Showing results for 
Search instead for 
Did you mean: 

fcag appears to be corrupting file writes by WiseScript Package Editor scripts

McAfee/Wise details are shown below.

This is affecting about a dozen scripts that I know of, will report a specific instance here (the breakage of concern at the moment)

MakeCIAEnvs.exe (compiled Wise Script) writes another Wise script file.

MakeCIAEnvs scans a directory that has 80 or 90 files, and writes 5 lines of text for each file found, appending to a text file written to the c:\temp directory. The file isn't created via Wise create-a-temp-file function (Wise doesn't know about the file or try to remove it automatically at the end of the script execution.) I have no control over file opening/file closing, each line is written by 1 write by the WiseScript Insert Line into Text File function.

So; there should be text-blocks for each of the 80 or 90 files:

item: Set Variable




But if I run MakeCIAEnvs 5 times in a row, I'll get 5 different results, each of which is corrupted to a different degree, essentially incomplete for the section of code written as above. 10 or 20 or 33 or 57 or ... of the code blocks are simply missing. Sometimes in the middle of a code block.

If I run MakeCIAEnvs on a PC that is nearly identically imaged but has had all McAfee removed (I have no way to turn it off), the program works consistently and perfectly during every run.

So; when I run Procmon during the run on my packaging/production PC, I see fcag.exe all over the text file I'm TRYING to write to.

If I take MakeCIAEnvs (or any of the other compiled Wise scripts that are having their results similary corrupted) to an otherwise identically imaged PC that has had all McAfee removed (I have no way to disable it temporarily), program runs are reliable and consistent and work every time, with identical inputs. We aren't running any other security software.

Please advise.


Wise Installation Studio 7.0



System Information 

Computer Name: ***********


McAfee Host Intrusion Prevention 

Version number: 8.0

Build date: Sunday, December 15, 2013

Build Number:

License Type: Licensed

Expiration Date 

Language: Automatic

Security Content Version:

Security Content Created On: Wednesday, July 08, 2015

Patch: 4



McAfee Agent 

Version number:


Last security update check: 7/23/2015 8:18:14 AM

Last agent-to-server communication: 7/23/2015 8:57:39 AM

Agent to Server Communication Interval (every): 4 hours

Policy Enforcement Interval (every): 16 minutes

Agent ID: {30A48FC2-E146-4BC1-818E-4B6B0CB1C75A}

ePO Server/Agent Handler 

DNS Name:

IP Address:

Port Number: 3443


IP Address:

Port Number: 3443

DNS Name:

IP Address:

Port Number: 3443



McAfee ePO Deep Command Discovery Plugin 

Version number:

Language: Multiple



McAfee DLP Endpoint 

Version number: 9.3.425.4

Language: English (United States)



McAfee File and Removable Media Protection 

Version number:

Language: Multiple



McAfee VirusScan Enterprise + AntiSpyware Enterprise 

Version number: 8.8.0 (

Build date: 1/16/2014


Anti-virus License Type: licensed


Scan engine version (32-bit): 5700.7163


Scan engine version (64-bit): 5700.7163


DAT version: 7870.0000

DAT Created on: 7/22/2015


Number of Signatures in extra.dat: 0

Name of threats that extra.dat can detect: None 

Buffer Overflow and Access Protection DAT version: 659


Installed Patches: 4


Installed Modules: 



Copyright © 1995-2013 McAfee, Inc. 

All Rights Reserved. 

1 Reply
Level 21
Report Inappropriate Content
Message 2 of 2

Re: fcag appears to be corrupting file writes by WiseScript Package Editor scripts

Moved provisionally to ePO for faster support.