From e1015090c1d864853e5ee3dbda61f7a8a09b2deb Mon Sep 17 00:00:00 2001
From: Jose Luis Carreras Marin <jose.carreras@wazuh.com>
Date: Tue, 17 Dec 2024 11:49:57 +0100
Subject: [PATCH] add: files related to package generation, deprecating vbs
 into ps1 scripts

---
 packages/installers/win32/InstallerScript.ps1 | 244 ++++++
 packages/installers/win32/RemoveAllScript.ps1 |  82 ++
 packages/installers/win32/upgrade.bat         |  18 +
 packages/installers/win32/wazuh_installer.wxs | 733 ++++++++++++++++++
 4 files changed, 1077 insertions(+)
 create mode 100644 packages/installers/win32/InstallerScript.ps1
 create mode 100644 packages/installers/win32/RemoveAllScript.ps1

diff --git a/packages/installers/win32/InstallerScript.ps1 b/packages/installers/win32/InstallerScript.ps1
new file mode 100644
index 0000000000..030796dbae
--- /dev/null
+++ b/packages/installers/win32/InstallerScript.ps1
@@ -0,0 +1,244 @@
+# Script for configuration Windows agent.
+# Copyright (C) 2015, Wazuh Inc. <support@wazuh.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301  USA
+#
+# ------------------------------------------------
+
+function Get-UniqueArrayValues {
+    param (
+        [array]$Array
+    )
+
+    $hashSet = @{}
+    foreach ($item in $Array) {
+        $hashSet[$item] = $null
+    }
+
+    return $hashSet.Keys
+}
+
+function Config {
+    param (
+        [string]$CustomActionData
+    )
+
+    $ForReading = 1
+    $ForWriting = 2
+
+    # Parse custom parameters
+    $args = $CustomActionData -split "/\+/"
+    $homeDir = $args[0].Trim('"')
+    $OS_VERSION = $args[1].Trim('"')
+    $WAZUH_MANAGER = $args[2].Trim('"')
+    $WAZUH_MANAGER_PORT = $args[3].Trim('"')
+    $WAZUH_PROTOCOL = $args[4].Trim('"')
+    $NOTIFY_TIME = $args[5].Trim('"')
+    $WAZUH_REGISTRATION_SERVER = $args[6].Trim('"')
+    $WAZUH_REGISTRATION_PORT = $args[7].Trim('"')
+    $WAZUH_REGISTRATION_PASSWORD = $args[8].Trim('"')
+    $WAZUH_KEEP_ALIVE_INTERVAL = $args[9].Trim('"')
+    $WAZUH_TIME_RECONNECT = $args[10].Trim('"')
+    $WAZUH_REGISTRATION_CA = $args[11].Trim('"')
+    $WAZUH_REGISTRATION_CERTIFICATE = $args[12].Trim('"')
+    $WAZUH_REGISTRATION_KEY = $args[13].Trim('"')
+    $WAZUH_AGENT_NAME = $args[14].Trim('"')
+    $WAZUH_AGENT_GROUP = $args[15].Trim('"')
+    $ENROLLMENT_DELAY = $args[16].Trim('"')
+
+    # Create client.keys if it doesn't exist
+    if (!(Test-Path -Path "$homeDir\client.keys")) {
+        New-Item -ItemType File -Path "$homeDir\client.keys" | Out-Null
+    }
+
+    if (Test-Path -Path "$homeDir\ossec.conf") {
+        # Read the ossec.conf file
+        $strText = Get-Content -Path "$homeDir\ossec.conf" -Raw
+
+        # Update ossec.conf based on custom parameters
+        if ($WAZUH_MANAGER -or $WAZUH_MANAGER_PORT -or $WAZUH_PROTOCOL -or $WAZUH_KEEP_ALIVE_INTERVAL -or $WAZUH_TIME_RECONNECT) {
+            $protocolList = if ($WAZUH_PROTOCOL -and $WAZUH_PROTOCOL -match ",") {
+                $WAZUH_PROTOCOL.ToLower().Split(",")
+            } else {
+                @($WAZUH_PROTOCOL.ToLower())
+            }
+
+            if ($WAZUH_MANAGER) {
+                # Update server configuration
+                $ipList = if ($WAZUH_MANAGER -match ",") {
+                    $WAZUH_MANAGER.Split(",")
+                } else {
+                    @($WAZUH_MANAGER)
+                }
+
+                $formattedList = "`n"
+                for ($i = 0; $i -lt $ipList.Count; $i++) {
+                    if ($ipList[$i]) {
+                        $protocol = if ($i -lt $protocolList.Count -and $protocolList[$i]) {
+                            $protocolList[$i].ToLower()
+                        } else {
+                            "tcp"
+                        }
+                        $formattedList += "    <server>`n"
+                        $formattedList += "      <address>$($ipList[$i])</address>`n"
+                        $formattedList += "      <port>1514</port>`n"
+                        $formattedList += "      <protocol>$protocol</protocol>`n"
+                        $formattedList += if ($i -eq $ipList.Count - 1) {
+                            "    </server>"
+                        } else {
+                            "    </server>`n"
+                        }
+                    }
+                }
+                $strText = $strText -replace "\s+<server>(.|\n)+?</server>", $formattedList
+            }
+
+            if ($WAZUH_MANAGER_PORT) {
+                $strText = $strText -replace "<port>1514</port>", "<port>$WAZUH_MANAGER_PORT</port>"
+            }
+
+            if ($WAZUH_KEEP_ALIVE_INTERVAL) {
+                $strText = $strText -replace "<notify_time>.*</notify_time>", "<notify_time>$WAZUH_KEEP_ALIVE_INTERVAL</notify_time>"
+            }
+
+            if ($WAZUH_TIME_RECONNECT) {
+                $strText = $strText -replace "<time-reconnect>.*</time-reconnect>", "<time-reconnect>$WAZUH_TIME_RECONNECT</time-reconnect>"
+            }
+        }
+
+        # Handle enrollment configuration
+        if ($WAZUH_REGISTRATION_SERVER -or $WAZUH_REGISTRATION_PORT -or $WAZUH_REGISTRATION_PASSWORD -or $WAZUH_REGISTRATION_CA -or $WAZUH_REGISTRATION_CERTIFICATE -or $WAZUH_REGISTRATION_KEY -or $WAZUH_AGENT_NAME -or $WAZUH_AGENT_GROUP -or $ENROLLMENT_DELAY) {
+            $enrollmentList = @"
+    <enrollment>
+      <enabled>yes</enabled>
+    </enrollment>
+  </client>
+"@
+            $strText = $strText.Replace("  </client>", $enrollmentList)
+
+            if ($WAZUH_REGISTRATION_SERVER) {
+                $strText = $strText.Replace("    </enrollment>", "      <manager_address>$WAZUH_REGISTRATION_SERVER</manager_address>`n    </enrollment>")
+            }
+
+            if ($WAZUH_REGISTRATION_PORT) {
+                $strText = $strText.Replace("    </enrollment>", "      <port>$WAZUH_REGISTRATION_PORT</port>`n    </enrollment>")
+            }
+
+            if ($WAZUH_REGISTRATION_PASSWORD) {
+                Set-Content -Path "$homeDir\authd.pass" -Value $WAZUH_REGISTRATION_PASSWORD
+                $strText = $strText.Replace("    </enrollment>", "      <authorization_pass_path>authd.pass</authorization_pass_path>`n    </enrollment>")
+            }
+
+            if ($WAZUH_REGISTRATION_CA) {
+                $strText = $strText.Replace("    </enrollment>", "      <server_ca_path>$WAZUH_REGISTRATION_CA</server_ca_path>`n    </enrollment>")
+            }
+
+            if ($WAZUH_REGISTRATION_CERTIFICATE) {
+                $strText = $strText.Replace("    </enrollment>", "      <agent_certificate_path>$WAZUH_REGISTRATION_CERTIFICATE</agent_certificate_path>`n    </enrollment>")
+            }
+
+            if ($WAZUH_REGISTRATION_KEY) {
+                $strText = $strText.Replace("    </enrollment>", "      <agent_key_path>$WAZUH_REGISTRATION_KEY</agent_key_path>`n    </enrollment>")
+            }
+
+            if ($WAZUH_AGENT_NAME) {
+                $strText = $strText.Replace("    </enrollment>", "      <agent_name>$WAZUH_AGENT_NAME</agent_name>`n    </enrollment>")
+            }
+
+            if ($WAZUH_AGENT_GROUP) {
+                $strText = $strText.Replace("    </enrollment>", "      <groups>$WAZUH_AGENT_GROUP</groups>`n    </enrollment>")
+            }
+
+            if ($ENROLLMENT_DELAY) {
+                $strText = $strText.Replace("    </enrollment>", "      <delay_after_enrollment>$ENROLLMENT_DELAY</delay_after_enrollment>`n    </enrollment>")
+            }
+        }
+
+        # Write the updated ossec.conf
+        Set-Content -Path "$homeDir\ossec.conf" -Value $strText
+    }
+
+    Set-WazuhPermissions
+
+    return 0
+}
+
+function Get-Version {
+    $osVersion = (Get-CimInstance -ClassName Win32_OperatingSystem).Version
+    return $osVersion.Split('.')[0]
+}
+
+function Check-SvcRunning {
+    $serviceNames = @("OssecSvc", "WazuhSvc")
+    foreach ($serviceName in $serviceNames) {
+        $service = Get-CimInstance -ClassName Win32_Service | Where-Object { $_.Name -eq $serviceName }
+        if ($service) {
+            $state = $service.State
+            if ($serviceName -eq "OssecSvc") {
+                $env:OSSECRUNNING = $state
+            } elseif ($serviceName -eq "WazuhSvc") {
+                $env:WAZUHRUNNING = $state
+            }
+        }
+    }
+    return 0
+}
+
+function Kill-GUITask {
+    Stop-Process -Name "win32ui" -Force -ErrorAction SilentlyContinue
+    return 0
+}
+
+function Start-WazuhSvc {
+    Start-Service -Name "WazuhSvc"
+    return 0
+}
+
+function Set-WazuhPermissions {
+    param (
+        [string]$CustomActionData
+    )
+
+    $args = $CustomActionData -split "/\+/"
+    $homeDir = $args[0].Trim('"')
+
+    if ([int](Get-Version) -ge 6) {
+        $installDir = $homeDir.TrimEnd('\')
+
+        icacls "$installDir" /reset /t
+        icacls "$installDir" /inheritancelevel:r /q
+        icacls "$installDir" /grant *S-1-5-32-544:(OI)(CI)F
+        icacls "$installDir" /grant *S-1-5-18:(OI)(CI)F
+        icacls "$installDir\*" /grant *S-1-5-11:(OI)(CI)RX
+        icacls "$installDir\*" /grant *S-1-5-11:RX
+        icacls "$installDir" /grant *S-1-5-11:RX
+
+        icacls "$homeDir*ossec.conf" /remove *S-1-5-11 /q
+        icacls "$homeDir\client.keys" /remove *S-1-5-11 /q
+        icacls "$homeDir\tmp" /remove:g *S-1-5-11 /q
+    }
+    return 0
+}
+
+function Create-DumpRegistryKey {
+    $regPath = "HKLM:\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps\wazuh-agent.exe"
+    if (-not (Test-Path -Path $regPath)) {
+        New-Item -Path $regPath -Force | Out-Null
+    }
+
+    Set-ItemProperty -Path $regPath -Name "DumpFolder" -Value "%LOCALAPPDATA%\WazuhCrashDumps"
+    Set-ItemProperty -Path $regPath -Name "DumpType" -Value 2
+    return 0
+}
diff --git a/packages/installers/win32/RemoveAllScript.ps1 b/packages/installers/win32/RemoveAllScript.ps1
new file mode 100644
index 0000000000..7a4b5afabc
--- /dev/null
+++ b/packages/installers/win32/RemoveAllScript.ps1
@@ -0,0 +1,82 @@
+# Script for configuration Windows agent.
