- Joined
- Feb 25, 2004
- Location
- N of splat W of Torin
I noticed a folder on my C: drive It was at the top and according to its log it was made on the Nov 16th 06. Its name is 242f46cfdc5efcfea7f6020a0.
In its folder is a text file called msxml4-KB927978-enu and its 283kb of suspicous looking log entries. I have started running all the stuff in the stickies section to detect anything on my system. AVG and Windows defender show things as clean. Antivir gave me alot of warnings mostly about registry keys it couldn't open. ZA is and has been running.
Here is the beginning portion and the end portion of this log file I found.
In its folder is a text file called msxml4-KB927978-enu and its 283kb of suspicous looking log entries. I have started running all the stuff in the stickies section to detect anything on my system. AVG and Windows defender show things as clean. Antivir gave me alot of warnings mostly about registry keys it couldn't open. ZA is and has been running.
Here is the beginning portion and the end portion of this log file I found.
=== Verbose logging started: 11/16/2006 2:53:32 Build type: SHIP UNICODE 3.01.4000.2435 Calling process: C:\WINDOWS\system32\msiexec.exe ===
MSI (c) (F0:8C) [02:53:32:000]: Resetting cached policy values
MSI (c) (F0:8C) [02:53:32:000]: Machine policy value 'Debug' is 0
MSI (c) (F0:8C) [02:53:32:000]: ******* RunEngine:
******* Product: c:\242f46cfdc5efcf5ea7f6020a0\msxml.msi
******* Action:
******* CommandLine: **********
MSI (c) (F0:8C) [02:53:32:015]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (F0:8C) [02:53:32:015]: Grabbed execution mutex.
MSI (c) (F0:8C) [02:53:32:140]: Cloaking enabled.
MSI (c) (F0:8C) [02:53:32:140]: Attempting to enable all disabled priveleges before calling Install on Server
MSI (c) (F0:8C) [02:53:32:156]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (BC:F8) [02:53:32:187]: Grabbed execution mutex.
MSI (s) (BC0) [02:53:32:187]: Resetting cached policy values
MSI (s) (BC0) [02:53:32:187]: Machine policy value 'Debug' is 0
M
And the end of it.
Anyone recognize this crap.It sure looks bad.roperty(S): PrimaryVolumeSpaceRemaining = 0
Property(S): SOURCEDIR = c:\242f46cfdc5efcf5ea7f6020a0\
Property(S): SourcedirProduct = {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
Property(S): ProductToBeRegistered = 1
MSI (s) (BC0) [02:53:35:921]: Note: 1: 1707
MSI (s) (BC0) [02:53:35:921]: Product: MSXML 4.0 SP2 (KB927978) -- Installation completed successfully.
MSI (s) (BC0) [02:53:35:953]: Cleaning up uninstalled install packages, if any exist
MSI (s) (BC0) [02:53:35:953]: MainEngineThread is returning 0
MSI (s) (BC:F8) [02:53:36:062]: Destroying RemoteAPI object.
MSI (s) (BCC) [02:53:36:062]: Custom Action Manager thread ending.
=== Logging stopped: 11/16/2006 2:53:35 ===
MSI (c) (F0:8C) [02:53:36:062]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (c) (F0:8C) [02:53:36:062]: MainEngineThread is returning 0
=== Verbose logging stopped: 11/16/2006 2:53:36 ===