBR%20%2F%3EAction%20ended%2023%3A27%3A58%3A%20CostFinalize.%20Return%20value%201.%3CBR%20%2F%3EAction%20start%2023%3A27%3A58%3A%20MigrateFeatureStates.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Doing%20action%3A%20InstallValidate%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20ActionText%3CBR%20%2F%3EAction%20ended%2023%3A27%3A58%3A%20MigrateFeatureStates.%20Return%20value%200.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20PROPERTY%20CHANGE%3A%20Deleting%20MsiRestartManagerSessionKey%20property.%20Its%20current%20value%20is%20'6c5de35935e7d644830a241ae0bf7f8c'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Dialog%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Feature%3A%20ProductFeature%3B%20Installed%3A%20Absent%3B%20Request%3A%20Local%3B%20Action%3A%20Local%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Component%3A%20ProductComponent%3B%20Installed%3A%20Absent%3B%20Request%3A%20Local%3B%20Action%3A%20Local%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Registry%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20BindImage%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20ProgId%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20PublishComponent%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20SelfReg%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Extension%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Font%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Shortcut%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Class%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Icon%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20TypeLib%3CBR%20%2F%3EAction%20start%2023%3A27%3A58%3A%20InstallValidate.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20MsiAssembly%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202228%202%3A%203%3A%20MsiAssembly%204%3A%20SELECT%20%60MsiAssembly%60.%60Attributes%60%2C%20%60MsiAssembly%60.%60File_Application%60%2C%20%60MsiAssembly%60.%60File_Manifest%60%2C%20%60Component%60.%60KeyPath%60%20FROM%20%60MsiAssembly%60%2C%20%60Component%60%20WHERE%20%60MsiAssembly%60.%60Component_%60%20%3D%20%60Component%60.%60Component%60%20AND%20%60MsiAssembly%60.%60Component_%60%20%3D%20%3F%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20PROPERTY%20CHANGE%3A%20Modifying%20CostingComplete%20property.%20Its%20current%20value%20is%20'0'.%20Its%20new%20value%3A%20'1'.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Registry%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20BindImage%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20ProgId%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20PublishComponent%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20SelfReg%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Extension%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Font%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Shortcut%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Class%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Icon%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20TypeLib%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202727%202%3A%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20FilesInUse%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202727%202%3A%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Doing%20action%3A%20InstallInitialize%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20ActionText%3CBR%20%2F%3EAction%20ended%2023%3A27%3A58%3A%20InstallValidate.%20Return%20value%201.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Machine%20policy%20value%20'AlwaysInstallElevated'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20User%20policy%20value%20'AlwaysInstallElevated'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20BeginTransaction%3A%20Locking%20Server%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202203%202%3A%20C%3A%5CWindows%5CInstaller%5Cinprogressinstallinfo.ipi%203%3A%20-2147287038%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20SRSetRestorePoint%20skipped%20for%20this%20transaction.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Note%3A%201%3A%202203%202%3A%20C%3A%5CWindows%5CInstaller%5Cinprogressinstallinfo.ipi%203%3A%20-2147287038%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A886%5D%3A%20Server%20not%20locked%3A%20locking%20for%20product%20%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7D%3CBR%20%2F%3EAction%20start%2023%3A27%3A58%3A%20InstallInitialize.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A902%5D%3A%20Doing%20action%3A%20InstallCustomAction%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A27%3A58%3A902%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20ActionText%3CBR%20%2F%3EAction%20ended%2023%3A27%3A58%3A%20InstallInitialize.%20Return%20value%201.%3CBR%20%2F%3EMSI%20(s)%20(94%3A40)%20%5B23%3A27%3A58%3A908%5D%3A%20Invoking%20remote%20custom%20action.%20DLL%3A%20C%3A%5CWindows%5CInstaller%5CMSI15CD.tmp%2C%20Entrypoint%3A%20Install%3CBR%20%2F%3EMSI%20(s)%20(94%3A6C)%20%5B23%3A27%3A58%3A908%5D%3A%20Generating%20random%20cookie.%3CBR%20%2F%3EMSI%20(s)%20(94%3A6C)%20%5B23%3A27%3A58%3A908%5D%3A%20Created%20Custom%20Action%20Server%20with%20PID%2012504%20(0x30D8).%3CBR%20%2F%3EMSI%20(s)%20(94%3A90)%20%5B23%3A27%3A58%3A924%5D%3A%20Running%20as%20a%20service.%3CBR%20%2F%3EMSI%20(s)%20(94%3AE8)%20%5B23%3A27%3A58%3A939%5D%3A%20Hello%2C%20I'm%20your%2064bit%20Impersonated%20custom%20action%20server.%3CBR%20%2F%3EAction%20start%2023%3A27%3A58%3A%20InstallCustomAction.%3CBR%20%2F%3ESFXCA%3A%20Extracting%20custom%20action%20to%20temporary%20directory%3A%20C%3A%5CWindows%5CInstaller%5CMSI15CD.tmp-%5C%3CBR%20%2F%3ESFXCA%3A%20Binding%20to%20CLR%20version%20v4.0.30319%3CBR%20%2F%3ECalling%20custom%20action%20Microsoft.Tri.Sensor.Deployment.Package.Actions!Microsoft.Tri.Sensor.Deployment.Package.Actions.CustomActions.Install%3CBR%20%2F%3E2021-09-08%2016%3A28%3A00.2746%20Debug%20CustomActions%20RunActionGroup%20InstallActionGroup%20started%3CBR%20%2F%3E2021-09-08%2016%3A28%3A00.2902%20Debug%20InstallActionGroup%20Apply%20started%3CBR%20%2F%3E2021-09-08%2016%3A28%3A00.2902%20Debug%20CreateDirectoryDeploymentAction%20Apply%20started%20%5BsuppressFailure%3DFalse%5D%3CBR%20%2F%3E2021-09-08%2016%3A28%3A00.2902%20Debug%20CreateDirectoryDeploymentAction%20Apply%20finished%3CBR%20%2F%3E2021-09-08%2016%3A28%3A00.2902%20Debug%20DownloadMinorDeploymentPackageBytesAction%20Apply%20started%20%5BsuppressFailure%3DFalse%5D%3CBR%20%2F%3E2021-09-08%2016%3A28%3A05.0977%20Debug%20DownloadMinorDeploymentPackageBytesAction%20Apply%20finished%3CBR%20%2F%3E2021-09-08%2016%3A28%3A05.0977%20Debug%20UnpackDeploymentPackageBytesAction%20Apply%20started%20%5BsuppressFailure%3DFalse%5D%3CBR%20%2F%3E2021-09-08%2016%3A28%3A05.9688%20Debug%20UnpackDeploymentPackageBytesAction%20Apply%20finished%3CBR%20%2F%3E2021-09-08%2016%3A28%3A05.9688%20Debug%20RunDeployerMajorDeploymentAction%20Apply%20started%20%5BsuppressFailure%3DFalse%5D%3CBR%20%2F%3E2021-09-08%2016%3A28%3A05.9844%20Info%20RunDeployerMajorDeploymentAction%20ApplyInternal%20started%20%5BfilePath%3DETAPZ0LIXJS3Ig8prJ1PFA%3D%3D%20_arguments%3DW99%2Fxxf9VqhqIKYVgAACqA%3D%3D%5D%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.6428%20Info%20RunDeployerMajorDeploymentAction%20ApplyInternal%20finished%20%5BisSuccessful%3DFalse%5D%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.6428%20Debug%20InstallActionGroup%20Revert%20started%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.6428%20Warn%20InstallActionGroup%20Revert%20reverting%20%5BrollbackAction%3DUnpackDeploymentPackageBytesAction%20index%3D0%20count%3D3%5D%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.6585%20Debug%20UnpackDeploymentPackageBytesAction%20Revert%20started%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.6897%20Debug%20UnpackDeploymentPackageBytesAction%20Revert%20finished%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.6897%20Warn%20InstallActionGroup%20Revert%20reverting%20%5BrollbackAction%3DDownloadMinorDeploymentPackageBytesAction%20index%3D1%20count%3D3%5D%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.7054%20Debug%20DownloadMinorDeploymentPackageBytesAction%20Revert%20started%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.7054%20Debug%20DownloadMinorDeploymentPackageBytesAction%20Revert%20finished%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.7054%20Warn%20InstallActionGroup%20Revert%20reverting%20%5BrollbackAction%3DCreateDirectoryDeploymentAction%20index%3D2%20count%3D3%5D%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.7054%20Debug%20CreateDirectoryDeploymentAction%20Revert%20started%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.7054%20Debug%20CreateDirectoryDeploymentAction%20Revert%20finished%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.7054%20Debug%20InstallActionGroup%20Revert%20finished%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.7431%20Error%20DeploymentAction%20Failed%20to%20apply%20InstallActionGroup%3CBR%20%2F%3EMicrosoft.Tri.Infrastructure.ExtendedException%3A%20Apply%20failed%20%5BType%3DRunDeployerMajorDeploymentAction%5D%3CBR%20%2F%3Eat%20void%20Microsoft.Tri.Sensor.Common.DeploymentAction.Apply(bool%20suppressFailure)%3CBR%20%2F%3Eat%20void%20Microsoft.Tri.Sensor.Common.DeploymentActionGroup.Apply(bool%20suppressFailure)%3CBR%20%2F%3Eat%20ActionResult%20Microsoft.Tri.Sensor.Deployment.Package.Actions.CustomActions.RunActionGroup(DeploymentActionGroup%20deploymentActionGroup%2C%20Session%20session)%3CBR%20%2F%3E2021-09-08%2016%3A28%3A07.7431%20Debug%20CustomActions%20RunActionGroup%20InstallActionGroup%20finished%20%5Bresult%3DFailure%5D%3CBR%20%2F%3ECustomAction%20InstallCustomAction%20returned%20actual%20error%20code%201603%20(note%20this%20may%20not%20be%20100%25%20accurate%20if%20translation%20happened%20inside%20sandbox)%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A821%5D%3A%20Note%3A%201%3A%202265%202%3A%203%3A%20-2147287035%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A821%5D%3A%20Machine%20policy%20value%20'DisableRollback'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A821%5D%3A%20Note%3A%201%3A%201402%202%3A%20HKEY_LOCAL_MACHINE%5CSoftware%5CMicrosoft%5CWindows%5CCurrentVersion%5CInstaller%5CRollback%5CScripts%203%3A%202%3CBR%20%2F%3EAction%20ended%2023%3A28%3A07%3A%20InstallCustomAction.%20Return%20value%203.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A821%5D%3A%20Note%3A%201%3A%201402%202%3A%20HKEY_LOCAL_MACHINE%5CSoftware%5CMicrosoft%5CWindows%5CCurrentVersion%5CInstaller%5CRollback%5CScripts%203%3A%202%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A821%5D%3A%20No%20System%20Restore%20sequence%20number%20for%20this%20installation.%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A821%5D%3A%20Unlocking%20Server%3CBR%20%2F%3EAction%20ended%2023%3A28%3A07%3A%20INSTALL.%20Return%20value%203.%3CBR%20%2F%3EProperty(S)%3A%20UpgradeCode%20%3D%20%7BEDFB49E0-16FA-4535-B268-BD1B81B15DC2%7D%3CBR%20%2F%3EProperty(S)%3A%20TARGETDIR%20%3D%20C%3A%5C%3CBR%20%2F%3EProperty(S)%3A%20ALLUSERS%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20Manufacturer%20%3D%20Microsoft%20Corporation%3CBR%20%2F%3EProperty(S)%3A%20ProductCode%20%3D%20%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7D%3CBR%20%2F%3EProperty(S)%3A%20ProductLanguage%20%3D%201033%3CBR%20%2F%3EProperty(S)%3A%20ProductName%20%3D%20Azure%20Advanced%20Threat%20Protection%20Sensor%3CBR%20%2F%3EProperty(S)%3A%20ProductVersion%20%3D%202.0.0.0%3CBR%20%2F%3EProperty(S)%3A%20SecureCustomProperties%20%3D%20WIX_DOWNGRADE_DETECTED%3BWIX_UPGRADE_DETECTED%3CBR%20%2F%3EProperty(S)%3A%20MsiHiddenProperties%20%3D%20ACCESSKEY%3BPROXYCONFIGURATION%3CBR%20%2F%3EProperty(S)%3A%20MsiLogFileLocation%20%3D%20C%3A%5CUsers%5CADMINI~1.GRE%5CAppData%5CLocal%5CTemp%5CAzure%20Advanced%20Threat%20Protection%20Sensor_20210908232740_000_MsiPackage.log%3CBR%20%2F%3EProperty(S)%3A%20PackageCode%20%3D%20%7B6F8A7B28-5262-426D-A9E7-47443E6A6B39%7D%3CBR%20%2F%3EProperty(S)%3A%20ProductState%20%3D%20-1%3CBR%20%2F%3EProperty(S)%3A%20PackagecodeChanging%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20ARPSYSTEMCOMPONENT%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20MSIFASTINSTALL%20%3D%207%3CBR%20%2F%3EProperty(S)%3A%20ACCESSKEY%20%3D%20**********%3CBR%20%2F%3EProperty(S)%3A%20INSTALLATIONPATH%20%3D%20C%3A%5CProgram%20Files%5CAzure%20Advanced%20Threat%20Protection%20Sensor%3CBR%20%2F%3EProperty(S)%3A%20WIXBUNDLEORIGINALSOURCEFOLDER%20%3D%20C%3A%5CAzure%20ATP%20Sensor%20Setup%5C%3CBR%20%2F%3EProperty(S)%3A%20REBOOT%20%3D%20ReallySuppress%3CBR%20%2F%3EProperty(S)%3A%20CURRENTDIRECTORY%20%3D%20C%3A%5CAzure%20ATP%20Sensor%20Setup%3CBR%20%2F%3EProperty(S)%3A%20CLIENTUILEVEL%20%3D%203%3CBR%20%2F%3EProperty(S)%3A%20MSICLIENTUSESEXTERNALUI%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20CLIENTPROCESSID%20%3D%2012640%3CBR%20%2F%3EProperty(S)%3A%20MsiSystemRebootPending%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20VersionDatabase%20%3D%20500%3CBR%20%2F%3EProperty(S)%3A%20VersionMsi%20%3D%205.00%3CBR%20%2F%3EProperty(S)%3A%20VersionNT%20%3D%20603%3CBR%20%2F%3EProperty(S)%3A%20VersionNT64%20%3D%20603%3CBR%20%2F%3EProperty(S)%3A%20WindowsBuild%20%3D%209600%3CBR%20%2F%3EProperty(S)%3A%20ServicePackLevel%20%3D%200%3CBR%20%2F%3EProperty(S)%3A%20ServicePackLevelMinor%20%3D%200%3CBR%20%2F%3EProperty(S)%3A%20MsiNTProductType%20%3D%202%3CBR%20%2F%3EProperty(S)%3A%20MsiNTSuiteDataCenter%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20WindowsFolder%20%3D%20C%3A%5CWindows%5C%3CBR%20%2F%3EProperty(S)%3A%20WindowsVolume%20%3D%20C%3A%5C%3CBR%20%2F%3EProperty(S)%3A%20System64Folder%20%3D%20C%3A%5CWindows%5Csystem32%5C%3CBR%20%2F%3EProperty(S)%3A%20SystemFolder%20%3D%20C%3A%5CWindows%5CSysWOW64%5C%3CBR%20%2F%3EProperty(S)%3A%20RemoteAdminTS%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20TempFolder%20%3D%20C%3A%5CUsers%5CADMINI~1.GRE%5CAppData%5CLocal%5CTemp%5C%3CBR%20%2F%3EProperty(S)%3A%20ProgramFilesFolder%20%3D%20C%3A%5CProgram%20Files%20(x86)%5C%3CBR%20%2F%3EProperty(S)%3A%20CommonFilesFolder%20%3D%20C%3A%5CProgram%20Files%20(x86)%5CCommon%20Files%5C%3CBR%20%2F%3EProperty(S)%3A%20ProgramFiles64Folder%20%3D%20C%3A%5CProgram%20Files%5C%3CBR%20%2F%3EProperty(S)%3A%20CommonFiles64Folder%20%3D%20C%3A%5CProgram%20Files%5CCommon%20Files%5C%3CBR%20%2F%3EProperty(S)%3A%20AppDataFolder%20%3D%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5C%3CBR%20%2F%3EProperty(S)%3A%20FavoritesFolder%20%3D%20C%3A%5CUsers%5Cadministrator.xxx%5CFavorites%5C%3CBR%20%2F%3EProperty(S)%3A%20NetHoodFolder%20%3D%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5CMicrosoft%5CWindows%5CNetwork%20Shortcuts%5C%3CBR%20%2F%3EProperty(S)%3A%20PersonalFolder%20%3D%20C%3A%5CUsers%5Cadministrator.xxx%5CDocuments%5C%3CBR%20%2F%3EProperty(S)%3A%20PrintHoodFolder%20%3D%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5CMicrosoft%5CWindows%5CPrinter%20Shortcuts%5C%3CBR%20%2F%3EProperty(S)%3A%20RecentFolder%20%3D%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5CMicrosoft%5CWindows%5CRecent%5C%3CBR%20%2F%3EProperty(S)%3A%20SendToFolder%20%3D%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CRoaming%5CMicrosoft%5CWindows%5CSendTo%5C%3CBR%20%2F%3EProperty(S)%3A%20TemplateFolder%20%3D%20C%3A%5CProgramData%5CMicrosoft%5CWindows%5CTemplates%5C%3CBR%20%2F%3EProperty(S)%3A%20CommonAppDataFolder%20%3D%20C%3A%5CProgramData%5C%3CBR%20%2F%3EProperty(S)%3A%20LocalAppDataFolder%20%3D%20C%3A%5CUsers%5Cadministrator.xxx%5CAppData%5CLocal%5C%3CBR%20%2F%3EProperty(S)%3A%20MyPicturesFolder%20%3D%20C%3A%5CUsers%5Cadministrator.xxx%5CPictures%5C%3CBR%20%2F%3EProperty(S)%3A%20AdminToolsFolder%20%3D%20C%3A%5CProgramData%5CMicrosoft%5CWindows%5CStart%20Menu%5CPrograms%5CAdministrative%20Tools%5C%3CBR%20%2F%3EProperty(S)%3A%20StartupFolder%20%3D%20C%3A%5CProgramData%5CMicrosoft%5CWindows%5CStart%20Menu%5CPrograms%5CStartup%5C%3CBR%20%2F%3EProperty(S)%3A%20ProgramMenuFolder%20%3D%20C%3A%5CProgramData%5CMicrosoft%5CWindows%5CStart%20Menu%5CPrograms%5C%3CBR%20%2F%3EProperty(S)%3A%20StartMenuFolder%20%3D%20C%3A%5CProgramData%5CMicrosoft%5CWindows%5CStart%20Menu%5C%3CBR%20%2F%3EProperty(S)%3A%20DesktopFolder%20%3D%20C%3A%5CUsers%5CPublic%5CDesktop%5C%3CBR%20%2F%3EProperty(S)%3A%20FontsFolder%20%3D%20C%3A%5CWindows%5CFonts%5C%3CBR%20%2F%3EProperty(S)%3A%20GPTSupport%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20OLEAdvtSupport%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20ShellAdvtSupport%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20MsiAMD64%20%3D%206%3CBR%20%2F%3EProperty(S)%3A%20Msix64%20%3D%206%3CBR%20%2F%3EProperty(S)%3A%20Intel%20%3D%206%3CBR%20%2F%3EProperty(S)%3A%20PhysicalMemory%20%3D%2012288%3CBR%20%2F%3EProperty(S)%3A%20VirtualMemory%20%3D%207407%3CBR%20%2F%3EProperty(S)%3A%20AdminUser%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20MsiTrueAdminUser%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20LogonUser%20%3D%20administrator%3CBR%20%2F%3EProperty(S)%3A%20UserSID%20%3D%20S-1-5-21-895235092-2957102850-851312084-500%3CBR%20%2F%3EProperty(S)%3A%20UserLanguageID%20%3D%201033%3CBR%20%2F%3EProperty(S)%3A%20ComputerName%20%3D%20IDC%3CBR%20%2F%3EProperty(S)%3A%20SystemLanguageID%20%3D%201033%3CBR%20%2F%3EProperty(S)%3A%20ScreenX%20%3D%201024%3CBR%20%2F%3EProperty(S)%3A%20ScreenY%20%3D%20768%3CBR%20%2F%3EProperty(S)%3A%20CaptionHeight%20%3D%2023%3CBR%20%2F%3EProperty(S)%3A%20BorderTop%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20BorderSide%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20TextHeight%20%3D%2016%3CBR%20%2F%3EProperty(S)%3A%20TextInternalLeading%20%3D%203%3CBR%20%2F%3EProperty(S)%3A%20ColorBits%20%3D%2032%3CBR%20%2F%3EProperty(S)%3A%20TTCSupport%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20Time%20%3D%2023%3A28%3A07%3CBR%20%2F%3EProperty(S)%3A%20Date%20%3D%209%2F8%2F2021%3CBR%20%2F%3EProperty(S)%3A%20MsiNetAssemblySupport%20%3D%204.7.3190.0%3CBR%20%2F%3EProperty(S)%3A%20MsiWin32AssemblySupport%20%3D%206.3.17763.1%3CBR%20%2F%3EProperty(S)%3A%20RedirectedDllSupport%20%3D%202%3CBR%20%2F%3EProperty(S)%3A%20MsiRunningElevated%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20Privileged%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20USERNAME%20%3D%20Administrator%3CBR%20%2F%3EProperty(S)%3A%20COMPANYNAME%20%3D%20N%2FA%3CBR%20%2F%3EProperty(S)%3A%20DATABASE%20%3D%20C%3A%5CWindows%5CInstaller%5C901521.msi%3CBR%20%2F%3EProperty(S)%3A%20OriginalDatabase%20%3D%20C%3A%5CProgramData%5CPackage%20Cache%5C%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7Dv2.0.0.0%5CMicrosoft.Tri.Sensor.Deployment.Package.msi%3CBR%20%2F%3EProperty(S)%3A%20UILevel%20%3D%202%3CBR%20%2F%3EProperty(S)%3A%20MsiUISourceResOnly%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20ACTION%20%3D%20INSTALL%3CBR%20%2F%3EProperty(S)%3A%20ROOTDRIVE%20%3D%20C%3A%5C%3CBR%20%2F%3EProperty(S)%3A%20CostingComplete%20%3D%201%3CBR%20%2F%3EProperty(S)%3A%20OutOfDiskSpace%20%3D%200%3CBR%20%2F%3EProperty(S)%3A%20OutOfNoRbDiskSpace%20%3D%200%3CBR%20%2F%3EProperty(S)%3A%20PrimaryVolumeSpaceAvailable%20%3D%200%3CBR%20%2F%3EProperty(S)%3A%20PrimaryVolumeSpaceRequired%20%3D%200%3CBR%20%2F%3EProperty(S)%3A%20PrimaryVolumeSpaceRemaining%20%3D%200%3CBR%20%2F%3EProperty(S)%3A%20INSTALLLEVEL%20%3D%201%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A843%5D%3A%20Note%3A%201%3A%201708%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A843%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Error%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A843%5D%3A%20Note%3A%201%3A%202228%202%3A%203%3A%20Error%204%3A%20SELECT%20%60Message%60%20FROM%20%60Error%60%20WHERE%20%60Error%60%20%3D%201708%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A843%5D%3A%20Note%3A%201%3A%202205%202%3A%203%3A%20Error%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A843%5D%3A%20Note%3A%201%3A%202228%202%3A%203%3A%20Error%204%3A%20SELECT%20%60Message%60%20FROM%20%60Error%60%20WHERE%20%60Error%60%20%3D%201709%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A843%5D%3A%20Product%3A%20Azure%20Advanced%20Threat%20Protection%20Sensor%20--%20Installation%20failed.%3C%2FP%3E%3CP%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A843%5D%3A%20Windows%20Installer%20installed%20the%20product.%20Product%20Name%3A%20Azure%20Advanced%20Threat%20Protection%20Sensor.%20Product%20Version%3A%202.0.0.0.%20Product%20Language%3A%201033.%20Manufacturer%3A%20Microsoft%20Corporation.%20Installation%20success%20or%20error%20status%3A%201603.%3C%2FP%3E%3CP%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A843%5D%3A%20Deferring%20clean%20up%20of%20packages%2Ffiles%2C%20if%20any%20exist%3CBR%20%2F%3EMSI%20(s)%20(94%3A00)%20%5B23%3A28%3A07%3A843%5D%3A%20MainEngineThread%20is%20returning%201603%3CBR%20%2F%3EMSI%20(s)%20(94%3A40)%20%5B23%3A28%3A07%3A859%5D%3A%20RESTART%20MANAGER%3A%20Session%20closed.%3CBR%20%2F%3EMSI%20(s)%20(94%3A40)%20%5B23%3A28%3A07%3A859%5D%3A%20No%20System%20Restore%20sequence%20number%20for%20this%20installation.%3CBR%20%2F%3E%3D%3D%3D%20Logging%20stopped%3A%2008%2F09%2F2021%2023%3A28%3A07%20%3D%3D%3D%3CBR%20%2F%3EMSI%20(s)%20(94%3A40)%20%5B23%3A28%3A07%3A859%5D%3A%20User%20policy%20value%20'DisableRollback'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A40)%20%5B23%3A28%3A07%3A859%5D%3A%20Machine%20policy%20value%20'DisableRollback'%20is%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A40)%20%5B23%3A28%3A07%3A859%5D%3A%20Incrementing%20counter%20to%20disable%20shutdown.%20Counter%20after%20increment%3A%200%3CBR%20%2F%3EMSI%20(s)%20(94%3A40)%20%5B23%3A28%3A07%3A859%5D%3A%20Note%3A%201%3A%201402%202%3A%20HKEY_LOCAL_MACHINE%5CSoftware%5CMicrosoft%5CWindows%5CCurrentVersion%5CInstaller%5CRollback%5CScripts%203%3A%202%3CBR%20%2F%3EMSI%20(s)%20(94%3A40)%20%5B23%3A28%3A07%3A859%5D%3A%20Note%3A%201%3A%201402%202%3A%20HKEY_LOCAL_MACHINE%5CSoftware%5CMicrosoft%5CWindows%5CCurrentVersion%5CInstaller%5CRollback%5CScripts%203%3A%202%3CBR%20%2F%3EMSI%20(s)%20(94%3A40)%20%5B23%3A28%3A07%3A859%5D%3A%20Decrementing%20counter%20to%20disable%20shutdown.%20If%20counter%20%26gt%3B%3D%200%2C%20shutdown%20will%20be%20denied.%20Counter%20after%20decrement%3A%20-1%3CBR%20%2F%3EMSI%20(s)%20(94%3A40)%20%5B23%3A28%3A07%3A859%5D%3A%20Destroying%20RemoteAPI%20object.%3CBR%20%2F%3EMSI%20(s)%20(94%3A6C)%20%5B23%3A28%3A07%3A859%5D%3A%20Custom%20Action%20Manager%20thread%20ending.%3CBR%20%2F%3EMSI%20(c)%20(60%3A50)%20%5B23%3A28%3A07%3A859%5D%3A%20Decrementing%20counter%20to%20disable%20shutdown.%20If%20counter%20%26gt%3B%3D%200%2C%20shutdown%20will%20be%20denied.%20Counter%20after%20decrement%3A%20-1%3CBR%20%2F%3EMSI%20(c)%20(60%3A50)%20%5B23%3A28%3A07%3A859%5D%3A%20MainEngineThread%20is%20returning%201603%3CBR%20%2F%3E%3D%3D%3D%20Verbose%20logging%20stopped%3A%2008%2F09%2F2021%2023%3A28%3A07%20%3D%3D%3D%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20orther%20log%20file%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A40%5Di001%3A%20Burn%20v3.11.2.4516%2C%20Windows%20v10.0%20(Build%2017763%3A%20Service%20Pack%200)%2C%20path%3A%20C%3A%5CWindows%5CTemp%5C%7B42F423E1-CDD4-4552-92DF-000BA6FC3852%7D%5C.cr%5CAzure%20ATP%20Sensor%20Setup.exe%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A40%5Di000%3A%20Initializing%20hidden%20variable%20'AccessKey'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A40%5Di000%3A%20Initializing%20hidden%20variable%20'ProxyConfiguration'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A40%5Di000%3A%20Initializing%20hidden%20variable%20'ProxyUserPassword'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A40%5Di000%3A%20Initializing%20string%20variable%20'NetFrameworkCommandLineArguments'%20to%20value%20'%2Fpassive%20%2Fshowrmui'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A40%5Di009%3A%20Command%20Line%3A%20'%22-burn.clean.room%3DC%3A%5CAzure%20ATP%20Sensor%20Setup%5CAzure%20ATP%20Sensor%20Setup.exe%22%20-burn.filehandle.attached%3D740%20-burn.filehandle.self%3D744'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A40%5Di000%3A%20Setting%20string%20variable%20'WixBundleOriginalSource'%20to%20value%20'C%3A%5CAzure%20ATP%20Sensor%20Setup%5CAzure%20ATP%20Sensor%20Setup.exe'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A40%5Di000%3A%20Setting%20string%20variable%20'WixBundleOriginalSourceFolder'%20to%20value%20'C%3A%5CAzure%20ATP%20Sensor%20Setup%5C'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A40%5Di000%3A%20Setting%20string%20variable%20'WixBundleLog'%20to%20value%20'C%3A%5CUsers%5CADMINI~1.GRE%5CAppData%5CLocal%5CTemp%5CAzure%20Advanced%20Threat%20Protection%20Sensor_20210908232740.log'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A40%5Di000%3A%20Setting%20string%20variable%20'WixBundleName'%20to%20value%20'Azure%20Advanced%20Threat%20Protection%20Sensor'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A40%5Di000%3A%20Setting%20string%20variable%20'WixBundleManufacturer'%20to%20value%20'Microsoft%20Corporation'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A40%5Di000%3A%20Loading%20managed%20bootstrapper%20application.%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A40%5Di000%3A%20Creating%20BA%20thread%20to%20run%20asynchronously.%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A40%5Di000%3A%202021-09-08%2016%3A27%3A40.8905%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetExportedTypes%20failed%20%5B%5C%5B%5Dassembly%3DPInvoke.User32%2C%20Version%3D0.5.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D9e300f9f87f04a7a%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'PInvoke.Windows.Core%2C%20Version%3D0.5.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D9e300f9f87f04a7a'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A41%5Di000%3A%202021-09-08%2016%3A27%3A41.0065%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetSerializableMembers%20failed%20%5B%5C%5B%5DAssemblyQualifiedName%3DMicrosoft.Tri.Cloud.Common.ServiceModuleManager%2C%20Microsoft.Tri.Common%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20AssemblyQualifiedName%3DMicrosoft.Tri.Cloud.Common.ServiceModuleManager%2C%20Microsoft.Tri.Common%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'Autofac%2C%20Version%3D4.9.2.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D17863af14b0044da'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A41%5Di000%3A%202021-09-08%2016%3A27%3A41.0912%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetSerializableMembers%20failed%20%5B%5C%5B%5DAssemblyQualifiedName%3DMicrosoft.Tri.Infrastructure.ModuleManager%2C%20Microsoft.Tri.Infrastructure%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20AssemblyQualifiedName%3DMicrosoft.Tri.Infrastructure.ModuleManager%2C%20Microsoft.Tri.Infrastructure%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'Autofac%2C%20Version%3D4.9.2.