+# Copyright (C) 2015, Wazuh Inc. <support@wazuh.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301  USA
+#
+# ------------------------------------------------
+
+
+# This function is called only when uninstalling the product.
+# Remove everything, but a few specified items.
+
+function Remove-All {
+    param (
+        [string]$CustomActionData
+    )
+
+    # Retrieve the parameters
+    $args = $CustomActionData -split ","
+    $homeDir = $args[0].Trim('"') # APPLICATIONFOLDER
+
+    # Check and delete specific files
+    $filesToDelete = @(
+        "ossec.conf.save", "client.keys.save",
+        "local_internal_options.conf.save", "installer.log.save"
+    )
+    $filesToRename = @(
+        "ossec.conf", "client.keys",
+        "local_internal_options.conf", "installer.log"
+    )
+
+    foreach ($file in $filesToDelete) {
+        $filePath = Join-Path $homeDir $file
+        if (Test-Path $filePath) {
+            Remove-Item -Path $filePath -Force
+        }
+    }
+
+    foreach ($file in $filesToRename) {
+        $filePath = Join-Path $homeDir $file
+        $newFilePath = Join-Path $homeDir "$file.save"
+        if (Test-Path $filePath) {
+            Rename-Item -Path $filePath -NewName "$file.save" -Force
+        }
+    }
+
+    # Delete all other files and folders except specified
+    if (Test-Path $homeDir) {
+        $filesToKeep = @(
+            "ossec.conf.save", "client.keys.save",
+            "local_internal_options.conf.save", "installer.log.save"
+        )
+        $subfoldersToKeep = @("backup", "upgrade")
+
+        # Delete files
+        Get-ChildItem -Path $homeDir -File | ForEach-Object {
+            if ($filesToKeep -notcontains $_.Name) {
+                Remove-Item -Path $_.FullName -Force -ErrorAction SilentlyContinue
+            }
+        }
+
+        # Delete subfolders
+        Get-ChildItem -Path $homeDir -Directory | ForEach-Object {
+            if ($subfoldersToKeep -notcontains $_.Name) {
+                Remove-Item -Path $_.FullName -Recurse -Force -ErrorAction SilentlyContinue
+            }
+        }
+    }
+
+    return 0
+}
diff --git a/packages/installers/win32/upgrade.bat b/packages/installers/win32/upgrade.bat
index e69de29bb2..63df2a40ce 100644
--- a/packages/installers/win32/upgrade.bat
+++ b/packages/installers/win32/upgrade.bat
@@ -0,0 +1,18 @@
+@ECHO off
+
+IF "%1"=="B" GOTO background
+
+COPY upgrade\upgrade.bat . > NUL
+COPY upgrade\do_upgrade.ps1 . > NUL
+COPY upgrade\wazuh-agent*.msi . > NUL
+
+START /B upgrade.bat B
+GOTO end
+
+:background
+SLEEP 5 2> NUL || ping -n 5 127.0.0.1 > NUL
+powershell -NoProfile -ExecutionPolicy Bypass -Command "& {Start-Process powershell '-File \".\do_upgrade.ps1\"'}"
+
+DEL upgrade.bat
+
+:end
diff --git a/packages/installers/win32/wazuh_installer.wxs b/packages/installers/win32/wazuh_installer.wxs
index e69de29bb2..0885e1e185 100644
--- a/packages/installers/win32/wazuh_installer.wxs
+++ b/packages/installers/win32/wazuh_installer.wxs
@@ -0,0 +1,733 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi" xmlns:util="http://schemas.microsoft.com/wix/UtilExtension">
+    <Product Id="*" Name="Wazuh Agent" Language="1033" Version="4.10.2" Manufacturer="Wazuh, Inc." UpgradeCode="F495AC57-7BDE-4C4B-92D8-DBE40A9AA5A0">
+        <Package Description="Wazuh helps you to gain security visibility into your infrastructure by monitoring hosts at an operating system and application level. It provides the following capabilities: log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring" Comments="wazuh-agent" InstallerVersion="200" Compressed="yes" />
+        <Media Id="1" Cabinet="simple.cab" EmbedCab="yes" CompressionLevel="high" />
+
+        <!-- Disable Restart Manager -->
+        <Property Id="MSIRESTARTMANAGERCONTROL" Value="Disable"/>
+        <!-- Default configuration values -->
+        <Property Id="WAZUH_MANAGER" Secure="yes"/>
+        <Property Id="WAZUH_MANAGER_PORT" Secure="yes"/>
+        <Property Id="WAZUH_PROTOCOL" Secure="yes"/>
+        <Property Id="WAZUH_REGISTRATION_SERVER" Secure="yes"/>
+        <Property Id="WAZUH_REGISTRATION_PORT" Secure="yes"/>
+        <Property Id="WAZUH_REGISTRATION_PASSWORD" Secure="yes"/>
+        <Property Id="WAZUH_KEEP_ALIVE_INTERVAL" Secure="yes"/>
+        <Property Id="WAZUH_TIME_RECONNECT" Secure="yes"/>
+        <Property Id="WAZUH_REGISTRATION_CA" Secure="yes"/>
+        <Property Id="WAZUH_REGISTRATION_CERTIFICATE" Secure="yes"/>
+        <Property Id="WAZUH_REGISTRATION_KEY" Secure="yes"/>
+        <Property Id="WAZUH_AGENT_NAME" Secure="yes"/>
+        <Property Id="WAZUH_AGENT_GROUP" Secure="yes"/>
+        <!-- Deprecated options -->
+        <Property Id="ADDRESS" Secure="yes"/>
+        <Property Id="GROUP" Secure="yes"/>
+        <Property Id="SERVER_PORT" Secure="yes"/>
+        <Property Id="NOTIFY_TIME" Secure="yes"/>
+        <Property Id="TIME_RECONNECT" Secure="yes"/>
+        <Property Id="AUTHD_SERVER" Secure="yes"/>
+        <Property Id="AUTHD_PORT" Secure="yes"/>
+        <Property Id="PROTOCOL" Secure="yes"/>
+        <Property Id="PASSWORD" Secure="yes"/>
+        <Property Id="CERTIFICATE" Secure="yes"/>
+        <Property Id="PEM" Secure="yes"/>
+        <Property Id="KEY" Secure="yes"/>
+        <Property Id="AGENT_NAME" Secure="yes"/>
+
+        <Property Id="OS_VERSION" Secure="yes"/>
+
+        <Property Id="MsiLogging" Value="v" />
+        <Icon Id="icon.ico" SourceFile="ui\favicon.ico" />
+        <Property Id="ARPPRODUCTICON" Value="icon.ico" />
+        <Property Id="WixAppFolder" Value="WixPerMachineFolder" />
+        <WixVariable Id="WixUISupportPerUser" Value="0" />
+        <Property Id="ALLUSERS" Value="1" />
+        <WixVariable Id="WixUILicenseRtf" Value="license.rtf" />
+        <WixVariable Id="WixUIBannerBmp" Value="ui\bannrbmp.jpg" />
+        <WixVariable Id="WixUIDialogBmp" Value="ui\dlgbmp.jpg" />
+        <Property Id="WIXUI_EXITDIALOGOPTIONALCHECKBOXTEXT" Value="Run Agent configuration interface" />
+        <Property Id="GENERATE_DUMP" Value="1" />
+        <Property Id="DEFAULT_GENERATE_DUMP" Value="1" />
+        <Property Id="ARPNOMODIFY" Value="yes" />
+        <Property Id="ARPNOREPAIR" Value="yes" />
+        <Property Id="ApplicationFolderName" Value="ossec-agent" />
+        <Property Id="MAJORVERSION" Value="0">
+            <RegistrySearch Id="CurrentMajorVersion" Root="HKLM" Key="SOFTWARE\Microsoft\Windows NT\CurrentVersion" Type="raw" Name="CurrentMajorVersionNumber" />
+        </Property>
+        <Property Id="BUILDVERSION" Value="0">
+            <RegistrySearch Id="BuildVersion" Root="HKLM" Key="SOFTWARE\Microsoft\Windows NT\CurrentVersion" Type="raw" Name="CurrentBuild" />
+        </Property>
+
+        <Binary Id="InstallerScripts" SourceFile="InstallerScripts.vbs" />
+
+        <Property Id="APPLICATIONFOLDER">
+            <RegistrySearch Id="WazuhInstallDirProperty" Type="raw" Root="HKLM" Key="Software\[Manufacturer]\[ProductName]" Name="WazuhInstallDir" />
+        </Property>
+
+        <Property Id="WixShellExecTarget" Value="[APPLICATIONFOLDER]win32ui.exe" />
+        <CustomAction Id="LaunchUI" BinaryKey="WixCA" DllEntry="WixShellExec" Impersonate="yes" />
+        <CustomAction Id="GenerateDumpAction" BinaryKey="WixCA" DllEntry="WixShellExec" Impersonate="yes" />
+
+        <Property Id="OSSECINSTALLED">
+            <RegistrySearch Id="OssecInstalled" Type="raw" Root="HKLM" Key="System\CurrentControlSet\Services\OssecSvc" Name="DisplayName" />
+        </Property>
+
+        <Property Id="WAZUHINSTALLED">
+            <RegistrySearch Id="WazuhInstalled" Type="raw" Root="HKLM" Key="System\CurrentControlSet\Services\WazuhSvc" Name="DisplayName" />
+        </Property>
+
+        <CustomAction Id="LaunchApplication" BinaryKey="WixCA" DllEntry="WixQuietExec"/>
+
+        <!-- This script will remove all of the files and folders from the root folder on uninstall, *except* some files indicated in RemoveAllScript.vbs. -->
+        <!-- Especially, "ossec.conf" and "client.keys" will be kept, and a couple of other files too. -->
+        <Binary Id="RemoveAllScript" SourceFile="RemoveAllScript.vbs" />
+
+        <CustomAction Id="SetOSVersion0" Property="OS_VERSION" Value="xp"/>
+        <CustomAction Id="SetOSVersion1" Property="OS_VERSION" Value="2003"/>
