MSI (c) (54:14) [03:02:43:031]: Resetting cached policy values
MSI (c) (54:14) [03:02:43:031]: Machine policy value ‘Debug’ is 0
MSI (c) (54:14) [03:02:43:031]: ******* RunEngine:
******* Product: c:\2cca043026607f5fdfe6041d07\msxml.msi
******* Action:
******* CommandLine: **********
MSI (s) (54:0C) [03:02:43:062]: Machine policy value ‘DisableUserInstalls’ is 0
MSI (s) (54:0C) [03:02:43:093]: File will have security applied from OpCode.
MSI (s) (54:0C) [03:02:43:125]: SOFTWARE RESTRICTION POLICY: Verifying package –> ‘c:\2cca043026607f5fdfe6041d07\msxml.msi’ against software restriction policy
MSI (s) (54:0C) [03:02:43:125]: SOFTWARE RESTRICTION POLICY: c:\2cca043026607f5fdfe6041d07\msxml.msi has a digital signature
MSI (s) (54:0C) [03:02:45:578]: SOFTWARE RESTRICTION POLICY: c:\2cca043026607f5fdfe6041d07\msxml.msi is permitted to run at the ‘unrestricted’ authorization level.
MSI (s) (54:0C) [03:02:45:609]: End dialog not enabled
MSI (s) (54:0C) [03:02:45:718]: Note: 1: 2898 2: MS Sans Serif 3: MS Sans Serif 4: 0 5: 16
MSI (s) (54:0C) [03:02:45:718]: PROPERTY CHANGE: Adding Privileged property. Its value is ‘1′.
MSI (s) (54:0C) [03:02:45:718]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2
MSI (s) (54:0C) [03:02:45:718]: PROPERTY CHANGE: Adding USERNAME property. Its value is ‘ ‘.
MSI (s) (54:0C) [03:02:45:718]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2
MSI (s) (54:0C) [03:02:45:718]: PROPERTY CHANGE: Adding DATABASE property. Its value is ‘c:\WINDOWS\Installer\cedea6.msi’.
MSI (s) (54:0C) [03:02:45:718]: PROPERTY CHANGE: Adding OriginalDatabase property. Its value is ‘c:\2cca043026607f5fdfe6041d07\msxml.msi’.
MSI (s) (54:0C) [03:02:45:718]: Note: 1: 2205 2: 3: PatchPackage
MSI (s) (54:0C) [03:02:45:718]: Machine policy value ‘DisableRollback’ is 0
MSI (s) (54:0C) [03:02:45:718]: User policy value ‘DisableRollback’ is
MSI (s) (54:0C) [03:02:45:890]: Dir (target): Key: payload.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537, Object: c:\WINDOWS\winsxs\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_ff05e224\
MSI (s) (54:0C) [03:02:45:890]: Dir (target): Key: WinSxsManifests.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537, Object: c:\WINDOWS\winsxs\Manifests\
MSI (s) (54:0C) [03:02:45:890]: Dir (target): Key: WinSxsPolicies.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537, Object: c:\WINDOWS\winsxs\Policies\
MSI (s) (54:0C) [03:02:45:890]: Dir (target): Key: policydir.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537, Object: c:\WINDOWS\winsxs\Policies\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_x-ww_88e8eab8\
MSI (s) (54:0C) [03:02:45:890]: Dir (target): Key: payload_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537, Object: c:\WINDOWS\winsxs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_a6dfa6920e9f98fc\
MSI (s) (54:0C) [03:02:45:890]: Dir (target): Key: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34
Near the end also has this line
SI (s) (54:0C) [03:02:45:890]: Target path resolution complete. Dumping Directory table…
Not sure what the heck this thing is.
is this a computer virus? I got a file showed up on my computer very strange its a txt file?
15
Mar
chris m
March 15, 2010 at 5:36 pm
you installed something …. who knows what… looks like a standard MSI install log.
hanz
March 15, 2010 at 5:51 pm
Sorry mate, I don’t know what the hell it is.
What sort of anti-virus programme do you have? Have you set it to be able to navigate around your windows registry??
From my experience, you should try the Kaspersky Internet Security 7.0 to start with. Download it from Kaspersky.com, and choose the 30-day trial option (worth to give a shot). The file sized to about 25MB.
After you downloaded it, set it as best as possible for it to search through your whole computer for viruses, malwares, etc you name it, then make sure you set it to scan every changes anything made inside your laptop (registry, internet explorer, default programme changes, everything, kaspersky got the whole lot).
If its true that the text file you’ve been spotting is a virus, then kaspersky should detect it and ask you what to do to fix it. It will give you several options. You can even forward the text file to kaspersky support and ask them what the heck it is. They should come up with an answer.