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D17863af14b0044da'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A41%5Di000%3A%202021-09-08%2016%3A27%3A41.0912%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetSerializableMembers%20failed%20%5B%5C%5B%5DAssemblyQualifiedName%3DMicrosoft.Tri.Sensor.Common.CommonSensorModuleManager%2C%20Microsoft.Tri.Sensor.Common%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20AssemblyQualifiedName%3DMicrosoft.Tri.Sensor.Common.CommonSensorModuleManager%2C%20Microsoft.Tri.Sensor.Common%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'Autofac%2C%20Version%3D4.9.2.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D17863af14b0044da'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di100%3A%20Detect%20begin%2C%205%20packages%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di000%3A%202021-09-08%2016%3A27%3A41.1224%20Debug%20DeploymentModel%20DetectDeploymentAction%20DetectBegin%20%5B%5C%5B%5DInstalled%3DFalse%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di000%3A%20Registry%20key%20not%20found.%20Key%20%3D%20'SOFTWARE%5CMicrosoft%5CWindows%5CCurrentVersion%5CComponent%20Based%20Servicing%5CPackages%5CPackage_1_for_KB4019990~31bf3856ad364e35~amd64~~6.1.1.2'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di000%3A%20Setting%20numeric%20variable%20'Kb4019990Windows2008R2Exists'%20to%20value%200%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di000%3A%20Registry%20key%20not%20found.%20Key%20%3D%20'SOFTWARE%5CMicrosoft%5CWindows%5CCurrentVersion%5CComponent%20Based%20Servicing%5CPackages%5CPackage_1_for_KB4019990~31bf3856ad364e35~amd64~~6.2.1.1'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di000%3A%20Setting%20numeric%20variable%20'Kb4019990Windows2012Exists'%20to%20value%200%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di000%3A%20Setting%20string%20variable%20'NetFrameworkRegistryValue'%20to%20value%20'461814'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di000%3A%20Setting%20string%20variable%20'ServerLevelsServerCoreRegistryValue'%20to%20value%20'1'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di000%3A%20Setting%20string%20variable%20'ServerLevelsServerGuiShellRegistryValue'%20to%20value%20'1'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di052%3A%20Condition%20'Kb4019990Windows2008R2Exists'%20evaluates%20to%20false.%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di052%3A%20Condition%20'Kb4019990Windows2012Exists'%20evaluates%20to%20false.%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di052%3A%20Condition%20'NetFrameworkRegistryValue%20%26gt%3B%3D%20460798'%20evaluates%20to%20true.%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di052%3A%20Condition%20'NetFrameworkRegistryValue%20%26gt%3B%3D%20460798'%20evaluates%20to%20true.%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di101%3A%20Detected%20package%3A%20Kb4019990Windows2008R2Package%2C%20state%3A%20Absent%2C%20cached%3A%20None%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di101%3A%20Detected%20package%3A%20Kb4019990Windows2012Package%2C%20state%3A%20Absent%2C%20cached%3A%20None%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di101%3A%20Detected%20package%3A%20NetFrameworkPackageServer%2C%20state%3A%20Present%2C%20cached%3A%20None%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di101%3A%20Detected%20package%3A%20NetFrameworkPackageServerCore%2C%20state%3A%20Present%2C%20cached%3A%20None%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di101%3A%20Detected%20package%3A%20MsiPackage%2C%20state%3A%20Absent%2C%20cached%3A%20None%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A41%5Di199%3A%20Detect%20complete%2C%20result%3A%200x0%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A41%5Di000%3A%202021-09-08%2016%3A27%3A41.1224%20Debug%20DeploymentModel%20.ctor%20%5B%5C%5B%5DDeploymentAction%3DInstall%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A41%5Di000%3A%202021-09-08%2016%3A27%3A41.1915%20Debug%20DeploymentModel%20.ctor%20%5B%5C%5B%5DIsAfterRestartAndConfigured%3DFalse%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A56%5Di000%3A%202021-09-08%2016%3A27%3A56.3969%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetExportedTypes%20failed%20%5B%5C%5B%5Dassembly%3DPInvoke.User32%2C%20Version%3D0.5.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D9e300f9f87f04a7a%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'PInvoke.Windows.Core%2C%20Version%3D0.5.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D9e300f9f87f04a7a'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A56%5Di000%3A%202021-09-08%2016%3A27%3A56.4034%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetExportedTypes%20failed%20%5B%5C%5B%5Dassembly%3DMicrosoft.Owin%2C%20Version%3D4.2.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D31bf3856ad364e35%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'Owin%2C%20Version%3D1.0.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Df0ebd12fd5e55cc5'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A56%5Di000%3A%202021-09-08%2016%3A27%3A56.4191%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetSerializableMembers%20failed%20%5B%5C%5B%5DAssemblyQualifiedName%3DMicrosoft.Tri.Cloud.Common.ServiceModuleManager%2C%20Microsoft.Tri.Common%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20AssemblyQualifiedName%3DMicrosoft.Tri.Cloud.Common.ServiceModuleManager%2C%20Microsoft.Tri.Common%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'Autofac%2C%20Version%3D4.9.2.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D17863af14b0044da'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A56%5Di000%3A%202021-09-08%2016%3A27%3A56.5037%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetSerializableMembers%20failed%20%5B%5C%5B%5DAssemblyQualifiedName%3DMicrosoft.Tri.Infrastructure.ModuleManager%2C%20Microsoft.Tri.Infrastructure%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20AssemblyQualifiedName%3DMicrosoft.Tri.Infrastructure.ModuleManager%2C%20Microsoft.Tri.Infrastructure%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'Autofac%2C%20Version%3D4.9.2.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D17863af14b0044da'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A56%5Di000%3A%202021-09-08%2016%3A27%3A56.5037%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetSerializableMembers%20failed%20%5B%5C%5B%5DAssemblyQualifiedName%3DMicrosoft.Tri.Sensor.Common.CommonSensorModuleManager%2C%20Microsoft.Tri.Sensor.Common%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20AssemblyQualifiedName%3DMicrosoft.Tri.Sensor.Common.CommonSensorModuleManager%2C%20Microsoft.Tri.Sensor.Common%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'Autofac%2C%20Version%3D4.9.2.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D17863af14b0044da'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A56%5Di000%3A%202021-09-08%2016%3A27%3A56.5194%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetSerializableMembers%20failed%20%5B%5C%5B%5DAssemblyQualifiedName%3DMicrosoft.Tri.CommonCommunication.ClientCertificateAuthenticationOptions%2C%20Microsoft.Tri.CommonCommunication%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20AssemblyQualifiedName%3DMicrosoft.Tri.CommonCommunication.ClientCertificateAuthenticationOptions%2C%20Microsoft.Tri.CommonCommunication%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'Microsoft.Owin.Security.Cookies%2C%20Version%3D4.2.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D31bf3856ad364e35'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A57%5Di000%3A%202021-09-08%2016%3A27%3A57.2903%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetExportedTypes%20failed%20%5B%5C%5B%5Dassembly%3DPInvoke.User32%2C%20Version%3D0.5.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D9e300f9f87f04a7a%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'PInvoke.Windows.Core%2C%20Version%3D0.5.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D9e300f9f87f04a7a'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A57%5Di000%3A%202021-09-08%2016%3A27%3A57.2923%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetExportedTypes%20failed%20%5B%5C%5B%5Dassembly%3DMicrosoft.Owin%2C%20Version%3D4.2.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D31bf3856ad364e35%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'Owin%2C%20Version%3D1.0.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Df0ebd12fd5e55cc5'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A57%5Di000%3A%202021-09-08%2016%3A27%3A57.3083%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetSerializableMembers%20failed%20%5B%5C%5B%5DAssemblyQualifiedName%3DMicrosoft.Tri.Cloud.Common.ServiceModuleManager%2C%20Microsoft.Tri.Common%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20AssemblyQualifiedName%3DMicrosoft.Tri.Cloud.Common.ServiceModuleManager%2C%20Microsoft.Tri.Common%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'Autofac%2C%20Version%3D4.9.2.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D17863af14b0044da'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A57%5Di000%3A%202021-09-08%2016%3A27%3A57.3843%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetSerializableMembers%20failed%20%5B%5C%5B%5DAssemblyQualifiedName%3DMicrosoft.Tri.Infrastructure.ModuleManager%2C%20Microsoft.Tri.Infrastructure%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20AssemblyQualifiedName%3DMicrosoft.Tri.Infrastructure.ModuleManager%2C%20Microsoft.Tri.Infrastructure%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'Autofac%2C%20Version%3D4.9.2.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D17863af14b0044da'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A57%5Di000%3A%202021-09-08%2016%3A27%3A57.3903%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetSerializableMembers%20failed%20%5B%5C%5B%5DAssemblyQualifiedName%3DMicrosoft.Tri.Sensor.Common.CommonSensorModuleManager%2C%20Microsoft.Tri.Sensor.Common%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20AssemblyQualifiedName%3DMicrosoft.Tri.Sensor.Common.CommonSensorModuleManager%2C%20Microsoft.Tri.Sensor.Common%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'Autofac%2C%20Version%3D4.9.2.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D17863af14b0044da'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A57%5Di000%3A%202021-09-08%2016%3A27%3A57.3943%20Warn%20JsonSerializerSettingsExtension%2BJsonSerializationBinder%20UpdateCurrentDomainAssemblyTypes%20GetSerializableMembers%20failed%20%5B%5C%5B%5DAssemblyQualifiedName%3DMicrosoft.Tri.CommonCommunication.ClientCertificateAuthenticationOptions%2C%20Microsoft.Tri.CommonCommunication%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20AssemblyQualifiedName%3DMicrosoft.Tri.CommonCommunication.ClientCertificateAuthenticationOptions%2C%20Microsoft.Tri.CommonCommunication%2C%20Version%3D2.160.14446.3872%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull%20exception.Message%3DCould%20not%20load%20file%20or%20assembly%20'Microsoft.Owin.Security.Cookies%2C%20Version%3D4.2.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D31bf3856ad364e35'%20or%20one%20of%20its%20dependencies.%20The%20system%20cannot%20find%20the%20file%20specified.%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A57%5Di000%3A%202021-09-08%2016%3A27%3A57.7374%20Info%20Model%20ValidateAsync%20ValidateCreateSensorAsync%20returned%20%5B%5C%5B%5DvalidateCreateSensorResult%3DSuccess%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A57%5Di000%3A%20Setting%20string%20variable%20'IsConfigured'%20to%20value%20'True'%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A57%5Di000%3A%20Setting%20hidden%20variable%20'AccessKey'%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A57%5Di000%3A%20Setting%20hidden%20variable%20'ProxyConfiguration'%3CBR%20%2F%3E%5B3258%3A2D54%5D%5B2021-09-08T23%3A27%3A57%5Di000%3A%20Setting%20string%20variable%20'InstallationPath'%20to%20value%20'C%3A%5CProgram%20Files%5CAzure%20Advanced%20Threat%20Protection%20Sensor'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di200%3A%20Plan%20begin%2C%205%20packages%2C%20action%3A%20Install%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di052%3A%20Condition%20'VersionNT64%20%3D%20v6.1'%20evaluates%20to%20false.%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Dw321%3A%20Skipping%20dependency%20registration%20on%20package%20with%20no%20dependency%20providers%3A%20Kb4019990Windows2008R2Package%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di052%3A%20Condition%20'VersionNT64%20%3D%20v6.2'%20evaluates%20to%20false.%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Dw321%3A%20Skipping%20dependency%20registration%20on%20package%20with%20no%20dependency%20providers%3A%20Kb4019990Windows2012Package%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di052%3A%20Condition%20'ServerLevelsServerCoreRegistryValue%20%26lt%3B%26gt%3B%201%20OR%20ServerLevelsServerGuiShellRegistryValue%20%3D%201'%20evaluates%20to%20true.%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Dw321%3A%20Skipping%20dependency%20registration%20on%20package%20with%20no%20dependency%20providers%3A%20NetFrameworkPackageServer%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di052%3A%20Condition%20'ServerLevelsServerCoreRegistryValue%20%3D%201%20AND%20ServerLevelsServerGuiShellRegistryValue%20%26lt%3B%26gt%3B%201'%20evaluates%20to%20false.