+        <CustomAction Id="SetOSVersion2" Property="OS_VERSION" Value="Vista"/>
+        <CustomAction Id="SetOSVersion3" Property="OS_VERSION" Value="2008"/>
+        <CustomAction Id="SetOSVersion4" Property="OS_VERSION" Value="7"/>
+        <CustomAction Id="SetOSVersion5" Property="OS_VERSION" Value="2008R2"/>
+        <CustomAction Id="SetOSVersion6" Property="OS_VERSION" Value="8"/>
+        <CustomAction Id="SetOSVersion7" Property="OS_VERSION" Value="2012"/>
+        <CustomAction Id="SetOSVersion8" Property="OS_VERSION" Value="8.1"/>
+        <CustomAction Id="SetOSVersion9" Property="OS_VERSION" Value="2012R2"/>
+        <CustomAction Id="SetOSVersion10" Property="OS_VERSION" Value="10"/>
+        <CustomAction Id="SetOSVersion11" Property="OS_VERSION" Value="2016"/>
+        <CustomAction Id="SetOSVersion12" Property="OS_VERSION" Value="2019"/>
+
+        <CustomAction Id="SetWazuhManager" Property="WAZUH_MANAGER" Value="&quot;[ADDRESS]&quot;" />
+        <CustomAction Id="SetWazuhManagerPort" Property="WAZUH_MANAGER_PORT" Value="&quot;[SERVER_PORT]&quot;" />
+        <CustomAction Id="SetWazuhManagerProtocol" Property="WAZUH_PROTOCOL" Value="&quot;[PROTOCOL]&quot;" />
+        <CustomAction Id="SetRegistrationServer" Property="WAZUH_REGISTRATION_SERVER" Value="&quot;[AUTHD_SERVER]&quot;" />
+        <CustomAction Id="SetRegistrationPort" Property="WAZUH_REGISTRATION_PORT" Value="&quot;[AUTHD_PORT]&quot;" />
+        <CustomAction Id="SetRegistrationPassword" Property="WAZUH_REGISTRATION_PASSWORD" Value="&quot;[PASSWORD]&quot;" />
+        <CustomAction Id="SetWazuhKeepAlive" Property="WAZUH_KEEP_ALIVE_INTERVAL" Value="&quot;[NOTIFY_TIME]&quot;" />
+        <CustomAction Id="SetWazuhTimeReconnect" Property="WAZUH_TIME_RECONNECT" Value="&quot;[TIME_RECONNECT]&quot;" />
+        <CustomAction Id="SetRegistrationCA" Property="WAZUH_REGISTRATION_CA" Value="&quot;[CERTIFICATE]&quot;" />
+        <CustomAction Id="SetRegistrationCertificate" Property="WAZUH_REGISTRATION_CERTIFICATE" Value="&quot;[PEM]&quot;" />
+        <CustomAction Id="SetRegistrationKet" Property="WAZUH_REGISTRATION_KEY" Value="&quot;[KEY]&quot;" />
+        <CustomAction Id="SetAgentName" Property="WAZUH_AGENT_NAME" Value="&quot;[AGENT_NAME]&quot;" />
+        <CustomAction Id="SetAgentGroup" Property="WAZUH_AGENT_GROUP" Value="&quot;[GROUP]&quot;" />
+        <CustomAction Id="SetRemoveAllDataValue" Return="check" Property="CustomAction_RemoveAllScript" Value="&quot;[APPLICATIONFOLDER]&quot;" />
+        <CustomAction Id="CustomAction_RemoveAllScript" BinaryKey="RemoveAllScript" VBScriptCall="removeAll" Return="check" Execute="commit" Impersonate="no"/>
+
+        <CustomAction Id="CheckSvcRunning" BinaryKey="InstallerScripts" VBScriptCall="CheckSvcRunning" Return="check" Execute="immediate" Impersonate="no"/>
+
+        <CustomAction Id="SetCustomActionDataValue" Return="check" Property="CustomAction_InstallerScripts" Value="&quot;[APPLICATIONFOLDER]&quot;/+/&quot;[OS_VERSION]&quot;/+/&quot;[WAZUH_MANAGER]&quot;/+/&quot;[WAZUH_MANAGER_PORT]&quot;/+/&quot;[WAZUH_PROTOCOL]&quot;/+/&quot;[NOTIFY_TIME]&quot;/+/&quot;[WAZUH_REGISTRATION_SERVER]&quot;/+/&quot;[WAZUH_REGISTRATION_PORT]&quot;/+/&quot;[WAZUH_REGISTRATION_PASSWORD]&quot;/+/&quot;[WAZUH_KEEP_ALIVE_INTERVAL]&quot;/+/&quot;[WAZUH_TIME_RECONNECT]&quot;/+/&quot;[WAZUH_REGISTRATION_CA]&quot;/+/&quot;[WAZUH_REGISTRATION_CERTIFICATE]&quot;/+/&quot;[WAZUH_REGISTRATION_KEY]&quot;/+/&quot;[WAZUH_AGENT_NAME]&quot;/+/&quot;[WAZUH_AGENT_GROUP]&quot;/+/&quot;[ENROLLMENT_DELAY]&quot;" />
+        <CustomAction Id="SetCustomActionDataForSetWazuhPermissions" Return="check" Property="SetWazuhPermissions" Value="&quot;[APPLICATIONFOLDER]&quot;" />
+        <CustomAction Id="CustomAction_InstallerScripts" BinaryKey="InstallerScripts" VBScriptCall="config" Return="check" Execute="commit" Impersonate="no"/>
+        <CustomAction Id="SetWazuhPermissions" BinaryKey="InstallerScripts" VBScriptCall="SetWazuhPermissions" Return="check" Execute="commit" Impersonate="no"/>
+
+        <!-- Explicitely stopping and deleting the OSSEC service to install new Wazuh service -->
+        <CustomAction Id="StopOssecService" Directory="APPLICATIONFOLDER" ExeCommand="NET STOP OssecSvc" Execute="deferred" Impersonate="no" Return="ignore" />
+        <CustomAction Id="DeleteOssecService" Directory="APPLICATIONFOLDER" ExeCommand="SC DELETE OssecSvc" Execute="deferred" Impersonate="no" Return="ignore" />
+        <CustomAction Id="StartWazuhSvc" BinaryKey="InstallerScripts" VBScriptCall="StartWazuhSvc" Return="check" Execute="deferred" Impersonate="no"/>
+
+        <!-- Close the Wazuh agent GUI -->
+        <CustomAction Id="CloseGUI" BinaryKey="InstallerScripts" VBScriptCall="KillGUITask" Return="check" Execute="deferred" Impersonate="no"/>
+
+        <CustomAction Id="CreateDumpRegistryKey" BinaryKey="InstallerScripts" VBScriptCall="CreateDumpRegistryKey" Return="check" Execute="deferred" Impersonate="yes" />
+        <UI>
+            <UIRef Id="WixUI_Advanced" />
+            <Publish Dialog="InstallDirDlg" Control="Next" Event="NewDialog" Value="CustomCheckDialog" Order="4"><![CDATA[WIXUI_DONTVALIDATEPATH OR WIXUI_INSTALLDIR_VALID="1"]]></Publish>
+            <Publish Dialog="VerifyReadyDlg" Control="Back" Event="NewDialog" Value="CustomCheckDialog" />
+            <Publish Dialog="ExitDialog" Control="Finish" Event="DoAction" Value="LaunchUI">WIXUI_EXITDIALOGOPTIONALCHECKBOX = 1 and NOT Installed</Publish>
+            <Publish Dialog="CustomCheckDialog" Control="Next" Event="NewDialog" Value="VerifyReadyDlg" />
+            <Publish Dialog="CustomCheckDialog" Control="Back" Event="NewDialog" Value="InstallDirDlg" />
+        </UI>
+        <InstallExecuteSequence>
+            <!-- Set OS VERSION -->
+            <Custom Action="SetOSVersion0" Before="SetCustomActionDataValue">( VersionNT = 501 OR VersionNT64 = 501 )</Custom>
+            <Custom Action="SetOSVersion1" Before="SetCustomActionDataValue">( VersionNT = 502 OR VersionNT64 = 502 )</Custom>
+            <Custom Action="SetOSVersion2" Before="SetCustomActionDataValue">( VersionNT = 600 OR VersionNT64 = 600 ) AND  MsiNTProductType = 1</Custom>
+            <Custom Action="SetOSVersion3" Before="SetCustomActionDataValue">( VersionNT = 600 OR VersionNT64 = 600 ) AND  MsiNTProductType &gt; 1</Custom>
+            <Custom Action="SetOSVersion4" Before="SetCustomActionDataValue">( VersionNT = 601 OR VersionNT64 = 601 ) AND  MsiNTProductType = 1</Custom>
+            <Custom Action="SetOSVersion5" Before="SetCustomActionDataValue">( VersionNT = 601 OR VersionNT64 = 601 ) AND  MsiNTProductType &gt; 1</Custom>
+            <Custom Action="SetOSVersion6" Before="SetCustomActionDataValue">( VersionNT = 602 OR VersionNT64 = 602 ) AND  MsiNTProductType = 1</Custom>
+            <Custom Action="SetOSVersion7" Before="SetCustomActionDataValue">( VersionNT = 602 OR VersionNT64 = 602 ) AND  MsiNTProductType &gt; 1</Custom>
+            <Custom Action="SetOSVersion8" Before="SetCustomActionDataValue">( VersionNT = 603 OR VersionNT64 = 603 ) AND MAJORVERSION &lt;&gt; "#10" AND  MsiNTProductType = 1</Custom>
+            <Custom Action="SetOSVersion9" Before="SetCustomActionDataValue">( VersionNT = 603 OR VersionNT64 = 603 ) AND MAJORVERSION &lt;&gt; "#10" AND  MsiNTProductType &gt; 1</Custom>
+            <Custom Action="SetOSVersion10" Before="SetCustomActionDataValue">MAJORVERSION = "#10" AND MsiNTProductType = 1</Custom>
+            <Custom Action="SetOSVersion11" Before="SetCustomActionDataValue">BUILDVERSION = "14393" AND MsiNTProductType &gt; 1</Custom>
+            <Custom Action="SetOSVersion12" Before="SetCustomActionDataValue">BUILDVERSION = "17763" AND MsiNTProductType &gt; 1</Custom>
+
+            <!-- Close the GUI -->
+            <Custom Action="CloseGUI" Before="InstallFinalize"></Custom>
+
+            <!-- Set deployment values -->
+            <Custom Action="SetWazuhManager" Before="SetCustomActionDataValue">ADDRESS &lt;&gt; "" AND WAZUH_MANAGER = ""</Custom>
+            <Custom Action="SetWazuhManagerPort" Before="SetCustomActionDataValue">SERVER_PORT &lt;&gt; "" AND WAZUH_MANAGER_PORT = ""</Custom>
+            <Custom Action="SetWazuhManagerProtocol" Before="SetCustomActionDataValue">PROTOCOL &lt;&gt; "" AND WAZUH_PROTOCOL = ""</Custom>
