curiouse what these 2 files are

Windows XP Media Center Edition Service Pack 3 (build 2600)

was just browsing hd and noticed these 2 files no clue what they are of ir ir was from a old scan

they are first 2 in c: folder

7e3560f9eabcf42c2dc46b83081759

a6dcb67336c01a3a63232eb201a0ae, seems its like this msxml4-KB927978-enu

thanks

The first one looks like it might be malware. The only thing a Google search turned up was on the Hijack This forum of Bleeping Computer.

Hello.

Those does not look malware related. This file "msxml4-KB927978-enu" is legit and can be deleted if you want.

The other two folders seems to be related to Windows Update rather than malware. Just curious, what is in those folders? I believe there is nothing in those folders.

With Regards,
Extremeboy

in the second its stuff like this

== Verbose logging started: 11/16/2006 11:04:40 Build type: SHIP UNICODE 3.01.4000.2435 Calling process: C:\WINDOWS\system32\msiexec.exe ===
MSI © (08:CC) [11:04:40:531]: Resetting cached policy values
MSI © (08:CC) [11:04:40:531]: Machine policy value 'Debug' is 0
MSI © (08:CC) [11:04:40:531]: ******* RunEngine:
******* Product: c:\a6dcb67336c01a3a63232eb201a0ae\msxml.msi
******* Action:
******* CommandLine: **********
MSI © (08:CC) [11:04:40:531]: Client-side and UI is none or basic: Running entire install on the server.
MSI © (08:CC) [11:04:40:531]: Grabbed execution mutex.
MSI © (08:CC) [11:04:40:593]: Cloaking enabled.
MSI © (08:CC) [11:04:40:593]: Attempting to enable all disabled priveleges before calling Install on Server
MSI © (08:CC) [11:04:40:593]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (50:C0) [11:04:40:609]: Grabbed execution mutex.
MSI (s) (50:B4) [11:04:40:609]: Resetting cached policy values
MSI (s) (50:B4) [11:04:40:609]: Machine policy value 'Debug' is 0
MSI (s) (50:B4) [11:04:40:609]: ******* RunEngine:
******* Product: c:\a6dcb67336c01a3a63232eb201a0ae\msxml.msi
******* Action:
******* CommandLine: **********
MSI (s) (50:B4) [11:04:40:609]: Machine policy value 'DisableUserInstalls' is 0
MSI (s) (50:B4) [11:04:40:625]: File will have security applied from OpCode.
MSI (s) (50:B4) [11:04:40:640]: SOFTWARE RESTRICTION POLICY: Verifying package --> 'c:\a6dcb67336c01a3a63232eb201a0ae\msxml.msi' against software restriction policy
MSI (s) (50:B4) [11:04:40:640]: SOFTWARE RESTRICTION POLICY: c:\a6dcb67336c01a3a63232eb201a0ae\msxml.msi has a digital signature
MSI (s) (50:B4) [11:04:40:843]: SOFTWARE RESTRICTION POLICY: c:\a6dcb67336c01a3a63232eb201a0ae\msxml.msi is permitted to run at the 'unrestricted' authorization level.
MSI (s) (50:B4) [11:04:40:843]: End dialog not enabled
MSI (s) (50:B4) [11:04:40:843]: Original package ==> c:\a6dcb67336c01a3a63232eb201a0ae\msxml.msi
MSI (s) (50:B4) [11:04:40:843]: Package we're running from ==> c:\WINDOWS\Installer\119870b.msi
MSI (s) (50:B4) [11:04:40:859]: APPCOMPAT: looking for appcompat database entry with ProductCode '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'.
MSI (s) (50:B4) [11:04:40:875]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (50:B4) [11:04:40:875]: MSCOREE not loaded loading copy from system32
MSI (s) (50:B4) [11:04:40:875]: Machine policy value 'TransformsSecure' is 0
MSI (s) (50:B4) [11:04:40:875]: User policy value 'TransformsAtSource' is 0
MSI (s) (50:B4) [11:04:40:875]: Machine policy value 'DisablePatch' is 0
MSI (s) (50:B4) [11:04:40:875]: Machine policy value 'AllowLockdownPatch' is 0
MSI (s) (50:B4) [11:04:40:875]: Machine policy value 'DisableLUAPatc

That one looks like a windows security update log

Edited by Stang777, 26 March 2009 - 09:22 PM.

ok thanks alot, the other was amd64 and i386 stuff just like 6mb of stuff, thanks for answers

Hello.

Yes, those are legit no need to worry.

With Regards,
Extremeboy