%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Dw321%3A%20Skipping%20dependency%20registration%20on%20package%20with%20no%20dependency%20providers%3A%20NetFrameworkPackageServerCore%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di000%3A%20Setting%20string%20variable%20'WixBundleRollbackLog_MsiPackage'%20to%20value%20'C%3A%5CUsers%5CADMINI~1.GRE%5CAppData%5CLocal%5CTemp%5CAzure%20Advanced%20Threat%20Protection%20Sensor_20210908232740_000_MsiPackage_rollback.log'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di000%3A%20Setting%20string%20variable%20'WixBundleLog_MsiPackage'%20to%20value%20'C%3A%5CUsers%5CADMINI~1.GRE%5CAppData%5CLocal%5CTemp%5CAzure%20Advanced%20Threat%20Protection%20Sensor_20210908232740_000_MsiPackage.log'%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di201%3A%20Planned%20package%3A%20Kb4019990Windows2008R2Package%2C%20state%3A%20Absent%2C%20default%20requested%3A%20Absent%2C%20ba%20requested%3A%20Absent%2C%20execute%3A%20None%2C%20rollback%3A%20None%2C%20cache%3A%20No%2C%20uncache%3A%20No%2C%20dependency%3A%20None%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di201%3A%20Planned%20package%3A%20Kb4019990Windows2012Package%2C%20state%3A%20Absent%2C%20default%20requested%3A%20Absent%2C%20ba%20requested%3A%20Absent%2C%20execute%3A%20None%2C%20rollback%3A%20None%2C%20cache%3A%20No%2C%20uncache%3A%20No%2C%20dependency%3A%20None%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di201%3A%20Planned%20package%3A%20NetFrameworkPackageServer%2C%20state%3A%20Present%2C%20default%20requested%3A%20Present%2C%20ba%20requested%3A%20Present%2C%20execute%3A%20None%2C%20rollback%3A%20None%2C%20cache%3A%20No%2C%20uncache%3A%20No%2C%20dependency%3A%20None%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di201%3A%20Planned%20package%3A%20NetFrameworkPackageServerCore%2C%20state%3A%20Present%2C%20default%20requested%3A%20Absent%2C%20ba%20requested%3A%20Absent%2C%20execute%3A%20None%2C%20rollback%3A%20None%2C%20cache%3A%20No%2C%20uncache%3A%20No%2C%20dependency%3A%20None%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di201%3A%20Planned%20package%3A%20MsiPackage%2C%20state%3A%20Absent%2C%20default%20requested%3A%20Present%2C%20ba%20requested%3A%20Present%2C%20execute%3A%20Install%2C%20rollback%3A%20Uninstall%2C%20cache%3A%20Yes%2C%20uncache%3A%20No%2C%20dependency%3A%20Register%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di299%3A%20Plan%20complete%2C%20result%3A%200x0%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di300%3A%20Apply%20begin%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A57%5Di010%3A%20Launching%20elevated%20engine%20process.%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A58%5Di011%3A%20Launched%20elevated%20engine%20process.%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A27%3A58%5Di012%3A%20Connected%20to%20elevated%20engine.%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A27%3A58%5Di358%3A%20Pausing%20automatic%20updates.%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A27%3A58%5Di359%3A%20Paused%20automatic%20updates.%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A27%3A58%5Di360%3A%20Creating%20a%20system%20restore%20point.%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A27%3A58%5Di362%3A%20System%20restore%20disabled%2C%20system%20restore%20point%20not%20created.%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A27%3A58%5Di370%3A%20Session%20begin%2C%20registration%20key%3A%20SOFTWARE%5CMicrosoft%5CWindows%5CCurrentVersion%5CUninstall%5C%7B6c5fe9be-763e-4977-92d5-88c9c3b823c5%7D%2C%20options%3A%200x7%2C%20disable%20resume%3A%20No%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A27%3A58%5Di000%3A%20Caching%20bundle%20from%3A%20'C%3A%5CWindows%5CTemp%5C%7BB8D83596-2A70-4F3C-8FB8-792FB318C6C2%7D%5C.be%5CAzure%20ATP%20Sensor%20Setup.exe'%20to%3A%20'C%3A%5CProgramData%5CPackage%20Cache%5C%7B6c5fe9be-763e-4977-92d5-88c9c3b823c5%7D%5CAzure%20ATP%20Sensor%20Setup.exe'%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A27%3A58%5Di320%3A%20Registering%20bundle%20dependency%20provider%3A%20%7B6c5fe9be-763e-4977-92d5-88c9c3b823c5%7D%2C%20version%3A%202.0.0.0%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A27%3A58%5Di371%3A%20Updating%20session%2C%20registration%20key%3A%20SOFTWARE%5CMicrosoft%5CWindows%5CCurrentVersion%5CUninstall%5C%7B6c5fe9be-763e-4977-92d5-88c9c3b823c5%7D%2C%20resume%3A%20Active%2C%20restart%20initiated%3A%20No%2C%20disable%20resume%3A%20No%3CBR%20%2F%3E%5B3160%3A36E4%5D%5B2021-09-08T23%3A27%3A58%5Di305%3A%20Verified%20acquired%20payload%3A%20MsiPackage%20at%20path%3A%20C%3A%5CProgramData%5CPackage%20Cache%5C.unverified%5CMsiPackage%2C%20moving%20to%3A%20C%3A%5CProgramData%5CPackage%20Cache%5C%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7Dv2.0.0.0%5CMicrosoft.Tri.Sensor.Deployment.Package.msi.%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A27%3A58%5Di323%3A%20Registering%20package%20dependency%20provider%3A%20%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7D%2C%20version%3A%202.0.0.0%2C%20package%3A%20MsiPackage%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A27%3A58%5Di301%3A%20Applying%20execute%20package%3A%20MsiPackage%2C%20action%3A%20Install%2C%20path%3A%20C%3A%5CProgramData%5CPackage%20Cache%5C%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7Dv2.0.0.0%5CMicrosoft.Tri.Sensor.Deployment.Package.msi%2C%20arguments%3A%20'%20ARPSYSTEMCOMPONENT%3D%221%22%20MSIFASTINSTALL%3D%227%22%20ACCESSKEY%3D%22*****%22%20InstallationPath%3D%22C%3A%5CProgram%20Files%5CAzure%20Advanced%20Threat%20Protection%20Sensor%22%20InstalledVersion%3D%22%22%20PROXYCONFIGURATION%3D%22*****%22%20WixBundleOriginalSourceFolder%3D%22C%3A%5CAzure%20ATP%20Sensor%20Setup%5C%22'%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A28%3A07%5De000%3A%20Error%200x80070643%3A%20Failed%20to%20install%20MSI%20package.%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A28%3A07%5De000%3A%20Error%200x80070643%3A%20Failed%20to%20execute%20MSI%20package.%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A28%3A07%5De000%3A%20Error%200x80070643%3A%20Failed%20to%20configure%20per-machine%20MSI%20package.%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A28%3A07%5Di000%3A%202021-09-08%2016%3A28%3A07.8591%20Error%20Model%20LogError%20%5B%5C%5B%5DmethodName%3DBootstrapperApplication_ExecutePackageComplete%20status%3D-2147023293%20exception%3D%5B%5C%5D%5D%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A28%3A07%5Di319%3A%20Applied%20execute%20package%3A%20MsiPackage%2C%20result%3A%200x80070643%2C%20restart%3A%20None%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A28%3A07%5De000%3A%20Error%200x80070643%3A%20Failed%20to%20execute%20MSI%20package.%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A28%3A07%5Di318%3A%20Skipped%20rollback%20of%20package%3A%20MsiPackage%2C%20action%3A%20Uninstall%2C%20already%3A%20Absent%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A28%3A07%5Di319%3A%20Applied%20rollback%20package%3A%20MsiPackage%2C%20result%3A%200x0%2C%20restart%3A%20None%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A28%3A07%5Di329%3A%20Removed%20package%20dependency%20provider%3A%20%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7D%2C%20package%3A%20MsiPackage%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A28%3A07%5Di351%3A%20Removing%20cached%20package%3A%20MsiPackage%2C%20from%20path%3A%20C%3A%5CProgramData%5CPackage%20Cache%5C%7B61E851B5-79C3-44C6-9FCD-1AD4A73553F4%7Dv2.0.0.0%5C%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A28%3A07%5Di372%3A%20Session%20end%2C%20registration%20key%3A%20SOFTWARE%5CMicrosoft%5CWindows%5CCurrentVersion%5CUninstall%5C%7B6c5fe9be-763e-4977-92d5-88c9c3b823c5%7D%2C%20resume%3A%20None%2C%20restart%3A%20None%2C%20disable%20resume%3A%20No%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A28%3A07%5Di330%3A%20Removed%20bundle%20dependency%20provider%3A%20%7B6c5fe9be-763e-4977-92d5-88c9c3b823c5%7D%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A28%3A07%5Di352%3A%20Removing%20cached%20bundle%3A%20%7B6c5fe9be-763e-4977-92d5-88c9c3b823c5%7D%2C%20from%20path%3A%20C%3A%5CProgramData%5CPackage%20Cache%5C%7B6c5fe9be-763e-4977-92d5-88c9c3b823c5%7D%5C%3CBR%20%2F%3E%5B3160%3A3648%5D%5B2021-09-08T23%3A28%3A07%5Di371%3A%20Updating%20session%2C%20registration%20key%3A%20SOFTWARE%5CMicrosoft%5CWindows%5CCurrentVersion%5CUninstall%5C%7B6c5fe9be-763e-4977-92d5-88c9c3b823c5%7D%2C%20resume%3A%20None%2C%20restart%20initiated%3A%20No%2C%20disable%20resume%3A%20No%3CBR%20%2F%3E%5B3258%3A2D00%5D%5B2021-09-08T23%3A28%3A07%5Di399%3A%20Apply%20complete%2C%20result%3A%200x80070643%2C%20restart%3A%20None%2C%20ba%20requested%20restart%3A%20No0902878278%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20you%20help%20me%20this%20case%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2737769%22%20slang%3D%22en-US%22%3ERe%3A%20Defender%20for%20Identity%20sensor%20install%20failing%20-%20error%20code%200x80070643%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2737769%22%20slang%3D%22en-US%22%3EAny%20chance%20you%20ran%20the%20deployment%20by%20clicking%20inside%20the%20zip%20without%20extracting%20it%20to%20a%20folder%20first%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2738598%22%20slang%3D%22en-US%22%3ERe%3A%20Defender%20for%20Identity%20sensor%20install%20failing%20-%20error%20code%200x80070643%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2738598%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20class%3D%22VIiyi%22%3E%3CSPAN%20class%3D%22JLqJ4b%20ChMk0b%22%3E%3CSPAN%3Ei%20found%20some%20error%20in%20MsiPackage.log%20file%3A%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E2021-09-09%2011%3A11%3A27.9363%3CSTRONG%3E%20Info%20RunDeployerMajorDeploymentAction%20ApplyInternal%20finished%20%5BisSuccessful%3DFalse%5D%3C%2FSTRONG%3E%3CBR%20%2F%3E2021-09-09%2011%3A11%3A27.9363%20Debug%20InstallActionGroup%20Revert%20started%3CBR%20%2F%3E2021-09-09%2011%3A11%3A27.9363%20Warn%20InstallActionGroup%20Revert%20reverting%20%5BrollbackAction%3DUnpackDeploymentPackageBytesAction%20index%3D0%20count%3D3%5D%3CBR%20%2F%3E2021-09-09%2011%3A11%3A27.9363%20Debug%20UnpackDeploymentPackageBytesAction%20Revert%20started%3CBR%20%2F%3E2021-09-09%2011%3A11%3A27.9831%20Debug%20UnpackDeploymentPackageBytesAction%20Revert%20finished%3CBR%20%2F%3E2021-09-09%2011%3A11%3A27.9831%20Warn%20InstallActionGroup%20Revert%20reverting%20%5BrollbackAction%3DDownloadMinorDeploymentPackageBytesAction%20index%3D1%20count%3D3%5D%3CBR%20%2F%3E2021-09-09%2011%3A11%3A27.9831%20Debug%20DownloadMinorDeploymentPackageBytesAction%20Revert%20started%3CBR%20%2F%3E2021-09-09%2011%3A11%3A27.9831%20Debug%20DownloadMinorDeploymentPackageBytesAction%20Revert%20finished%3CBR%20%2F%3E2021-09-09%2011%3A11%3A27.9831%20Warn%20InstallActionGroup%20Revert%20reverting%20%5BrollbackAction%3DCreateDirectoryDeploymentAction%20index%3D2%20count%3D3%5D%3CBR%20%2F%3E2021-09-09%2011%3A11%3A27.9831%20Debug%20CreateDirectoryDeploymentAction%20Revert%20started%3CBR%20%2F%3E2021-09-09%2011%3A11%3A27.9831%20Debug%20CreateDirectoryDeploymentAction%20Revert%20finished%3CBR%20%2F%3E2021-09-09%2011%3A11%3A27.9831%20Debug%20InstallActionGroup%20Revert%20finished%3CBR%20%2F%3E2021-09-09%2011%3A11%3A28.0300%20Error%20DeploymentAction%20Failed%20to%20apply%20InstallActionGroup%3CBR%20%2F%3EMicrosoft.Tri.Infrastructure.ExtendedException%3A%20Apply%20failed%20%5BType%3DRunDeployerMajorDeploymentAction%5D%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2739767%22%20slang%3D%22en-US%22%3ERe%3A%20Defender%20for%20Identity%20sensor%20install%20failing%20-%20error%20code%200x80070643%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2739767%22%20slang%3D%22en-US%22%3ENo%2C%20I%20mean%20that%20you%20SHOULD%20extract%20the%20files%20first%20into%20a%20folder%2C%20and%20then%20run%20it%20from%20the%20extracted%20folder.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2742177%22%20slang%3D%22en-US%22%3ERe%3A%20Defender%20for%20Identity%20sensor%20install%20failing%20-%20error%20code%200x80070643%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2742177%22%20slang%3D%22en-US%22%3EThanks%20for%20your%20information.%3CBR%20%2F%3EI%20have%20extracted%20the%20files%20into%20a%20folder%20and%20have%20ran%20it%20but%20the%20same%20problem.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2870210%22%20slang%3D%22en-US%22%3ERe%3A%20Defender%20for%20Identity%20sensor%20install%20failing%20-%20error%20code%200x80070643%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2870210%22%20slang%3D%22en-US%22%3Egetting%20the%20same%20problem%20with%20error%201708%20and%201709%20installing%20onto%20a%202016%20server%20hosted%20in%20azure.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2870863%22%20slang%3D%22en-US%22%3ERe%3A%20Defender%20for%20Identity%20sensor%20install%20failing%20-%20error%20code%200x80070643%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2870863%22%20slang%3D%22en-US%22%3EIf%20you%20tried%20the%20above%2C%20I%20suggest%20opening%20a%20ticket%20as%20well%20to%20be%20able%20to%20share%20more%20diagnostics%20info...%3C%2FLINGO-BODY%3E
Occasional Contributor