+            <Custom Action="SetRegistrationServer" Before="SetCustomActionDataValue">AUTHD_SERVER &lt;&gt; "" AND WAZUH_REGISTRATION_SERVER = ""</Custom>
+            <Custom Action="SetRegistrationPort" Before="SetCustomActionDataValue">AUTHD_PORT &lt;&gt; "" AND WAZUH_REGISTRATION_PORT = ""</Custom>
+            <Custom Action="SetRegistrationPassword" Before="SetCustomActionDataValue">PASSWORD &lt;&gt; "" AND WAZUH_REGISTRATION_PASSWORD = ""</Custom>
+            <Custom Action="SetWazuhKeepAlive" Before="SetCustomActionDataValue">NOTIFY_TIME &lt;&gt; "" AND WAZUH_KEEP_ALIVE_INTERVAL = ""</Custom>
+            <Custom Action="SetWazuhTimeReconnect" Before="SetCustomActionDataValue">TIME_RECONNECT &lt;&gt; "" AND WAZUH_TIME_RECONNECT = ""</Custom>
+            <Custom Action="SetRegistrationCA" Before="SetCustomActionDataValue">CERTIFICATE &lt;&gt; "" AND WAZUH_REGISTRATION_CA = ""</Custom>
+            <Custom Action="SetRegistrationCertificate" Before="SetCustomActionDataValue">PEM &lt;&gt; "" AND WAZUH_REGISTRATION_CERTIFICATE = ""</Custom>
+            <Custom Action="SetRegistrationKet" Before="SetCustomActionDataValue">KEY &lt;&gt; "" AND WAZUH_REGISTRATION_KEY = ""</Custom>
+            <Custom Action="SetAgentName" Before="SetCustomActionDataValue">AGENT_NAME &lt;&gt; "" AND WAZUH_AGENT_NAME = ""</Custom>
+            <Custom Action="SetAgentGroup" Before="SetCustomActionDataValue">GROUP &lt;&gt; "" AND WAZUH_AGENT_GROUP = ""</Custom>
+
+            <!-- Delete OSSEC service if it exist -->
+            <Custom Action="CheckSvcRunning" Before="AppSearch"></Custom>
+            <Custom Action="StopOssecService" After="InstallInitialize">OSSECINSTALLED</Custom>
+            <Custom Action="DeleteOssecService" After="StopOssecService">OSSECINSTALLED</Custom>
+
+            <!-- Install functions -->
+            <Custom Action="SetCustomActionDataValue" After="InstallInitialize">(NOT WIX_UPGRADE_DETECTED) AND (NOT PATCH) AND (NOT Installed)</Custom>
+            <Custom Action="CustomAction_InstallerScripts" After="SetCustomActionDataValue">(NOT WIX_UPGRADE_DETECTED) AND (NOT PATCH) AND (NOT Installed)</Custom>
+
+            <!-- Set Wazuh permissions on upgrade -->
+            <Custom Action="SetCustomActionDataForSetWazuhPermissions" After="InstallInitialize">(WIX_UPGRADE_DETECTED) OR (PATCH)</Custom>
+            <Custom Action="SetWazuhPermissions" After="SetCustomActionDataForSetWazuhPermissions">(WIX_UPGRADE_DETECTED) OR (PATCH)</Custom>
+
+            <!-- Start services if necessary -->
+            <Custom Action="StartWazuhSvc" After="InstallServices">((WIX_UPGRADE_DETECTED) OR (PATCH)) AND ((OSSECRUNNING = "Running") OR (WAZUHRUNNING = "Running"))</Custom>
+
+            <!-- Stop the service as soon as possible on uninstall, and only on uninstall, in order to unlock the files and folders that must be deleted. -->
+			<Custom Action="SetRemoveAllDataValue" Before="InstallFinalize">(NOT UPGRADINGPRODUCTCODE) AND (REMOVE="ALL")</Custom>
+ 		    <Custom Action="CustomAction_RemoveAllScript" After="SetRemoveAllDataValue">(NOT UPGRADINGPRODUCTCODE) AND (REMOVE="ALL")</Custom>
+
+
+            <Custom Action="CreateDumpRegistryKey" Before="InstallFinalize">GENERATE_DUMP = "1" AND DEFAULT_GENERATE_DUMP = "1"</Custom>
+        </InstallExecuteSequence>
+
+        <Directory Id="TARGETDIR" Name="SourceDir">
+            <Directory Id="ProgramFilesFolder" Name="PFiles">
+                <Directory Id="APPLICATIONFOLDER" Name="ossec-agent">
+                    <Component Id="REGISTRY_INSTALL_DIR" Guid="63E18998-4DBB-4C34-A1AD-09AA809A1C15" KeyPath="yes">
+                        <RegistryValue Root="HKLM" Key="SOFTWARE\[Manufacturer]\[ProductName]" Id="WazuhInstallDirProperty" Name="WazuhInstallDir" Type="string" Value="[APPLICATIONFOLDER]" />
+                    </Component>
+                    <Component Id="AGENT_AUTH.EXE" DiskId="1" Guid="F99FEE7C-A021-4D43-9119-98A8D72EAB65">
+                        <File Id="AGENT_AUTH.EXE" Name="agent-auth.exe" Source="agent-auth.exe" />
+                        <File Id="AGENT_AUTH.EXE.MANIFEST" Name="agent-auth.exe.manifest" Source="agent-auth.exe.manifest" />
+                    </Component>
+                    <Component Id="LIBWAZUHEXT_DLL" DiskId="1" Guid="31F7B5FA-9678-427B-9536-88AAA897A82A">
+                        <File Id="LIBWAZUHEXT_DLL" Name="libwazuhext.dll" Source="..\libwazuhext.dll" />
+                    </Component>
+                    <Component Id="LIBWAZUHSHARED_DLL" DiskId="1" Guid="A40D7FB4-8D7B-440E-B7CB-1D8CB1E277E6">
+                        <File Id="LIBWAZUHSHARED_DLL" Name="libwazuhshared.dll" Source="..\libwazuhshared.dll" />
+                    </Component>
+                    <Component Id="DBSYNC_DLL" DiskId="1" Guid="E6DD27ED-1579-4369-B83D-FD618894B56C">
+                        <File Id="DBSYNC_DLL" Name="dbsync.dll" Source="..\shared_modules\dbsync\build\bin\dbsync.dll" />
+                    </Component>
+                    <Component Id="RSYNC_DLL" DiskId="1" Guid="9F23B2D8-609D-43F6-BB90-7C81A5DF5A67">
+                        <File Id="RSYNC_DLL" Name="rsync.dll" Source="..\shared_modules\rsync\build\bin\rsync.dll" />
+                    </Component>
+                    <Component Id="SYSINFO_DLL" DiskId="1" Guid="1D244B64-E1C3-4BED-A4CF-9C25E3B3BA0F">
+                        <File Id="SYSINFO_DLL" Name="sysinfo.dll" Source="..\data_provider\build\bin\sysinfo.dll" />
+                    </Component>
+                    <Component Id="SYSCOLLECTOR_DLL" DiskId="1" Guid="7CE63D8B-C959-43CC-A7B6-4226414EBADB">
+                        <File Id="SYSCOLLECTOR_DLL" Name="syscollector.dll" Source="..\wazuh_modules\syscollector\build\bin\syscollector.dll" />
+                    </Component>
+                    <Component Id="FIMDB_DLL" DiskId="1" Guid="15806BCA-876E-41D7-A82E-623EEEC63C3A">
+                        <File Id="FIMDB_DLL" Name="libfimdb.dll" Source="..\syscheckd\build\bin\libfimdb.dll" />
+                    </Component>
+
+                    <!-- Mark this file as permanent, so it is not deleted on uninstall. -->
+                    <Component Id="LOCAL_INTERNAL_OPTIONS.CONF" DiskId="1" Guid="10245598-2EE7-4EDB-A114-5398F01A21F9" NeverOverwrite="yes" Permanent="yes">
+                        <File Id="LOCAL_INTERNAL_OPTIONS.CONF" Name="local_internal_options.conf" Source="default-local_internal_options.conf" KeyPath="yes" />
+                    </Component>
+                    <Component Id="OSSEC.CONF" DiskId="1" Guid="26C3265E-EFC8-488D-8D19-397A0C44C071" NeverOverwrite="yes" Permanent="yes">
+                        <File Id="OSSEC.CONF" Name="ossec.conf" Source="default-ossec.conf" KeyPath="yes">
+                            <util:PermissionEx User="Everyone" GenericRead="yes" GenericWrite="yes" />
+                        </File>
+                    </Component>
+                    <Component Id="INTERNAL_OPTIONS.CONF" DiskId="1" Guid="D2F2A5B9-1A98-4BB8-8AC4-D948CA97DD0E">
+                        <File Id="INTERNAL_OPTIONS.CONF" Name="internal_options.conf" Source="internal_options.conf"/>
+                    </Component>
+                    <Component Id="LICENSE.TXT" DiskId="1" Guid="556F08A0-D372-4BB5-BC44-73CE45957084">
+                        <File Id="LICENSE.TXT" Name="LICENSE.txt" Source="LICENSE.txt" />
+                    </Component>
+                    <Component Id="LIBWINPTHREAD_1.DLL" DiskId="1" Guid="C15C5883-00FB-41D7-B9E6-53C8BC30761F">
+                        <File Id="LIBWINPTHREAD_1.DLL" Name="libwinpthread-1.dll" Source="libwinpthread-1.dll" />
+                    </Component>
+                    <Component Id="LIBGCC_S_DW2_1.DLL" DiskId="1" Guid="EB7C893F-E5C8-4038-8FBA-EF33F8B72CB6">
+                        <File Id="LIBGCC_S_DW2_1.DLL" Name="libgcc_s_dw2-1.dll" Source="libgcc_s_dw2-1.dll" />
+                    </Component>
+                    <Component Id="LIBSTDCPP_6.DLL" DiskId="1" Guid="23EDBF99-6824-4128-8571-D77967B2980E">
+                        <File Id="LIBSTDCPP_6.DLL" Name="libstdc++-6.dll" Source="libstdc++-6.dll" />
+                    </Component>
+                    <Component Id="MANAGE_AGENTS.EXE" DiskId="1" Guid="C15C5883-00FB-41D7-B7E6-53C8BC30761F">
+                        <File Id="MANAGE_AGENTS.EXE" Name="manage_agents.exe" Source="manage_agents.exe" />
+                    </Component>
+                    <Component Id="WAZUH_AGENT_EVENTCHANNEL.EXE" DiskId="1" Guid="044E7997-12B6-4178-BD00-B90500DBA53F">
+                        <File Id="WAZUH_AGENT_EVENTCHANNEL.EXE" Name="wazuh-agent.exe" Source="wazuh-agent-eventchannel.exe" />
+                        <ServiceInstall Name="WazuhSvc" Type="ownProcess" Start="auto" ErrorControl="normal" Description="Wazuh Windows Agent" DisplayName="Wazuh" Id="svc_install_eventchannel" />
+                        <ServiceControl Id="svc_uninstall_eventchannel" Name="WazuhSvc" Remove="uninstall" Stop="both" Wait="yes" />
+                        <Condition>VersionNT &gt;= 600</Condition>
+                    </Component>
+                    <Component Id="WAZUH_AGENT.EXE" DiskId="1" Guid="5CCEA6DC-8434-4137-9486-55AE3949266B">
+                        <File Id="WAZUH_AGENT.EXE" Name="wazuh-agent.exe" Source="wazuh-agent.exe" />
+                        <ServiceInstall Name="WazuhSvc" Type="ownProcess" Start="auto" ErrorControl="normal" Description="Wazuh Windows Agent" DisplayName="Wazuh" Id="svc_install" />
+                        <ServiceControl Id="ServiceControl" Name="WazuhSvc" Stop="both" Remove="uninstall" Wait="yes" />
+                        <Condition>VersionNT &lt; 600</Condition>
+                    </Component>
+                    <Component Id="VISTA_SEC.TXT" DiskId="1" Guid="20EF5801-369B-4EC2-87A2-59DCE56308D9">
+                        <File Id="VISTA_SEC.TXT" Name="vista_sec.txt" Source="vista_sec.txt" />
+                    </Component>
+                    <Component Id="WIN32UI.EXE" DiskId="1" Guid="E7ACBC6F-D8A0-410B-B8D2-2AD9F5152BA0">
+                        <File Id="WIN32UI.EXE" Name="win32ui.exe" Source="os_win32ui.exe"/>
+                        <File Id="WIN32UI.EXE.MANIFEST" Name="win32ui.exe.manifest" Source="win32ui.exe.manifest" />
+                    </Component>
+                    <Component Id="REMOVE_OLD_NSIS" Guid="3536239B-022D-4A9B-A7F8-2F64132115ED">
+                        <RemoveRegistryKey Action="removeOnInstall" Key="SOFTWARE\ossec" Root="HKLM" />
+                        <RemoveRegistryKey Action="removeOnInstall" Key="Software\Microsoft\Windows\CurrentVersion\Uninstall\OSSEC" Root="HKLM" />
+                        <RemoveFile Id="NSIS_UNINSTALL_EXE" Name="uninstall.exe" On="install" />
+                        <RemoveFile Id="NSIS_OSSEC_LUA_EXE" Name="ossec-lua.exe" On="install" />
+                        <RemoveFile Id="NSIS_OSSEC_LUAC_EXE" Name="ossec-luac.exe" On="install" />
+                        <RemoveFile Id="NSIS_ROOTCHECK_EXE" Name="ossec-rootcheck.exe" On="install" />
+                        <RemoveFile Id="NSIS_SETUP_IIS_EXE" Name="setup-iis.exe" On="install" />
+                        <RemoveFile Id="NSIS_SYSCHECK_EXE" Name="setup-syscheck.exe" On="install" />
+                        <RemoveFile Id="NSIS_SETUP_WINDOWS_EXE" Name="setup-windows.exe" On="install" />
+                        <RemoveFile Id="NSIS_FAVICON_ICO" Name="favicon.ico" On="install" />
+                        <RemoveFile Id="NSIS_DOC_HTML" Name="doc.html" On="install" />
+                        <RemoveFile Id="NSIS_WIN32UI_EXE" Name="win32ui.exe" On="install" />
+                        <RemoveFile Id="NSIS_AGENT_AUTH_EXE" Name="agent-auth.exe" On="install" />
+                        <RemoveFile Id="NSIS_LIBWINPTHREAD_1_DLL" Name="libwinpthread-1.dll" On="install" />
+                        <RemoveFile Id="NSIS_LIBGCC_S_SJLJ_1.DLL" Name="libgcc_s_sjlj-1.dll" On="install" />
+                        <RemoveFile Id="NSIS_LIBGCC_S_DW2_1.DLL" Name="libgcc_s_dw2-1.dll" On="install" />
+                        <RemoveFile Id="NSIS_LIBSTDCPP_6.DLL" Name="libstdc++-6.dll" On="install" />
+                        <RemoveFile Id="NSIS_MANAGE_AGENTS_EXE" Name="manage_agents.exe" On="install" />
+                        <RemoveFile Id="NSIS_OSSEC_AGENT_EXE" Name="ossec-agent.exe" On="install" />
+                        <RemoveFile Id="NSIS_OSSEC_AGENT_STATE" Name="ossec-agent.state" On="install" />
+                        <RemoveFile Id="NSIS_WAZUH_AGENT_EXE" Name="wazuh-agent.exe" On="install" />
+                        <RemoveFile Id="NSIS_WAZUH_AGENT_STATE" Name="wazuh-agent.state" On="install" />
+                        <RemoveFile Id="NSIS_VERSION_TXT" Name="VERSION.txt" On="install" />
+                        <RemoveFile Id="NSIS_HELP_TXT" Name="help.txt" On="install" />
+                    </Component>
+                    <Component DiskId="1" Guid="21A074CB-3BFB-45D2-A0EC-D59293950DD9" Id="HELP_WIN.TXT">
+                        <File Id="HELP_WIN.TXT" Name="help.txt" Source="help_win.txt" />
+                    </Component>
+                    <Component Id="VERSION" DiskId="1" Guid="8DC3D417-5663-4E53-9D8F-2CFA08A2627C">
+                        <File Id="VERSION" Name="VERSION" Source="VERSION" />
+                    </Component>
+                    <Component Id="REVISION" DiskId="1" Guid="89440258-B50F-4926-8068-D1444E31F8E0">
+                        <File Id="REVISION" Name="REVISION" Source="REVISION" />
+                    </Component>
+                    <Component Id="WPK_ROOT.PEM" DiskId="1" Guid="EABF8773-57B9-4CD8-A862-87B0E060DBF8">
+                        <File Id="WPK_ROOT.PEM" Name="wpk_root.pem" Source="..\..\etc\wpk_root.pem" />
+                    </Component>
+                    <Component Id="WXP_CONF_LOCALFILE" DiskId="1" Guid="F2258AB6-A976-4333-A957-3CD0662C82D2">
+                        <File Id="WXP_LOCALFILE.TEMPLATE" Name="localfile-events-xp.template" Source="..\..\etc\templates\config\windows\xp\localfile-events.template"/>
+                        <Condition>( VersionNT = 501 OR VersionNT64 = 501 )</Condition>
+                    </Component>
+                    <Component Id="WXP_CONF_PROFILE" DiskId="1" Guid="31F19F56-4549-4D80-924E-ED2F7B0CA74E">
+                        <File Id="WXP_PROFILE.TEMPLATE" Name="profile-xp.template" Source="..\..\etc\templates\config\windows\xp\profile.template"/>
+                        <Condition>( VersionNT = 501 OR VersionNT64 = 501 )</Condition>
+                    </Component>
+                    <Component Id="WXP_CONF_SYSCHECK" DiskId="1" Guid="EFE11D65-FF03-41B8-B4FE-82BDC522F0E9">
+                        <File Id="WXP_SYSCHECK.TEMPLATE" Name="syscheck-xp.template" Source="..\..\etc\templates\config\windows\xp\syscheck.template"/>
+                        <Condition>( VersionNT = 501 OR VersionNT64 = 501 )</Condition>
+                    </Component>
+                    <Component Id="W2003_CONF_LOCALFILE" DiskId="1" Guid="D0CCDE58-2593-48FF-85CC-E681B78DCEFE">
+                        <File Id="W2003_LOCALFILE.TEMPLATE" Name="localfile-events-2003.template" Source="..\..\etc\templates\config\windows\2003\localfile-events.template"/>
+                        <Condition>( VersionNT = 502 OR VersionNT64 = 502 )</Condition>
+                    </Component>
+                    <Component Id="W2003_CONF_PROFILE" DiskId="1" Guid="5F70333D-BA3F-4722-BE78-3FF67FE216F9">
+                        <File Id="W2003_PROFILE.TEMPLATE" Name="profile-2003.template" Source="..\..\etc\templates\config\windows\2003\profile.template"/>
+                        <Condition>( VersionNT = 502 OR VersionNT64 = 502 )</Condition>
+                    </Component>
+                    <Component Id="W2003_CONF_SYSCHECK" DiskId="1" Guid="B89F2D95-F0FA-4B51-B680-42F430F2EB82">
+                        <File Id="W2003_SYSCHECK.TEMPLATE" Name="syscheck-2003.template" Source="..\..\etc\templates\config\windows\2003\syscheck.template"/>
+                        <Condition>( VersionNT = 502 OR VersionNT64 = 502 )</Condition>
+                    </Component>
+                    <Component Id="WVISTA_CONF_PROFILE" DiskId="1" Guid="06CBBBCB-0D20-4EEA-9E5A-854A9A34DEFE">
+                        <File Id="WVISTA_LOCALFILE.TEMPLATE" Name="profile-Vista.template" Source="..\..\etc\templates\config\windows\Vista\profile.template"/>
+                        <Condition>( VersionNT = 600 OR VersionNT64 = 600 ) AND  MsiNTProductType = 1</Condition>
+                    </Component>