I have 2 Active Directory, it's running Windows server 2019 (1809), no proxy, no core. i try to install the Defender for Identity sensor on a DC, setup wizard is running until a point. Then setup fails with 0x80070643 and do a rollback.

DatTran_0-1631180794865.png

 

MsiPackage.log file:

 

=== Verbose logging started: 08/09/2021 23:27:58 Build type: SHIP UNICODE 5.00.10011.00 Calling process: C:\Windows\Temp\{B8D83596-2A70-4F3C-8FB8-792FB318C6C2}\.be\Azure ATP Sensor Setup.exe ===
MSI (c) (60:50) [23:27:58:654]: Resetting cached policy values
MSI (c) (60:50) [23:27:58:654]: Machine policy value 'Debug' is 0
MSI (c) (60:50) [23:27:58:654]: ******* RunEngine:
******* Product: C:\ProgramData\Package Cache\{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}v2.0.0.0\Microsoft.Tri.Sensor.Deployment.Package.msi
******* Action:
******* CommandLine: **********
MSI (c) (60:50) [23:27:58:670]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (60:50) [23:27:58:670]: Grabbed execution mutex.
MSI (c) (60:50) [23:27:58:701]: Cloaking enabled.
MSI (c) (60:50) [23:27:58:701]: Attempting to enable all disabled privileges before calling Install on Server
MSI (c) (60:50) [23:27:58:707]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (94:40) [23:27:58:707]: Running installation inside multi-package transaction C:\ProgramData\Package Cache\{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}v2.0.0.0\Microsoft.Tri.Sensor.Deployment.Package.msi
MSI (s) (94:40) [23:27:58:707]: Grabbed execution mutex.
MSI (s) (94:00) [23:27:58:707]: Resetting cached policy values
MSI (s) (94:00) [23:27:58:707]: Machine policy value 'Debug' is 0
MSI (s) (94:00) [23:27:58:707]: ******* RunEngine:
******* Product: C:\ProgramData\Package Cache\{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}v2.0.0.0\Microsoft.Tri.Sensor.Deployment.Package.msi
******* Action:
******* CommandLine: **********
MSI (s) (94:00) [23:27:58:707]: Machine policy value 'DisableUserInstalls' is 0
MSI (s) (94:00) [23:27:58:707]: Note: 1: 2203 2: C:\Windows\Installer\inprogressinstallinfo.ipi 3: -2147287038
MSI (s) (94:00) [23:27:58:723]: SRSetRestorePoint skipped for this transaction.
MSI (s) (94:00) [23:27:58:723]: File will have security applied from OpCode.
MSI (s) (94:00) [23:27:58:739]: SOFTWARE RESTRICTION POLICY: Verifying package --> 'C:\ProgramData\Package Cache\{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}v2.0.0.0\Microsoft.Tri.Sensor.Deployment.Package.msi' against software restriction policy
MSI (s) (94:00) [23:27:58:739]: SOFTWARE RESTRICTION POLICY: C:\ProgramData\Package Cache\{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}v2.0.0.0\Microsoft.Tri.Sensor.Deployment.Package.msi has a digital signature
MSI (s) (94:00) [23:27:58:823]: SOFTWARE RESTRICTION POLICY: C:\ProgramData\Package Cache\{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}v2.0.0.0\Microsoft.Tri.Sensor.Deployment.Package.msi is permitted to run at the 'unrestricted' authorization level.
MSI (s) (94:00) [23:27:58:823]: MSCOREE not loaded loading copy from system32
MSI (s) (94:00) [23:27:58:823]: End dialog not enabled
MSI (s) (94:00) [23:27:58:823]: Original package ==> C:\ProgramData\Package Cache\{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}v2.0.0.0\Microsoft.Tri.Sensor.Deployment.Package.msi
MSI (s) (94:00) [23:27:58:823]: Package we're running from ==> C:\Windows\Installer\901521.msi
MSI (s) (94:00) [23:27:58:823]: APPCOMPAT: Compatibility mode property overrides found.
MSI (s) (94:00) [23:27:58:823]: APPCOMPAT: looking for appcompat database entry with ProductCode '{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}'.
MSI (s) (94:00) [23:27:58:823]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (94:00) [23:27:58:823]: Machine policy value 'TransformsSecure' is 1
MSI (s) (94:00) [23:27:58:823]: Note: 1: 2262 2: File 3: -2147287038
MSI (s) (94:00) [23:27:58:823]: Note: 1: 2205 2: 3: MsiFileHash
MSI (s) (94:00) [23:27:58:823]: Machine policy value 'DisablePatch' is 0
MSI (s) (94:00) [23:27:58:823]: Machine policy value 'AllowLockdownPatch' is 0
MSI (s) (94:00) [23:27:58:823]: Machine policy value 'DisableLUAPatching' is 0
MSI (s) (94:00) [23:27:58:823]: Machine policy value 'DisableFlyWeightPatching' is 0
MSI (s) (94:00) [23:27:58:823]: APPCOMPAT: looking for appcompat database entry with ProductCode '{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}'.
MSI (s) (94:00) [23:27:58:839]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (94:00) [23:27:58:839]: Transforms are not secure.
MSI (s) (94:00) [23:27:58:839]: Note: 1: 2205 2: 3: Control
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding MsiLogFileLocation property. Its value is 'C:\Users\ADMINI~1.GRE\AppData\Local\Temp\Azure Advanced Threat Protection Sensor_20210908232740_000_MsiPackage.log'.
MSI (s) (94:00) [23:27:58:839]: Command Line: ARPSYSTEMCOMPONENT=1 MSIFASTINSTALL=7 ACCESSKEY=********** InstallationPath=C:\Program Files\Azure Advanced Threat Protection Sensor InstalledVersion= PROXYCONFIGURATION=********** WixBundleOriginalSourceFolder=C:\Azure ATP Sensor Setup\ REBOOT=ReallySuppress CURRENTDIRECTORY=C:\Azure ATP Sensor Setup CLIENTUILEVEL=3 MSICLIENTUSESEXTERNALUI=1 CLIENTPROCESSID=12640
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding PackageCode property. Its value is '{6F8A7B28-5262-426D-A9E7-47443E6A6B39}'.
MSI (s) (94:00) [23:27:58:839]: Product Code passed to Engine.Initialize: ''
MSI (s) (94:00) [23:27:58:839]: Product Code from property table before transforms: '{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}'
MSI (s) (94:00) [23:27:58:839]: Product Code from property table after transforms: '{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}'
MSI (s) (94:00) [23:27:58:839]: Product not registered: beginning first-time install
MSI (s) (94:00) [23:27:58:839]: Product {61E851B5-79C3-44C6-9FCD-1AD4A73553F4} is not managed.
MSI (s) (94:00) [23:27:58:839]: MSI_LUA: Credential prompt not required, user is an admin
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding ProductState property. Its value is '-1'.
MSI (s) (94:00) [23:27:58:839]: Entering CMsiConfigurationManager::SetLastUsedSource.
MSI (s) (94:00) [23:27:58:839]: User policy value 'SearchOrder' is 'nmu'
MSI (s) (94:00) [23:27:58:839]: Adding new sources is allowed.
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding PackagecodeChanging property. Its value is '1'.
MSI (s) (94:00) [23:27:58:839]: Package name extracted from package path: 'Microsoft.Tri.Sensor.Deployment.Package.msi'
MSI (s) (94:00) [23:27:58:839]: Package to be registered: 'Microsoft.Tri.Sensor.Deployment.Package.msi'
MSI (s) (94:00) [23:27:58:839]: Note: 1: 2205 2: 3: Error
MSI (s) (94:00) [23:27:58:839]: Note: 1: 2262 2: AdminProperties 3: -2147287038
MSI (s) (94:00) [23:27:58:839]: Machine policy value 'DisableMsi' is 1
MSI (s) (94:00) [23:27:58:839]: Machine policy value 'AlwaysInstallElevated' is 0
MSI (s) (94:00) [23:27:58:839]: User policy value 'AlwaysInstallElevated' is 0
MSI (s) (94:00) [23:27:58:839]: Product installation will be elevated because user is admin and product is being installed per-machine.
MSI (s) (94:00) [23:27:58:839]: Running product '{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}' with elevated privileges: Product is assigned.
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding ARPSYSTEMCOMPONENT property. Its value is '1'.
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding MSIFASTINSTALL property. Its value is '7'.
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding ACCESSKEY property. Its value is '**********'.
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding INSTALLATIONPATH property. Its value is 'C:\Program Files\Azure Advanced Threat Protection Sensor'.
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding WIXBUNDLEORIGINALSOURCEFOLDER property. Its value is 'C:\Azure ATP Sensor Setup\'.
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding REBOOT property. Its value is 'ReallySuppress'.
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding CURRENTDIRECTORY property. Its value is 'C:\Azure ATP Sensor Setup'.
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding CLIENTUILEVEL property. Its value is '3'.
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding MSICLIENTUSESEXTERNALUI property. Its value is '1'.
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding CLIENTPROCESSID property. Its value is '12640'.
MSI (s) (94:00) [23:27:58:839]: Machine policy value 'DisableAutomaticApplicationShutdown' is 0
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding MsiRestartManagerSessionKey property. Its value is '6c5de35935e7d644830a241ae0bf7f8c'.
MSI (s) (94:00) [23:27:58:839]: RESTART MANAGER: Session opened.
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding MsiSystemRebootPending property. Its value is '1'.
MSI (s) (94:00) [23:27:58:839]: TRANSFORMS property is now:
MSI (s) (94:00) [23:27:58:839]: PROPERTY CHANGE: Adding VersionDatabase property. Its value is '500'.
MSI (s) (94:00) [23:27:58:839]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\AppData\Roaming
MSI (s) (94:00) [23:27:58:839]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\Favorites
MSI (s) (94:00) [23:27:58:839]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\AppData\Roaming\Microsoft\Windows\Network Shortcuts
MSI (s) (94:00) [23:27:58:839]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\Documents
MSI (s) (94:00) [23:27:58:839]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
MSI (s) (94:00) [23:27:58:839]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\AppData\Roaming\Microsoft\Windows\Recent
MSI (s) (94:00) [23:27:58:839]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\AppData\Roaming\Microsoft\Windows\SendTo
MSI (s) (94:00) [23:27:58:839]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\AppData\Roaming\Microsoft\Windows\Templates
MSI (s) (94:00) [23:27:58:839]: SHELL32::SHGetFolderPath returned: C:\ProgramData
MSI (s) (94:00) [23:27:58:839]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\AppData\Local
MSI (s) (94:00) [23:27:58:839]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\Pictures
MSI (s) (94:00) [23:27:58:855]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
MSI (s) (94:00) [23:27:58:855]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
MSI (s) (94:00) [23:27:58:855]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs
MSI (s) (94:00) [23:27:58:855]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu
MSI (s) (94:00) [23:27:58:855]: SHELL32::SHGetFolderPath returned: C:\Users\Public\Desktop
MSI (s) (94:00) [23:27:58:855]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
MSI (s) (94:00) [23:27:58:855]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MSI (s) (94:00) [23:27:58:855]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
MSI (s) (94:00) [23:27:58:855]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\AppData\Roaming\Microsoft\Windows\Start Menu
MSI (s) (94:00) [23:27:58:855]: SHELL32::SHGetFolderPath returned: C:\Users\administrator.xxx\Desktop
MSI (s) (94:00) [23:27:58:855]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Templates
MSI (s) (94:00) [23:27:58:855]: SHELL32::SHGetFolderPath returned: C:\Windows\Fonts
MSI (s) (94:00) [23:27:58:855]: Note: 1: 2898 2: MS Sans Serif 3: MS Sans Serif 4: 0 5: 16
MSI (s) (94:00) [23:27:58:855]: MSI_LUA: Setting MsiRunningElevated property to 1 because the install is already running elevated.
MSI (s) (94:00) [23:27:58:855]: PROPERTY CHANGE: Adding MsiRunningElevated property. Its value is '1'.
MSI (s) (94:00) [23:27:58:855]: PROPERTY CHANGE: Adding Privileged property. Its value is '1'.
MSI (s) (94:00) [23:27:58:855]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2
MSI (s) (94:00) [23:27:58:855]: PROPERTY CHANGE: Adding USERNAME property. Its value is 'Administrator'.
MSI (s) (94:00) [23:27:58:855]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2
MSI (s) (94:00) [23:27:58:855]: PROPERTY CHANGE: Adding COMPANYNAME property. Its value is 'N/A'.
MSI (s) (94:00) [23:27:58:855]: PROPERTY CHANGE: Adding DATABASE property. Its value is 'C:\Windows\Installer\901521.msi'.
MSI (s) (94:00) [23:27:58:855]: PROPERTY CHANGE: Adding OriginalDatabase property. Its value is 'C:\ProgramData\Package Cache\{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}v2.0.0.0\Microsoft.Tri.Sensor.Deployment.Package.msi'.
MSI (s) (94:00) [23:27:58:855]: Machine policy value 'MsiDisableEmbeddedUI' is 0
MSI (s) (94:00) [23:27:58:855]: EEUI - Disabling MsiEmbeddedUI due to existing external or embedded UI
MSI (s) (94:00) [23:27:58:855]: EEUI - Disabling MsiEmbeddedUI for service because it's not a quiet/basic install
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: PatchPackage
MSI (s) (94:00) [23:27:58:870]: Machine policy value 'DisableRollback' is 0
MSI (s) (94:00) [23:27:58:870]: User policy value 'DisableRollback' is 0
MSI (s) (94:00) [23:27:58:870]: PROPERTY CHANGE: Adding UILevel property. Its value is '2'.
MSI (s) (94:00) [23:27:58:870]: PROPERTY CHANGE: Adding MsiUISourceResOnly property. Its value is '1'.
=== Logging started: 08/09/2021 23:27:58 ===
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2203 2: C:\Windows\Installer\inprogressinstallinfo.ipi 3: -2147287038
MSI (s) (94:00) [23:27:58:870]: APPCOMPAT: [DetectVersionLaunchCondition] Launch condition already passes.
MSI (s) (94:00) [23:27:58:870]: PROPERTY CHANGE: Adding ACTION property. Its value is 'INSTALL'.
MSI (s) (94:00) [23:27:58:870]: Doing action: INSTALL
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: ActionText
Action start 23:27:58: INSTALL.
MSI (s) (94:00) [23:27:58:870]: Running ExecuteSequence
MSI (s) (94:00) [23:27:58:870]: Doing action: FindRelatedProducts
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: ActionText
Action start 23:27:58: FindRelatedProducts.
MSI (s) (94:00) [23:27:58:870]: Doing action: LaunchConditions
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: ActionText
Action ended 23:27:58: FindRelatedProducts. Return value 1.
Action start 23:27:58: LaunchConditions.
MSI (s) (94:00) [23:27:58:870]: Doing action: ValidateProductID
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: ActionText
Action ended 23:27:58: LaunchConditions. Return value 1.
Action start 23:27:58: ValidateProductID.
MSI (s) (94:00) [23:27:58:870]: Doing action: CostInitialize
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: ActionText
Action ended 23:27:58: ValidateProductID. Return value 1.
MSI (s) (94:00) [23:27:58:870]: Machine policy value 'MaxPatchCacheSize' is 10
MSI (s) (94:00) [23:27:58:870]: PROPERTY CHANGE: Adding ROOTDRIVE property. Its value is 'C:\'.
MSI (s) (94:00) [23:27:58:870]: PROPERTY CHANGE: Adding CostingComplete property. Its value is '0'.
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: Patch
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: PatchPackage
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: MsiPatchHeaders
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: __MsiPatchFileList
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: PatchPackage
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2228 2: 3: PatchPackage 4: SELECT `DiskId`, `PatchId`, `LastSequence` FROM `Media`, `PatchPackage` WHERE `Media`.`DiskId`=`PatchPackage`.`Media_` ORDER BY `DiskId`
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: Patch
Action start 23:27:58: CostInitialize.