+                    <Component Id="W2008_CONF_PROFILE" DiskId="1" Guid="89BC9CB1-065E-4808-8B8F-70C22F500B4A">
+                        <File Id="W2008_LOCALFILE.TEMPLATE" Name="profile-2008.template" Source="..\..\etc\templates\config\windows\2008\profile.template"/>
+                        <Condition>( VersionNT = 600 OR VersionNT64 = 600 ) AND  MsiNTProductType &gt; 1</Condition>
+                    </Component>
+                    <Component Id="W7_CONF_PROFILE" DiskId="1" Guid="6D58D297-5AAD-4B44-BBE0-D8691998267A">
+                        <File Id="W7_LOCALFILE.TEMPLATE" Name="profile-7.template" Source="..\..\etc\templates\config\windows\7\profile.template"/>
+                        <Condition>( VersionNT = 601 OR VersionNT64 = 601 ) AND  MsiNTProductType = 1</Condition>
+                    </Component>
+                    <Component Id="W2008R2_CONF_PROFILE" DiskId="1" Guid="6EF6AD1F-B740-48E4-BDFD-7B396E2CB3E0">
+                        <File Id="W2008R2_LOCALFILE.TEMPLATE" Name="profile-2008R2.template" Source="..\..\etc\templates\config\windows\2008R2\profile.template"/>
+                        <Condition>( VersionNT = 601 OR VersionNT64 = 601 ) AND  MsiNTProductType &gt; 1</Condition>
+                    </Component>
+                    <Component Id="W8_CONF_PROFILE" DiskId="1" Guid="A23E9242-A5CC-4171-8A25-791AB93D8DE0">
+                        <File Id="W8_LOCALFILE.TEMPLATE" Name="profile-8.template" Source="..\..\etc\templates\config\windows\8\profile.template"/>
+                        <Condition>( VersionNT = 602 OR VersionNT64 = 602 ) AND  MsiNTProductType = 1</Condition>
+                    </Component>
+                    <Component Id="W2012_CONF_PROFILE" DiskId="1" Guid="757D2306-1821-462F-B4CC-1ED947FC8AA2">
+                        <File Id="W2012_LOCALFILE.TEMPLATE" Name="profile-2012.template" Source="..\..\etc\templates\config\windows\2012\profile.template"/>
+                        <Condition>VersionNT64 = 602 AND MsiNTProductType &gt; 1</Condition>
+                    </Component>
+                    <Component Id="W8.1_CONF_PROFILE" DiskId="1" Guid="AF637857-14A3-437E-9D23-CDFB4453CFA8">
+                        <File Id="W8.1_LOCALFILE.TEMPLATE" Name="profile-8.1.template" Source="..\..\etc\templates\config\windows\8.1\profile.template"/>
+                        <Condition>( VersionNT = 603 OR VersionNT64 = 603) AND MAJORVERSION &lt;&gt; "#10" AND  MsiNTProductType = 1</Condition>
+                    </Component>
+                    <Component Id="W2012R2_CONF_PROFILE" DiskId="1" Guid="D1E8FBD0-3382-43E4-81FD-EE168402DF94">
+                        <File Id="W2012R2_LOCALFILE.TEMPLATE" Name="profile-2012R2.template" Source="..\..\etc\templates\config\windows\2012R2\profile.template"/>
+                        <Condition>VersionNT64 = 603 AND MAJORVERSION &lt;&gt; "#10" AND MsiNTProductType &gt; 1</Condition>
+                    </Component>
+                    <Component Id="W10_CONF_PROFILE" DiskId="1" Guid="5FD334C9-8EA1-4575-826C-C18804A2BEA7">
+                        <File Id="W10_LOCALFILE.TEMPLATE" Name="profile-10.template" Source="..\..\etc\templates\config\windows\10\profile.template"/>
+                        <Condition>MAJORVERSION = "#10" AND MsiNTProductType = 1</Condition>
+                    </Component>
+                    <Component Id="W2016_CONF_PROFILE" DiskId="1" Guid="CDE13E2B-04F7-435A-9CDB-894FA55F932E">
+                        <File Id="W2016_LOCALFILE.TEMPLATE" Name="profile-2016.template" Source="..\..\etc\templates\config\windows\2016\profile.template"/>
+                        <Condition>BUILDVERSION = "14393" AND MsiNTProductType &gt; 1</Condition>
+                    </Component>
+                    <Component Id="W2019_CONF_PROFILE" DiskId="1" Guid="7D21C1E6-7307-43C8-9EA8-47202379DF37">
+                        <File Id="W2019_LOCALFILE.TEMPLATE" Name="profile-2019.template" Source="..\..\etc\templates\config\windows\2019\profile.template"/>
+                        <Condition>BUILDVERSION = "17763" AND MsiNTProductType &gt; 1</Condition>
+                    </Component>
+                    <Directory Id="ACTIVE_RESPONSE" Name="active-response">
+                        <Directory Id="BIN" Name="bin">
+                            <Component Id="RESTART_WAZUH.EXE" DiskId="1" Guid="5A405DD9-F4FF-4313-B242-A28DE03611CA">
+                                <File Id="RESTART_WAZUH.EXE" Name="restart-wazuh.exe" Source="restart-wazuh.exe" />
+                            </Component>
+                            <Component Id="ROUTE_NULL.EXE" DiskId="1" Guid="249F3287-B69D-46F0-9EB8-3FED24998E07">
+                                <File Id="ROUTE_NULL.EXE" Name="route-null.exe" Source="route-null.exe" />
+                            </Component>
+                            <Component Id="NETSH.EXE" DiskId="1" Guid="292E9082-56BE-4258-9224-7F36A59CA433">
+                                <File Id="NETSH.EXE" Name="netsh.exe" Source="netsh.exe" />
+                            </Component>
+                            <Component Id="REMOVE_OLD_AR" Guid="E1915364-2E49-4B74-8DF9-5D6CC3B27DF0">
+                                <RemoveFile Id="AR_RESTART_OSSEC_CMD" Name="restart-ossec.cmd" On="install" />
+                                <RemoveFile Id="AR_ROUTE_NULL_CMD" Name="route-null.cmd" On="install" />
+                                <RemoveFile Id="AR_ROUTE_NULL_2012_CMD" Name="route-null-2012.cmd" On="install" />
+                                <RemoveFile Id="AR_NETSH_CMD" Name="netsh.cmd" On="install" />
+                                <RemoveFile Id="AR_NETSH_WIN_2016_CMD" Name="netsh-win-2016.cmd" On="install" />
+                            </Component>
+                        </Directory>
+                        <Component Id="ACTIVE_RESPONSES.LOG" DiskId="1" Guid="249F3287-B69D-46F0-8888-3FED24998E07">
+                            <File Id="ACTIVE_RESPONSES.LOG" Name="active-responses.log" Source="active-responses.log" />
+                        </Component>
+                    </Directory>
+                    <Directory Id="SHARED" Name="shared">
+                        <Component Id="ROOTKIT_FILES.TXT" DiskId="1" Guid="FE45C8B7-CD37-4E13-B6CA-5838771DF2C2">
+                            <File Id="ROOTKIT_FILES.TXT" Name="rootkit_files.txt" Source="..\..\ruleset\rootcheck\db\rootkit_files.txt" />
+                        </Component>
+                        <Component Id="ROOTKIT_TROJANS.TXT" DiskId="1" Guid="6A2D5202-A610-4E00-B6E3-41FA24EA8B88">
+                            <File Id="ROOTKIT_TROJANS.TXT" Name="rootkit_trojans.txt" Source="..\..\ruleset\rootcheck\db\rootkit_trojans.txt" />
+                        </Component>
+                        <Component Id="WIN_APPLICATIONS_RCL.TXT" DiskId="1" Guid="833B42BC-7BEF-4801-A91D-737774F05800">
+                            <File Id="WIN_APPLICATIONS_RCL.TXT" Name="win_applications_rcl.txt" Source="..\..\ruleset\rootcheck\db\win_applications_rcl.txt" />
+                        </Component>
+                        <Component Id="WIN_AUDIT_RCL.TXT" DiskId="1" Guid="DB5DA081-B508-43CF-B83B-97649697636D">
+                            <File Id="WIN_AUDIT_RCL.TXT" Name="win_audit_rcl.txt" Source="..\..\ruleset\rootcheck\db\win_audit_rcl.txt" />
+                        </Component>
+                        <Component Id="WIN_MALWARE_RCL.TXT" DiskId="1" Guid="8FFA7C93-43A4-4946-B3B6-2255D8BFEA11">
+                            <File Id="WIN_MALWARE_RCL.TXT" Name="win_malware_rcl.txt" Source="..\..\ruleset\rootcheck\db\win_malware_rcl.txt" />
+                        </Component>
+                    </Directory>
+                    <Directory Id="RULESET" Name="ruleset">
+                        <Directory Id="SECURITY_CONFIGURATION_ASSESSMENT" Name="sca">
+                            <Component Id="REMOVE_OLD_POLICIES" Guid="1007B392-F0CF-401E-B670-6EFAD5A374BA">
+                                <RemoveFile Id="remove_policies" Name="*" On="install"/>
+                            </Component>
+                            <Component Id="SCA_WIN10" DiskId="1" Guid="A6B0FCA6-522F-4129-95B7-0FF9EB2EA907">
+                                <File Id="SCA_WIN10" Name="cis_win10_enterprise.yml" Source="..\..\ruleset\sca\windows\cis_win10_enterprise.yml" />
+                                <Condition>MAJORVERSION = "#10" AND BUILDVERSION &lt; 22000 AND MsiNTProductType = 1</Condition>
+                            </Component>
+                            <Component Id="SCA_WIN11" DiskId="1" Guid="7F67E0E7-C28B-4468-A799-F0B2959FE458">
+                                <File Id="SCA_WIN11" Name="cis_win11_enterprise.yml" Source="..\..\ruleset\sca\windows\cis_win11_enterprise.yml" />
+                                <Condition>MAJORVERSION = "#10" AND BUILDVERSION &gt; 21999 AND MsiNTProductType = 1</Condition>
+                            </Component>
+                            <Component Id="SCA_WIN2012R2" DiskId="1" Guid="6C7B21C9-2B01-4A6B-BAC5-782382D10FBB">
+                                <File Id="SCA_WIN2012R2" Name="cis_win2012r2.yml" Source="..\..\ruleset\sca\windows\cis_win2012r2.yml" />
+                                <Condition>VersionNT64 = 603 AND MAJORVERSION &lt;&gt; "#10" AND MsiNTProductType &gt; 1</Condition>
+                            </Component>
+                            <Component Id="SCA_WIN2012NONR2" DiskId="1" Guid="4da001e3-6c60-4180-8002-58a5e6400e1c">
+                                <File Id="SCA_WIN2012NONR2" Name="cis_win2012_non_r2.yml" Source="..\..\ruleset\sca\windows\cis_win2012_non_r2.yml" />
+                                <Condition>VersionNT64 = 603 AND MAJORVERSION = 6 AND BUILDVERSION = 9200 AND MsiNTProductType &gt; 1</Condition>
+                            </Component>
+                            <Component Id="SCA_WIN2016" DiskId="1" Guid="4EA82D11-D36B-4153-A6A7-8B5374296601">
+                                <File Id="SCA_WIN2016" Name="cis_win2016.yml" Source="..\..\ruleset\sca\windows\cis_win2016.yml" />
+                                <Condition>BUILDVERSION = "14393" AND MsiNTProductType &gt; 1</Condition>
+                            </Component>
+                            <Component Id="SCA_WIN2019" DiskId="1" Guid="217F0183-FB18-4FBF-BF98-0FCE7B59C706">
+                                <File Id="SCA_WIN2019" Name="cis_win2019.yml" Source="..\..\ruleset\sca\windows\cis_win2019.yml" />
+                                <Condition>BUILDVERSION = "17763" AND MsiNTProductType &gt; 1</Condition>
+                            </Component>
+                            <Component Id="SCA_WIN2022" DiskId="1" Guid="795CC5E6-C27A-47B5-945A-8026470F1B0D">
+                                <File Id="SCA_WIN2022" Name="cis_win2022.yml" Source="..\..\ruleset\sca\windows\cis_win2022.yml" />
+                                <Condition>BUILDVERSION &gt; 20000 AND MsiNTProductType &gt; 1</Condition>
+                            </Component>
+                        </Directory>
+                    </Directory>
+                    <Directory Id="TMP" Name="tmp" />
+                    <Directory Id="QUEUE" Name="queue">
+                        <Directory Id="DIFF" Name="diff" />
+                        <Directory Id="FIM" Name="fim">
+                            <Directory Id="FIM_DB" Name="db" />
+                        </Directory>
+                        <Directory Id="SYSCOLLECTOR" Name="syscollector">
+                            <Component Id="SYSCOLLECTOR_NORM_CONFIG" DiskId="1" Guid="40284747-C50C-4905-9A72-6236276E192E">
+                                <File Id="SYSCOLLECTOR_NORM_CONFIG" Name="norm_config.json" Source="..\wazuh_modules\syscollector\norm_config.json" />
+                            </Component>
+                            <Directory Id="SYSCOLLECTOR_DB" Name="db" />
+                        </Directory>
+                        <Directory Id="LOGCOLLECTOR" Name="logcollector" />
+                    </Directory>
+                    <Directory Id="BOOKMARKS" Name="bookmarks" />
+                    <Directory Id="LOGS" Name="logs" />
+                    <Directory Id="WODLES" Name="wodles" />
+                    <Directory Id="RIDS" Name="rids" />
+                    <Directory Id="SYSCHECK" Name="syscheck" />
+                    <Directory Id="INCOMING" Name="incoming" />
+                    <Directory Id="UPGRADE" Name="upgrade" />
+                </Directory>
+            </Directory>
+            <Directory Id="ProgramMenuFolder">
+                <Directory Id="ProgramMenuDir" Name="OSSEC">
+                    <Component Id="StartMenuShortcuts" Guid="6C151D64-A90E-48A0-853C-FDEE0BD628C5">
+                        <RemoveFolder Id="ProgramMenuDir" On="uninstall" />
+                        <RegistryValue Root="HKCU" Key="Software\[Manufacturer]\[ProductName]" Type="string" Value="[Version]" />
+                        <Shortcut Id="EDIT_CONF" Name="Edit conf" Target="[APPLICATIONFOLDER]ossec.conf" WorkingDirectory="APPLICATIONFOLDER" />
+                        <Shortcut Id="UninstallProduct" Name="Uninstall" Description="Uninstalls the application" Target="[System64Folder]msiexec.exe" Arguments="/x [ProductCode]" />
+                        <Shortcut Id="RUN_WIN32UI" Name="Manage Agent" Target="[APPLICATIONFOLDER]win32ui.exe" WorkingDirectory="APPLICATIONFOLDER" />
+                        <util:InternetShortcut Id="WebsiteShortcut" Name="Documentation" Target="https://documentation.wazuh.com" xmlns:util="http://schemas.microsoft.com/wix/UtilExtension" />
+                    </Component>
+                </Directory>
+            </Directory>
+        </Directory>
+        <DirectoryRef Id="ACTIVE_RESPONSE">
+            <Component Id="CMP_ACTIVE_RESPONSE" Guid="EC4352C1-4240-4E6A-9A5E-E31F22702705" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="TMP">
+            <Component Id="CMP_TMP" Guid="EC4352C1-4110-4E6A-9A5E-E31F22702705" KeyPath="yes">
+                <CreateFolder />
+                <RemoveFolder Id="purgue_tmp_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="QUEUE">
+            <Component Id="CMP_QUEUE" Guid="1CA9BF16-F0B2-4E91-BA09-023518E50624" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_queue" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_queue_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="DIFF">
+            <Component Id="CMP_DIFF" Guid="AF666E2C-5C12-4355-9BB7-8FA9463ACDF2" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_diff" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_diff_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="FIM">
+            <Component Id="CMP_FIM" Guid="C53FE6BC-FAD0-4C0D-9CA6-0025A9987F15" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_fim" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_fim_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="FIM_DB">
+            <Component Id="CMP_FIM_DB" Guid="CEB64639-8DD1-43D3-BC03-4EDC5C9E4E46" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_fim_db" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_fim_db_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="SYSCOLLECTOR">
+            <Component Id="CMP_SYSCOLLECTOR" Guid="7349FCE4-D0BF-4D63-86A0-84FCAFD071B8" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_syscollector" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_syscollector_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="SYSCOLLECTOR_DB">
+            <Component Id="CMP_SYSCOLLECTOR_DB" Guid="A32AB5A9-0545-4262-B651-6F732CA57E5A" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_syscollector_db" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_syscollector_db_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="LOGCOLLECTOR">
+            <Component Id="CMP_LOGCOLLECTOR" Guid="88bdd977-56aa-4d15-9c6a-45eb86fdd12f" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_logcollector" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_logcollector_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="RULESET">
+            <Component Id="CMP_RULESET" Guid="0380073e-eeb0-4e82-99bd-a108949900dd" KeyPath="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_ruleset" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_ruleset_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="SECURITY_CONFIGURATION_ASSESSMENT">
+            <Component Id="CMP_SECURITY_CONFIGURATION_ASSESSMENT" Guid="e99089df-d143-4911-bfe4-c10a469bc0d8" KeyPath="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_configuration_assessment" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_configuration_assessment_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="BOOKMARKS">