MSI (s) (94:00) [23:27:58:870]: Doing action: FileCost
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: ActionText
Action ended 23:27:58: CostInitialize. Return value 1.
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: MsiAssembly
Action start 23:27:58: FileCost.
MSI (s) (94:00) [23:27:58:870]: Doing action: CostFinalize
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: ActionText
Action ended 23:27:58: FileCost. Return value 1.
MSI (s) (94:00) [23:27:58:870]: PROPERTY CHANGE: Adding OutOfDiskSpace property. Its value is '0'.
MSI (s) (94:00) [23:27:58:870]: PROPERTY CHANGE: Adding OutOfNoRbDiskSpace property. Its value is '0'.
MSI (s) (94:00) [23:27:58:870]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceAvailable property. Its value is '0'.
MSI (s) (94:00) [23:27:58:870]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceRequired property. Its value is '0'.
MSI (s) (94:00) [23:27:58:870]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceRemaining property. Its value is '0'.
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: Patch
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: Condition
MSI (s) (94:00) [23:27:58:870]: PROPERTY CHANGE: Adding TARGETDIR property. Its value is 'C:\'.
MSI (s) (94:00) [23:27:58:870]: Target path resolution complete. Dumping Directory table...
MSI (s) (94:00) [23:27:58:870]: Note: target paths subject to change (via custom actions or browsing)
MSI (s) (94:00) [23:27:58:870]: Dir (target): Key: TARGETDIR , Object: C:\
MSI (s) (94:00) [23:27:58:870]: PROPERTY CHANGE: Adding INSTALLLEVEL property. Its value is '1'.
Action start 23:27:58: CostFinalize.
MSI (s) (94:00) [23:27:58:870]: Doing action: MigrateFeatureStates
MSI (s) (94:00) [23:27:58:870]: Note: 1: 2205 2: 3: ActionText
Action ended 23:27:58: CostFinalize. Return value 1.
Action start 23:27:58: MigrateFeatureStates.
MSI (s) (94:00) [23:27:58:886]: Doing action: InstallValidate
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: ActionText
Action ended 23:27:58: MigrateFeatureStates. Return value 0.
MSI (s) (94:00) [23:27:58:886]: PROPERTY CHANGE: Deleting MsiRestartManagerSessionKey property. Its current value is '6c5de35935e7d644830a241ae0bf7f8c'.
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: Dialog
MSI (s) (94:00) [23:27:58:886]: Feature: ProductFeature; Installed: Absent; Request: Local; Action: Local
MSI (s) (94:00) [23:27:58:886]: Component: ProductComponent; Installed: Absent; Request: Local; Action: Local
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: Registry
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: BindImage
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: ProgId
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: PublishComponent
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: SelfReg
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: Extension
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: Font
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: Shortcut
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: Class
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: Icon
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: TypeLib
Action start 23:27:58: InstallValidate.
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: MsiAssembly
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2228 2: 3: MsiAssembly 4: SELECT `MsiAssembly`.`Attributes`, `MsiAssembly`.`File_Application`, `MsiAssembly`.`File_Manifest`, `Component`.`KeyPath` FROM `MsiAssembly`, `Component` WHERE `MsiAssembly`.`Component_` = `Component`.`Component` AND `MsiAssembly`.`Component_` = ?
MSI (s) (94:00) [23:27:58:886]: PROPERTY CHANGE: Modifying CostingComplete property. Its current value is '0'. Its new value: '1'.
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: Registry
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: BindImage
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: ProgId
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: PublishComponent
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: SelfReg
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: Extension
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: Font
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: Shortcut
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: Class
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: Icon
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: TypeLib
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2727 2:
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: FilesInUse
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2727 2:
MSI (s) (94:00) [23:27:58:886]: Doing action: InstallInitialize
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2205 2: 3: ActionText
Action ended 23:27:58: InstallValidate. Return value 1.
MSI (s) (94:00) [23:27:58:886]: Machine policy value 'AlwaysInstallElevated' is 0
MSI (s) (94:00) [23:27:58:886]: User policy value 'AlwaysInstallElevated' is 0
MSI (s) (94:00) [23:27:58:886]: BeginTransaction: Locking Server
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2203 2: C:\Windows\Installer\inprogressinstallinfo.ipi 3: -2147287038
MSI (s) (94:00) [23:27:58:886]: SRSetRestorePoint skipped for this transaction.
MSI (s) (94:00) [23:27:58:886]: Note: 1: 2203 2: C:\Windows\Installer\inprogressinstallinfo.ipi 3: -2147287038
MSI (s) (94:00) [23:27:58:886]: Server not locked: locking for product {61E851B5-79C3-44C6-9FCD-1AD4A73553F4}
Action start 23:27:58: InstallInitialize.
MSI (s) (94:00) [23:27:58:902]: Doing action: InstallCustomAction
MSI (s) (94:00) [23:27:58:902]: Note: 1: 2205 2: 3: ActionText
Action ended 23:27:58: InstallInitialize. Return value 1.
MSI (s) (94:40) [23:27:58:908]: Invoking remote custom action. DLL: C:\Windows\Installer\MSI15CD.tmp, Entrypoint: Install
MSI (s) (94:6C) [23:27:58:908]: Generating random cookie.
MSI (s) (94:6C) [23:27:58:908]: Created Custom Action Server with PID 12504 (0x30D8).
MSI (s) (94:90) [23:27:58:924]: Running as a service.
MSI (s) (94:E8) [23:27:58:939]: Hello, I'm your 64bit Impersonated custom action server.
Action start 23:27:58: InstallCustomAction.
SFXCA: Extracting custom action to temporary directory: C:\Windows\Installer\MSI15CD.tmp-\
SFXCA: Binding to CLR version v4.0.30319
Calling custom action Microsoft.Tri.Sensor.Deployment.Package.Actions!Microsoft.Tri.Sensor.Deployment.Package.Actions.CustomActions.Install
2021-09-08 16:28:00.2746 Debug CustomActions RunActionGroup InstallActionGroup started
2021-09-08 16:28:00.2902 Debug InstallActionGroup Apply started
2021-09-08 16:28:00.2902 Debug CreateDirectoryDeploymentAction Apply started [suppressFailure=False]
2021-09-08 16:28:00.2902 Debug CreateDirectoryDeploymentAction Apply finished
2021-09-08 16:28:00.2902 Debug DownloadMinorDeploymentPackageBytesAction Apply started [suppressFailure=False]
2021-09-08 16:28:05.0977 Debug DownloadMinorDeploymentPackageBytesAction Apply finished
2021-09-08 16:28:05.0977 Debug UnpackDeploymentPackageBytesAction Apply started [suppressFailure=False]
2021-09-08 16:28:05.9688 Debug UnpackDeploymentPackageBytesAction Apply finished
2021-09-08 16:28:05.9688 Debug RunDeployerMajorDeploymentAction Apply started [suppressFailure=False]
2021-09-08 16:28:05.9844 Info RunDeployerMajorDeploymentAction ApplyInternal started [filePath=ETAPZ0LIXJS3Ig8prJ1PFA== _arguments=W99/xxf9VqhqIKYVgAACqA==]
2021-09-08 16:28:07.6428 Info RunDeployerMajorDeploymentAction ApplyInternal finished [isSuccessful=False]
2021-09-08 16:28:07.6428 Debug InstallActionGroup Revert started
2021-09-08 16:28:07.6428 Warn InstallActionGroup Revert reverting [rollbackAction=UnpackDeploymentPackageBytesAction index=0 count=3]
2021-09-08 16:28:07.6585 Debug UnpackDeploymentPackageBytesAction Revert started
2021-09-08 16:28:07.6897 Debug UnpackDeploymentPackageBytesAction Revert finished
2021-09-08 16:28:07.6897 Warn InstallActionGroup Revert reverting [rollbackAction=DownloadMinorDeploymentPackageBytesAction index=1 count=3]
2021-09-08 16:28:07.7054 Debug DownloadMinorDeploymentPackageBytesAction Revert started
2021-09-08 16:28:07.7054 Debug DownloadMinorDeploymentPackageBytesAction Revert finished
2021-09-08 16:28:07.7054 Warn InstallActionGroup Revert reverting [rollbackAction=CreateDirectoryDeploymentAction index=2 count=3]
2021-09-08 16:28:07.7054 Debug CreateDirectoryDeploymentAction Revert started
2021-09-08 16:28:07.7054 Debug CreateDirectoryDeploymentAction Revert finished
2021-09-08 16:28:07.7054 Debug InstallActionGroup Revert finished
2021-09-08 16:28:07.7431 Error DeploymentAction Failed to apply InstallActionGroup
Microsoft.Tri.Infrastructure.ExtendedException: Apply failed [Type=RunDeployerMajorDeploymentAction]
at void Microsoft.Tri.Sensor.Common.DeploymentAction.Apply(bool suppressFailure)
at void Microsoft.Tri.Sensor.Common.DeploymentActionGroup.Apply(bool suppressFailure)
at ActionResult Microsoft.Tri.Sensor.Deployment.Package.Actions.CustomActions.RunActionGroup(DeploymentActionGroup deploymentActionGroup, Session session)
2021-09-08 16:28:07.7431 Debug CustomActions RunActionGroup InstallActionGroup finished [result=Failure]
CustomAction InstallCustomAction returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)
MSI (s) (94:00) [23:28:07:821]: Note: 1: 2265 2: 3: -2147287035
MSI (s) (94:00) [23:28:07:821]: Machine policy value 'DisableRollback' is 0
MSI (s) (94:00) [23:28:07:821]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
Action ended 23:28:07: InstallCustomAction. Return value 3.
MSI (s) (94:00) [23:28:07:821]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
MSI (s) (94:00) [23:28:07:821]: No System Restore sequence number for this installation.
MSI (s) (94:00) [23:28:07:821]: Unlocking Server
Action ended 23:28:07: INSTALL. Return value 3.
Property(S): UpgradeCode = {EDFB49E0-16FA-4535-B268-BD1B81B15DC2}
Property(S): TARGETDIR = C:\
Property(S): ALLUSERS = 1
Property(S): Manufacturer = Microsoft Corporation
Property(S): ProductCode = {61E851B5-79C3-44C6-9FCD-1AD4A73553F4}
Property(S): ProductLanguage = 1033
Property(S): ProductName = Azure Advanced Threat Protection Sensor
Property(S): ProductVersion = 2.0.0.0
Property(S): SecureCustomProperties = WIX_DOWNGRADE_DETECTED;WIX_UPGRADE_DETECTED
Property(S): MsiHiddenProperties = ACCESSKEY;PROXYCONFIGURATION
Property(S): MsiLogFileLocation = C:\Users\ADMINI~1.GRE\AppData\Local\Temp\Azure Advanced Threat Protection Sensor_20210908232740_000_MsiPackage.log
Property(S): PackageCode = {6F8A7B28-5262-426D-A9E7-47443E6A6B39}
Property(S): ProductState = -1
Property(S): PackagecodeChanging = 1
Property(S): ARPSYSTEMCOMPONENT = 1
Property(S): MSIFASTINSTALL = 7
Property(S): ACCESSKEY = **********
Property(S): INSTALLATIONPATH = C:\Program Files\Azure Advanced Threat Protection Sensor
Property(S): WIXBUNDLEORIGINALSOURCEFOLDER = C:\Azure ATP Sensor Setup\
Property(S): REBOOT = ReallySuppress
Property(S): CURRENTDIRECTORY = C:\Azure ATP Sensor Setup
Property(S): CLIENTUILEVEL = 3
Property(S): MSICLIENTUSESEXTERNALUI = 1
Property(S): CLIENTPROCESSID = 12640
Property(S): MsiSystemRebootPending = 1
Property(S): VersionDatabase = 500
Property(S): VersionMsi = 5.00
Property(S): VersionNT = 603
Property(S): VersionNT64 = 603
Property(S): WindowsBuild = 9600
Property(S): ServicePackLevel = 0
Property(S): ServicePackLevelMinor = 0
Property(S): MsiNTProductType = 2
Property(S): MsiNTSuiteDataCenter = 1
Property(S): WindowsFolder = C:\Windows\
Property(S): WindowsVolume = C:\
Property(S): System64Folder = C:\Windows\system32\
Property(S): SystemFolder = C:\Windows\SysWOW64\
Property(S): RemoteAdminTS = 1
Property(S): TempFolder = C:\Users\ADMINI~1.GRE\AppData\Local\Temp\
Property(S): ProgramFilesFolder = C:\Program Files (x86)\
Property(S): CommonFilesFolder = C:\Program Files (x86)\Common Files\
Property(S): ProgramFiles64Folder = C:\Program Files\
Property(S): CommonFiles64Folder = C:\Program Files\Common Files\
Property(S): AppDataFolder = C:\Users\administrator.xxx\AppData\Roaming\
Property(S): FavoritesFolder = C:\Users\administrator.xxx\Favorites\
Property(S): NetHoodFolder = C:\Users\administrator.xxx\AppData\Roaming\Microsoft\Windows\Network Shortcuts\
Property(S): PersonalFolder = C:\Users\administrator.xxx\Documents\
Property(S): PrintHoodFolder = C:\Users\administrator.xxx\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\
Property(S): RecentFolder = C:\Users\administrator.xxx\AppData\Roaming\Microsoft\Windows\Recent\
Property(S): SendToFolder = C:\Users\administrator.xxx\AppData\Roaming\Microsoft\Windows\SendTo\
Property(S): TemplateFolder = C:\ProgramData\Microsoft\Windows\Templates\
Property(S): CommonAppDataFolder = C:\ProgramData\
Property(S): LocalAppDataFolder = C:\Users\administrator.xxx\AppData\Local\
Property(S): MyPicturesFolder = C:\Users\administrator.xxx\Pictures\
Property(S): AdminToolsFolder = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\
Property(S): StartupFolder = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Property(S): ProgramMenuFolder = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\
Property(S): StartMenuFolder = C:\ProgramData\Microsoft\Windows\Start Menu\
Property(S): DesktopFolder = C:\Users\Public\Desktop\
Property(S): FontsFolder = C:\Windows\Fonts\
Property(S): GPTSupport = 1
Property(S): OLEAdvtSupport = 1
Property(S): ShellAdvtSupport = 1
Property(S): MsiAMD64 = 6
Property(S): Msix64 = 6
Property(S): Intel = 6
Property(S): PhysicalMemory = 12288
Property(S): VirtualMemory = 7407
Property(S): AdminUser = 1
Property(S): MsiTrueAdminUser = 1
Property(S): LogonUser = administrator
Property(S): UserSID = S-1-5-21-895235092-2957102850-851312084-500
Property(S): UserLanguageID = 1033
Property(S): ComputerName = IDC
Property(S): SystemLanguageID = 1033
Property(S): ScreenX = 1024
Property(S): ScreenY = 768
Property(S): CaptionHeight = 23
Property(S): BorderTop = 1
Property(S): BorderSide = 1
Property(S): TextHeight = 16
Property(S): TextInternalLeading = 3
Property(S): ColorBits = 32
Property(S): TTCSupport = 1
Property(S): Time = 23:28:07
Property(S): Date = 9/8/2021
Property(S): MsiNetAssemblySupport = 4.7.3190.0
Property(S): MsiWin32AssemblySupport = 6.3.17763.1
Property(S): RedirectedDllSupport = 2
Property(S): MsiRunningElevated = 1
Property(S): Privileged = 1
Property(S): USERNAME = Administrator
Property(S): COMPANYNAME = N/A
Property(S): DATABASE = C:\Windows\Installer\901521.msi
Property(S): OriginalDatabase = C:\ProgramData\Package Cache\{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}v2.0.0.0\Microsoft.Tri.Sensor.Deployment.Package.msi
Property(S): UILevel = 2
Property(S): MsiUISourceResOnly = 1
Property(S): ACTION = INSTALL
Property(S): ROOTDRIVE = C:\
Property(S): CostingComplete = 1
Property(S): OutOfDiskSpace = 0
Property(S): OutOfNoRbDiskSpace = 0
Property(S): PrimaryVolumeSpaceAvailable = 0
Property(S): PrimaryVolumeSpaceRequired = 0
Property(S): PrimaryVolumeSpaceRemaining = 0
Property(S): INSTALLLEVEL = 1
MSI (s) (94:00) [23:28:07:843]: Note: 1: 1708
MSI (s) (94:00) [23:28:07:843]: Note: 1: 2205 2: 3: Error
MSI (s) (94:00) [23:28:07:843]: Note: 1: 2228 2: 3: Error 4: SELECT `Message` FROM `Error` WHERE `Error` = 1708
MSI (s) (94:00) [23:28:07:843]: Note: 1: 2205 2: 3: Error
MSI (s) (94:00) [23:28:07:843]: Note: 1: 2228 2: 3: Error 4: SELECT `Message` FROM `Error` WHERE `Error` = 1709
MSI (s) (94:00) [23:28:07:843]: Product: Azure Advanced Threat Protection Sensor -- Installation failed.

MSI (s) (94:00) [23:28:07:843]: Windows Installer installed the product. Product Name: Azure Advanced Threat Protection Sensor. Product Version: 2.0.0.0. Product Language: 1033. Manufacturer: Microsoft Corporation. Installation success or error status: 1603.

MSI (s) (94:00) [23:28:07:843]: Deferring clean up of packages/files, if any exist
MSI (s) (94:00) [23:28:07:843]: MainEngineThread is returning 1603
MSI (s) (94:40) [23:28:07:859]: RESTART MANAGER: Session closed.
MSI (s) (94:40) [23:28:07:859]: No System Restore sequence number for this installation.
=== Logging stopped: 08/09/2021 23:28:07 ===
MSI (s) (94:40) [23:28:07:859]: User policy value 'DisableRollback' is 0
MSI (s) (94:40) [23:28:07:859]: Machine policy value 'DisableRollback' is 0
MSI (s) (94:40) [23:28:07:859]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (94:40) [23:28:07:859]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
MSI (s) (94:40) [23:28:07:859]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
MSI (s) (94:40) [23:28:07:859]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (s) (94:40) [23:28:07:859]: Destroying RemoteAPI object.
MSI (s) (94:6C) [23:28:07:859]: Custom Action Manager thread ending.
MSI (c) (60:50) [23:28:07:859]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (c) (60:50) [23:28:07:859]: MainEngineThread is returning 1603
=== Verbose logging stopped: 08/09/2021 23:28:07 ===

 

The orther log file:

 