+            <Component Id="CMP_BOOKMARKS" Guid="1A441B10-7735-4507-9DB7-6158CA5D7687" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_bookmarks" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_bookmarks_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="LOGS">
+            <Component Id="CMP_LOGS" Guid="17C9F68D-D1E6-4452-8C3E-992F6D7F0CF1" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_logs" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_logs_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="WODLES">
+            <Component Id="CMP_WODLES" Guid="A6811CB8-C2E2-4A1A-A2E5-DCE8221828C6" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_wodles" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_wodles_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="RIDS">
+            <Component Id="CMP_RIDS" Guid="2052A162-F044-4432-BF50-F89BCD0BC5D1" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_rids" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_rids_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="SYSCHECK">
+            <Component Id="CMP_SYSCHECK" Guid="F6841291-B9C5-4B74-82ED-CB9031C85C31" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_syscheck" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_syscheck_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="INCOMING">
+            <Component Id="CMP_INCOMING" Guid="A06D1C2D-CBD4-4DEB-B00C-598A99B7E712" KeyPath="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_incoming" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_incoming_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="UPGRADE">
+            <Component Id="CMP_UPGRADE" Guid="9FB42D24-217F-4E13-9598-01B62040F768" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_upgrade" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_upgrade_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <DirectoryRef Id="SHARED">
+            <Component Id="CMP_SHARED" Guid="9FB42D24-222F-4E13-9598-01B62040F768" KeyPath="yes" NeverOverwrite="yes" Permanent="yes">
+                <CreateFolder />
+                <RemoveFile Id="purgue_shared" Name="*.*" On="uninstall" />
+                <RemoveFolder Id="purgue_shared_dir" On="uninstall" />
+            </Component>
+        </DirectoryRef>
+        <Feature Id="MainFeature" Title="Wazuh Agent" Description="Install the Wazuh Agent program files" ConfigurableDirectory="APPLICATIONFOLDER" InstallDefault="local" TypicalDefault="install" AllowAdvertise="no" Absent="disallow">
+            <ComponentRef Id="REGISTRY_INSTALL_DIR" />
+            <ComponentRef Id="AGENT_AUTH.EXE" />
+            <ComponentRef Id="SYSCOLLECTOR_NORM_CONFIG" />
+            <ComponentRef Id="SYSCOLLECTOR_DLL" />
+            <ComponentRef Id="FIMDB_DLL" />
+            <ComponentRef Id="LIBWAZUHEXT_DLL" />
+            <ComponentRef Id="LIBWAZUHSHARED_DLL" />
+            <ComponentRef Id="RSYNC_DLL" />
+            <ComponentRef Id="DBSYNC_DLL" />
+            <ComponentRef Id="SYSINFO_DLL" />
+            <ComponentRef Id="LOCAL_INTERNAL_OPTIONS.CONF" />
+            <ComponentRef Id="OSSEC.CONF" />
+            <ComponentRef Id="INTERNAL_OPTIONS.CONF" />
+            <ComponentRef Id="LICENSE.TXT" />
+            <ComponentRef Id="LIBWINPTHREAD_1.DLL" />
+            <ComponentRef Id="LIBGCC_S_DW2_1.DLL" />
+            <ComponentRef Id="LIBSTDCPP_6.DLL" />
+            <ComponentRef Id="MANAGE_AGENTS.EXE" />
+            <ComponentRef Id="WAZUH_AGENT_EVENTCHANNEL.EXE" />
+            <ComponentRef Id="WAZUH_AGENT.EXE" />
+            <ComponentRef Id="VISTA_SEC.TXT" />
+            <ComponentRef Id="RESTART_WAZUH.EXE" />
+            <ComponentRef Id="ROUTE_NULL.EXE" />
+            <ComponentRef Id="NETSH.EXE" />
+            <ComponentRef Id="ACTIVE_RESPONSES.LOG" />
+            <ComponentRef Id="ROOTKIT_FILES.TXT" />
+            <ComponentRef Id="ROOTKIT_TROJANS.TXT" />
+            <ComponentRef Id="WIN_APPLICATIONS_RCL.TXT" />
+            <ComponentRef Id="WIN_AUDIT_RCL.TXT" />
+            <ComponentRef Id="WIN_MALWARE_RCL.TXT" />
+            <ComponentRef Id="StartMenuShortcuts" />
+            <ComponentRef Id="WIN32UI.EXE" />
+            <ComponentRef Id="CMP_ACTIVE_RESPONSE" />
+            <ComponentRef Id="CMP_TMP" />
+            <ComponentRef Id="CMP_QUEUE" />
+            <ComponentRef Id="CMP_DIFF" />
+            <ComponentRef Id="CMP_FIM" />
+            <ComponentRef Id="CMP_FIM_DB" />
+            <ComponentRef Id="CMP_SYSCOLLECTOR" />
+            <ComponentRef Id="CMP_SYSCOLLECTOR_DB" />
+            <ComponentRef Id="CMP_LOGCOLLECTOR" />
+            <ComponentRef Id="CMP_RULESET" />
+            <ComponentRef Id="CMP_SECURITY_CONFIGURATION_ASSESSMENT" />
+            <ComponentRef Id="REMOVE_OLD_POLICIES" />
+            <ComponentRef Id="SCA_WIN10" />
+            <ComponentRef Id="SCA_WIN11" />
+            <ComponentRef Id="SCA_WIN2012R2" />
+            <ComponentRef Id="SCA_WIN2012NONR2" />
+            <ComponentRef Id="SCA_WIN2016" />
+            <ComponentRef Id="SCA_WIN2019" />
+            <ComponentRef Id="SCA_WIN2022" />
+            <ComponentRef Id="CMP_BOOKMARKS" />
+            <ComponentRef Id="CMP_LOGS" />
+            <ComponentRef Id="CMP_WODLES" />
+            <ComponentRef Id="CMP_RIDS" />
+            <ComponentRef Id="CMP_SYSCHECK" />
+            <ComponentRef Id="CMP_INCOMING" />
+            <ComponentRef Id="CMP_UPGRADE" />
+            <ComponentRef Id="CMP_SHARED" />
+            <ComponentRef Id="REMOVE_OLD_NSIS" />
+            <ComponentRef Id="REMOVE_OLD_AR" />
+            <ComponentRef Id="HELP_WIN.TXT" />
+            <ComponentRef Id="VERSION" />
+            <ComponentRef Id="REVISION" />
+            <ComponentRef Id="WPK_ROOT.PEM" />
+            <ComponentRef Id="WXP_CONF_SYSCHECK" />
+            <ComponentRef Id="WXP_CONF_LOCALFILE" />
+            <ComponentRef Id="WXP_CONF_PROFILE" />
+            <ComponentRef Id="W2003_CONF_PROFILE" />
+            <ComponentRef Id="W2003_CONF_LOCALFILE" />
+            <ComponentRef Id="W2003_CONF_SYSCHECK" />
+            <ComponentRef Id="WVISTA_CONF_PROFILE" />
+            <ComponentRef Id="W2008_CONF_PROFILE" />
+            <ComponentRef Id="W7_CONF_PROFILE" />
+            <ComponentRef Id="W2008R2_CONF_PROFILE" />
+            <ComponentRef Id="W8_CONF_PROFILE" />
+            <ComponentRef Id="W2012_CONF_PROFILE" />
+            <ComponentRef Id="W8.1_CONF_PROFILE" />
+            <ComponentRef Id="W2012R2_CONF_PROFILE" />
+            <ComponentRef Id="W10_CONF_PROFILE" />
+            <ComponentRef Id="W2016_CONF_PROFILE" />
+            <ComponentRef Id="W2019_CONF_PROFILE" />
+        </Feature>
+        <MajorUpgrade Schedule="afterInstallInitialize" AllowDowngrades="yes" />
+    </Product>
+    <Fragment>
+        <Binary Id="CustomImage" SourceFile="ui\bannrbmp.jpg" />
+        <UI>
+	        <Dialog Id="CustomCheckDialog" Width="370" Height="270" Title="Wazuh Agent Setup">
+                <Control Id="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44"
+                    Text="CustomImage" />
+
+                <Control Id="Description" Type="Text" X="20" Y="60" Width="330" Height="60"
+                    Text="Enabling this option allows Wazuh to generate debug information in the event of an agent failure.&#x0A;This information could be useful to detect and fix the problem that caused it." />
+
+                <Control Id="GenerateDumpCheckbox" Type="CheckBox" X="20" Y="150" Width="330" Height="17"
+                    Property="GENERATE_DUMP" CheckBoxValue="1"
+                    Text="Enable debug information generation" />
+
+                <Control Id="Next" Type="PushButton" X="236" Y="243" Width="75" Height="23" Default="yes" Text="Next">
+                    <Publish Event="NewDialog" Value="VerifyReadyDlg">1</Publish>
+                </Control>
+
+                <Control Id="Back" Type="PushButton" X="156" Y="243" Width="75" Height="23" Text="Back">
+                    <Publish Event="NewDialog" Value="InstallDirDlg">1</Publish>
+                </Control>
+            </Dialog>
+        </UI>
+    </Fragment>
+</Wix>