[3258:2D00][2021-09-08T23:27:40]i001: Burn v3.11.2.4516, Windows v10.0 (Build 17763: Service Pack 0), path: C:\Windows\Temp\{42F423E1-CDD4-4552-92DF-000BA6FC3852}\.cr\Azure ATP Sensor Setup.exe
[3258:2D00][2021-09-08T23:27:40]i000: Initializing hidden variable 'AccessKey'
[3258:2D00][2021-09-08T23:27:40]i000: Initializing hidden variable 'ProxyConfiguration'
[3258:2D00][2021-09-08T23:27:40]i000: Initializing hidden variable 'ProxyUserPassword'
[3258:2D00][2021-09-08T23:27:40]i000: Initializing string variable 'NetFrameworkCommandLineArguments' to value '/passive /showrmui'
[3258:2D00][2021-09-08T23:27:40]i009: Command Line: '"-burn.clean.room=C:\Azure ATP Sensor Setup\Azure ATP Sensor Setup.exe" -burn.filehandle.attached=740 -burn.filehandle.self=744'
[3258:2D00][2021-09-08T23:27:40]i000: Setting string variable 'WixBundleOriginalSource' to value 'C:\Azure ATP Sensor Setup\Azure ATP Sensor Setup.exe'
[3258:2D00][2021-09-08T23:27:40]i000: Setting string variable 'WixBundleOriginalSourceFolder' to value 'C:\Azure ATP Sensor Setup\'
[3258:2D00][2021-09-08T23:27:40]i000: Setting string variable 'WixBundleLog' to value 'C:\Users\ADMINI~1.GRE\AppData\Local\Temp\Azure Advanced Threat Protection Sensor_20210908232740.log'
[3258:2D00][2021-09-08T23:27:40]i000: Setting string variable 'WixBundleName' to value 'Azure Advanced Threat Protection Sensor'
[3258:2D00][2021-09-08T23:27:40]i000: Setting string variable 'WixBundleManufacturer' to value 'Microsoft Corporation'
[3258:2D00][2021-09-08T23:27:40]i000: Loading managed bootstrapper application.
[3258:2D00][2021-09-08T23:27:40]i000: Creating BA thread to run asynchronously.
[3258:2D54][2021-09-08T23:27:40]i000: 2021-09-08 16:27:40.8905 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetExportedTypes failed [\[]assembly=PInvoke.User32, Version=0.5.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a exception.Message=Could not load file or assembly 'PInvoke.Windows.Core, Version=0.5.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:41]i000: 2021-09-08 16:27:41.0065 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetSerializableMembers failed [\[]AssemblyQualifiedName=Microsoft.Tri.Cloud.Common.ServiceModuleManager, Microsoft.Tri.Common, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null AssemblyQualifiedName=Microsoft.Tri.Cloud.Common.ServiceModuleManager, Microsoft.Tri.Common, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null exception.Message=Could not load file or assembly 'Autofac, Version=4.9.2.0, Culture=neutral, PublicKeyToken=17863af14b0044da' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:41]i000: 2021-09-08 16:27:41.0912 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetSerializableMembers failed [\[]AssemblyQualifiedName=Microsoft.Tri.Infrastructure.ModuleManager, Microsoft.Tri.Infrastructure, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null AssemblyQualifiedName=Microsoft.Tri.Infrastructure.ModuleManager, Microsoft.Tri.Infrastructure, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null exception.Message=Could not load file or assembly 'Autofac, Version=4.9.2.0, Culture=neutral, PublicKeyToken=17863af14b0044da' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:41]i000: 2021-09-08 16:27:41.0912 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetSerializableMembers failed [\[]AssemblyQualifiedName=Microsoft.Tri.Sensor.Common.CommonSensorModuleManager, Microsoft.Tri.Sensor.Common, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null AssemblyQualifiedName=Microsoft.Tri.Sensor.Common.CommonSensorModuleManager, Microsoft.Tri.Sensor.Common, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null exception.Message=Could not load file or assembly 'Autofac, Version=4.9.2.0, Culture=neutral, PublicKeyToken=17863af14b0044da' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D00][2021-09-08T23:27:41]i100: Detect begin, 5 packages
[3258:2D00][2021-09-08T23:27:41]i000: 2021-09-08 16:27:41.1224 Debug DeploymentModel DetectDeploymentAction DetectBegin [\[]Installed=False[\]]
[3258:2D00][2021-09-08T23:27:41]i000: Registry key not found. Key = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_1_for_KB4019990~31bf3856ad364e35~amd64~~6.1.1.2'
[3258:2D00][2021-09-08T23:27:41]i000: Setting numeric variable 'Kb4019990Windows2008R2Exists' to value 0
[3258:2D00][2021-09-08T23:27:41]i000: Registry key not found. Key = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_1_for_KB4019990~31bf3856ad364e35~amd64~~6.2.1.1'
[3258:2D00][2021-09-08T23:27:41]i000: Setting numeric variable 'Kb4019990Windows2012Exists' to value 0
[3258:2D00][2021-09-08T23:27:41]i000: Setting string variable 'NetFrameworkRegistryValue' to value '461814'
[3258:2D00][2021-09-08T23:27:41]i000: Setting string variable 'ServerLevelsServerCoreRegistryValue' to value '1'
[3258:2D00][2021-09-08T23:27:41]i000: Setting string variable 'ServerLevelsServerGuiShellRegistryValue' to value '1'
[3258:2D00][2021-09-08T23:27:41]i052: Condition 'Kb4019990Windows2008R2Exists' evaluates to false.
[3258:2D00][2021-09-08T23:27:41]i052: Condition 'Kb4019990Windows2012Exists' evaluates to false.
[3258:2D00][2021-09-08T23:27:41]i052: Condition 'NetFrameworkRegistryValue >= 460798' evaluates to true.
[3258:2D00][2021-09-08T23:27:41]i052: Condition 'NetFrameworkRegistryValue >= 460798' evaluates to true.
[3258:2D00][2021-09-08T23:27:41]i101: Detected package: Kb4019990Windows2008R2Package, state: Absent, cached: None
[3258:2D00][2021-09-08T23:27:41]i101: Detected package: Kb4019990Windows2012Package, state: Absent, cached: None
[3258:2D00][2021-09-08T23:27:41]i101: Detected package: NetFrameworkPackageServer, state: Present, cached: None
[3258:2D00][2021-09-08T23:27:41]i101: Detected package: NetFrameworkPackageServerCore, state: Present, cached: None
[3258:2D00][2021-09-08T23:27:41]i101: Detected package: MsiPackage, state: Absent, cached: None
[3258:2D00][2021-09-08T23:27:41]i199: Detect complete, result: 0x0
[3258:2D54][2021-09-08T23:27:41]i000: 2021-09-08 16:27:41.1224 Debug DeploymentModel .ctor [\[]DeploymentAction=Install[\]]
[3258:2D54][2021-09-08T23:27:41]i000: 2021-09-08 16:27:41.1915 Debug DeploymentModel .ctor [\[]IsAfterRestartAndConfigured=False[\]]
[3258:2D54][2021-09-08T23:27:56]i000: 2021-09-08 16:27:56.3969 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetExportedTypes failed [\[]assembly=PInvoke.User32, Version=0.5.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a exception.Message=Could not load file or assembly 'PInvoke.Windows.Core, Version=0.5.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:56]i000: 2021-09-08 16:27:56.4034 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetExportedTypes failed [\[]assembly=Microsoft.Owin, Version=4.2.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 exception.Message=Could not load file or assembly 'Owin, Version=1.0.0.0, Culture=neutral, PublicKeyToken=f0ebd12fd5e55cc5' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:56]i000: 2021-09-08 16:27:56.4191 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetSerializableMembers failed [\[]AssemblyQualifiedName=Microsoft.Tri.Cloud.Common.ServiceModuleManager, Microsoft.Tri.Common, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null AssemblyQualifiedName=Microsoft.Tri.Cloud.Common.ServiceModuleManager, Microsoft.Tri.Common, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null exception.Message=Could not load file or assembly 'Autofac, Version=4.9.2.0, Culture=neutral, PublicKeyToken=17863af14b0044da' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:56]i000: 2021-09-08 16:27:56.5037 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetSerializableMembers failed [\[]AssemblyQualifiedName=Microsoft.Tri.Infrastructure.ModuleManager, Microsoft.Tri.Infrastructure, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null AssemblyQualifiedName=Microsoft.Tri.Infrastructure.ModuleManager, Microsoft.Tri.Infrastructure, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null exception.Message=Could not load file or assembly 'Autofac, Version=4.9.2.0, Culture=neutral, PublicKeyToken=17863af14b0044da' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:56]i000: 2021-09-08 16:27:56.5037 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetSerializableMembers failed [\[]AssemblyQualifiedName=Microsoft.Tri.Sensor.Common.CommonSensorModuleManager, Microsoft.Tri.Sensor.Common, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null AssemblyQualifiedName=Microsoft.Tri.Sensor.Common.CommonSensorModuleManager, Microsoft.Tri.Sensor.Common, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null exception.Message=Could not load file or assembly 'Autofac, Version=4.9.2.0, Culture=neutral, PublicKeyToken=17863af14b0044da' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:56]i000: 2021-09-08 16:27:56.5194 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetSerializableMembers failed [\[]AssemblyQualifiedName=Microsoft.Tri.CommonCommunication.ClientCertificateAuthenticationOptions, Microsoft.Tri.CommonCommunication, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null AssemblyQualifiedName=Microsoft.Tri.CommonCommunication.ClientCertificateAuthenticationOptions, Microsoft.Tri.CommonCommunication, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null exception.Message=Could not load file or assembly 'Microsoft.Owin.Security.Cookies, Version=4.2.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:57]i000: 2021-09-08 16:27:57.2903 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetExportedTypes failed [\[]assembly=PInvoke.User32, Version=0.5.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a exception.Message=Could not load file or assembly 'PInvoke.Windows.Core, Version=0.5.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:57]i000: 2021-09-08 16:27:57.2923 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetExportedTypes failed [\[]assembly=Microsoft.Owin, Version=4.2.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 exception.Message=Could not load file or assembly 'Owin, Version=1.0.0.0, Culture=neutral, PublicKeyToken=f0ebd12fd5e55cc5' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:57]i000: 2021-09-08 16:27:57.3083 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetSerializableMembers failed [\[]AssemblyQualifiedName=Microsoft.Tri.Cloud.Common.ServiceModuleManager, Microsoft.Tri.Common, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null AssemblyQualifiedName=Microsoft.Tri.Cloud.Common.ServiceModuleManager, Microsoft.Tri.Common, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null exception.Message=Could not load file or assembly 'Autofac, Version=4.9.2.0, Culture=neutral, PublicKeyToken=17863af14b0044da' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:57]i000: 2021-09-08 16:27:57.3843 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetSerializableMembers failed [\[]AssemblyQualifiedName=Microsoft.Tri.Infrastructure.ModuleManager, Microsoft.Tri.Infrastructure, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null AssemblyQualifiedName=Microsoft.Tri.Infrastructure.ModuleManager, Microsoft.Tri.Infrastructure, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null exception.Message=Could not load file or assembly 'Autofac, Version=4.9.2.0, Culture=neutral, PublicKeyToken=17863af14b0044da' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:57]i000: 2021-09-08 16:27:57.3903 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetSerializableMembers failed [\[]AssemblyQualifiedName=Microsoft.Tri.Sensor.Common.CommonSensorModuleManager, Microsoft.Tri.Sensor.Common, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null AssemblyQualifiedName=Microsoft.Tri.Sensor.Common.CommonSensorModuleManager, Microsoft.Tri.Sensor.Common, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null exception.Message=Could not load file or assembly 'Autofac, Version=4.9.2.0, Culture=neutral, PublicKeyToken=17863af14b0044da' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:57]i000: 2021-09-08 16:27:57.3943 Warn JsonSerializerSettingsExtension+JsonSerializationBinder UpdateCurrentDomainAssemblyTypes GetSerializableMembers failed [\[]AssemblyQualifiedName=Microsoft.Tri.CommonCommunication.ClientCertificateAuthenticationOptions, Microsoft.Tri.CommonCommunication, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null AssemblyQualifiedName=Microsoft.Tri.CommonCommunication.ClientCertificateAuthenticationOptions, Microsoft.Tri.CommonCommunication, Version=2.160.14446.3872, Culture=neutral, PublicKeyToken=null exception.Message=Could not load file or assembly 'Microsoft.Owin.Security.Cookies, Version=4.2.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.[\]]
[3258:2D54][2021-09-08T23:27:57]i000: 2021-09-08 16:27:57.7374 Info Model ValidateAsync ValidateCreateSensorAsync returned [\[]validateCreateSensorResult=Success[\]]
[3258:2D54][2021-09-08T23:27:57]i000: Setting string variable 'IsConfigured' to value 'True'
[3258:2D54][2021-09-08T23:27:57]i000: Setting hidden variable 'AccessKey'
[3258:2D54][2021-09-08T23:27:57]i000: Setting hidden variable 'ProxyConfiguration'
[3258:2D54][2021-09-08T23:27:57]i000: Setting string variable 'InstallationPath' to value 'C:\Program Files\Azure Advanced Threat Protection Sensor'
[3258:2D00][2021-09-08T23:27:57]i200: Plan begin, 5 packages, action: Install
[3258:2D00][2021-09-08T23:27:57]i052: Condition 'VersionNT64 = v6.1' evaluates to false.
[3258:2D00][2021-09-08T23:27:57]w321: Skipping dependency registration on package with no dependency providers: Kb4019990Windows2008R2Package
[3258:2D00][2021-09-08T23:27:57]i052: Condition 'VersionNT64 = v6.2' evaluates to false.
[3258:2D00][2021-09-08T23:27:57]w321: Skipping dependency registration on package with no dependency providers: Kb4019990Windows2012Package
[3258:2D00][2021-09-08T23:27:57]i052: Condition 'ServerLevelsServerCoreRegistryValue <> 1 OR ServerLevelsServerGuiShellRegistryValue = 1' evaluates to true.
[3258:2D00][2021-09-08T23:27:57]w321: Skipping dependency registration on package with no dependency providers: NetFrameworkPackageServer
[3258:2D00][2021-09-08T23:27:57]i052: Condition 'ServerLevelsServerCoreRegistryValue = 1 AND ServerLevelsServerGuiShellRegistryValue <> 1' evaluates to false.
[3258:2D00][2021-09-08T23:27:57]w321: Skipping dependency registration on package with no dependency providers: NetFrameworkPackageServerCore
[3258:2D00][2021-09-08T23:27:57]i000: Setting string variable 'WixBundleRollbackLog_MsiPackage' to value 'C:\Users\ADMINI~1.GRE\AppData\Local\Temp\Azure Advanced Threat Protection Sensor_20210908232740_000_MsiPackage_rollback.log'
[3258:2D00][2021-09-08T23:27:57]i000: Setting string variable 'WixBundleLog_MsiPackage' to value 'C:\Users\ADMINI~1.GRE\AppData\Local\Temp\Azure Advanced Threat Protection Sensor_20210908232740_000_MsiPackage.log'
[3258:2D00][2021-09-08T23:27:57]i201: Planned package: Kb4019990Windows2008R2Package, state: Absent, default requested: Absent, ba requested: Absent, execute: None, rollback: None, cache: No, uncache: No, dependency: None
[3258:2D00][2021-09-08T23:27:57]i201: Planned package: Kb4019990Windows2012Package, state: Absent, default requested: Absent, ba requested: Absent, execute: None, rollback: None, cache: No, uncache: No, dependency: None
[3258:2D00][2021-09-08T23:27:57]i201: Planned package: NetFrameworkPackageServer, state: Present, default requested: Present, ba requested: Present, execute: None, rollback: None, cache: No, uncache: No, dependency: None
[3258:2D00][2021-09-08T23:27:57]i201: Planned package: NetFrameworkPackageServerCore, state: Present, default requested: Absent, ba requested: Absent, execute: None, rollback: None, cache: No, uncache: No, dependency: None
[3258:2D00][2021-09-08T23:27:57]i201: Planned package: MsiPackage, state: Absent, default requested: Present, ba requested: Present, execute: Install, rollback: Uninstall, cache: Yes, uncache: No, dependency: Register
[3258:2D00][2021-09-08T23:27:57]i299: Plan complete, result: 0x0
[3258:2D00][2021-09-08T23:27:57]i300: Apply begin
[3258:2D00][2021-09-08T23:27:57]i010: Launching elevated engine process.
[3258:2D00][2021-09-08T23:27:58]i011: Launched elevated engine process.
[3258:2D00][2021-09-08T23:27:58]i012: Connected to elevated engine.
[3160:3648][2021-09-08T23:27:58]i358: Pausing automatic updates.
[3160:3648][2021-09-08T23:27:58]i359: Paused automatic updates.
[3160:3648][2021-09-08T23:27:58]i360: Creating a system restore point.
[3160:3648][2021-09-08T23:27:58]i362: System restore disabled, system restore point not created.
[3160:3648][2021-09-08T23:27:58]i370: Session begin, registration key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6c5fe9be-763e-4977-92d5-88c9c3b823c5}, options: 0x7, disable resume: No
[3160:3648][2021-09-08T23:27:58]i000: Caching bundle from: 'C:\Windows\Temp\{B8D83596-2A70-4F3C-8FB8-792FB318C6C2}\.be\Azure ATP Sensor Setup.exe' to: 'C:\ProgramData\Package Cache\{6c5fe9be-763e-4977-92d5-88c9c3b823c5}\Azure ATP Sensor Setup.exe'
[3160:3648][2021-09-08T23:27:58]i320: Registering bundle dependency provider: {6c5fe9be-763e-4977-92d5-88c9c3b823c5}, version: 2.0.0.0
[3160:3648][2021-09-08T23:27:58]i371: Updating session, registration key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6c5fe9be-763e-4977-92d5-88c9c3b823c5}, resume: Active, restart initiated: No, disable resume: No
[3160:36E4][2021-09-08T23:27:58]i305: Verified acquired payload: MsiPackage at path: C:\ProgramData\Package Cache\.unverified\MsiPackage, moving to: C:\ProgramData\Package Cache\{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}v2.0.0.0\Microsoft.Tri.Sensor.Deployment.Package.msi.
[3160:3648][2021-09-08T23:27:58]i323: Registering package dependency provider: {61E851B5-79C3-44C6-9FCD-1AD4A73553F4}, version: 2.0.0.0, package: MsiPackage
[3160:3648][2021-09-08T23:27:58]i301: Applying execute package: MsiPackage, action: Install, path: C:\ProgramData\Package Cache\{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}v2.0.0.0\Microsoft.Tri.Sensor.Deployment.Package.msi, arguments: ' ARPSYSTEMCOMPONENT="1" MSIFASTINSTALL="7" ACCESSKEY="*****" InstallationPath="C:\Program Files\Azure Advanced Threat Protection Sensor" InstalledVersion="" PROXYCONFIGURATION="*****" WixBundleOriginalSourceFolder="C:\Azure ATP Sensor Setup\"'
[3160:3648][2021-09-08T23:28:07]e000: Error 0x80070643: Failed to install MSI package.
[3160:3648][2021-09-08T23:28:07]e000: Error 0x80070643: Failed to execute MSI package.
[3258:2D00][2021-09-08T23:28:07]e000: Error 0x80070643: Failed to configure per-machine MSI package.
[3258:2D00][2021-09-08T23:28:07]i000: 2021-09-08 16:28:07.8591 Error Model LogError [\[]methodName=BootstrapperApplication_ExecutePackageComplete status=-2147023293 exception=[\]]
[3258:2D00][2021-09-08T23:28:07]i319: Applied execute package: MsiPackage, result: 0x80070643, restart: None
[3258:2D00][2021-09-08T23:28:07]e000: Error 0x80070643: Failed to execute MSI package.
[3160:3648][2021-09-08T23:28:07]i318: Skipped rollback of package: MsiPackage, action: Uninstall, already: Absent
[3258:2D00][2021-09-08T23:28:07]i319: Applied rollback package: MsiPackage, result: 0x0, restart: None
[3160:3648][2021-09-08T23:28:07]i329: Removed package dependency provider: {61E851B5-79C3-44C6-9FCD-1AD4A73553F4}, package: MsiPackage
[3160:3648][2021-09-08T23:28:07]i351: Removing cached package: MsiPackage, from path: C:\ProgramData\Package Cache\{61E851B5-79C3-44C6-9FCD-1AD4A73553F4}v2.0.0.0\
[3160:3648][2021-09-08T23:28:07]i372: Session end, registration key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6c5fe9be-763e-4977-92d5-88c9c3b823c5}, resume: None, restart: None, disable resume: No
[3160:3648][2021-09-08T23:28:07]i330: Removed bundle dependency provider: {6c5fe9be-763e-4977-92d5-88c9c3b823c5}
[3160:3648][2021-09-08T23:28:07]i352: Removing cached bundle: {6c5fe9be-763e-4977-92d5-88c9c3b823c5}, from path: C:\ProgramData\Package Cache\{6c5fe9be-763e-4977-92d5-88c9c3b823c5}\
[3160:3648][2021-09-08T23:28:07]i371: Updating session, registration key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6c5fe9be-763e-4977-92d5-88c9c3b823c5}, resume: None, restart initiated: No, disable resume: No
[3258:2D00][2021-09-08T23:28:07]i399: Apply complete, result: 0x80070643, restart: None, ba requested restart: No0902878278

 

Can you help me this case?

9 Replies
Any chance you ran the deployment by clicking inside the zip without extracting it to a folder first?
Thanks for your reply.
i ran without extracting the zip file but no luck.

i found some error in MsiPackage.log file:

2021-09-09 11:11:27.9363 Info RunDeployerMajorDeploymentAction ApplyInternal finished [isSuccessful=False]
2021-09-09 11:11:27.9363 Debug InstallActionGroup Revert started
2021-09-09 11:11:27.9363 Warn InstallActionGroup Revert reverting [rollbackAction=UnpackDeploymentPackageBytesAction index=0 count=3]
2021-09-09 11:11:27.9363 Debug UnpackDeploymentPackageBytesAction Revert started
2021-09-09 11:11:27.9831 Debug UnpackDeploymentPackageBytesAction Revert finished
2021-09-09 11:11:27.9831 Warn InstallActionGroup Revert reverting [rollbackAction=DownloadMinorDeploymentPackageBytesAction index=1 count=3]
2021-09-09 11:11:27.9831 Debug DownloadMinorDeploymentPackageBytesAction Revert started
2021-09-09 11:11:27.9831 Debug DownloadMinorDeploymentPackageBytesAction Revert finished
2021-09-09 11:11:27.9831 Warn InstallActionGroup Revert reverting [rollbackAction=CreateDirectoryDeploymentAction index=2 count=3]
2021-09-09 11:11:27.9831 Debug CreateDirectoryDeploymentAction Revert started
2021-09-09 11:11:27.9831 Debug CreateDirectoryDeploymentAction Revert finished
2021-09-09 11:11:27.9831 Debug InstallActionGroup Revert finished
2021-09-09 11:11:28.0300 Error DeploymentAction Failed to apply InstallActionGroup
Microsoft.Tri.Infrastructure.ExtendedException: Apply failed [Type=RunDeployerMajorDeploymentAction]

No, I mean that you SHOULD extract the files first into a folder, and then run it from the extracted folder.
Thanks for your information.
I have extracted the files into a folder and have ran it but the same problem.
Make sure you are using the latest package from the portal.
Also, try to run the deployment elevated in case there was hardening that is blocking something.

if the issue is the same, please open a support ticket and attach all the deployment logs files from this attempts when running from an extracted folder ,with latest version.
getting the same problem with error 1708 and 1709 installing onto a 2016 server hosted in azure.
If you tried the above, I suggest opening a ticket as well to be able to share more diagnostics info...
yeah I think we will have to.
the service had stopped and was unable to start before so attempted an uninstall - reinstall and seem to be hitting the same errors and logging errors as above
We support Ukraine and condemn war. Push Russian government to act against war. Be brave, vocal and show your support to Ukraine. Follow the latest news HERE