When I opened it in note pad I got some (to me) creepy lines of code in plain language and programming language. Here's the top 25% of it. (Am I being paranoid? All my anti-virus says I'm good.

== Verbose logging started: 11/17/2006 23:11:07 Build type: SHIP UNICODE 3.01.4000.2435 Calling process: C:\WINDOWS\system32\msiexec.exe ===
MSI (c) (F8:F8) [23:11:07:796]: Resetting cached policy values
MSI (c) (F8:F8) [23:11:07:796]: Machine policy value 'Debug' is 0
MSI (c) (F8:F8) [23:11:07:796]: ******* RunEngine:
******* Product: c:\8f696dda3b673dd73f2911b9667074ed\msxml.msi
******* Action:
******* CommandLine: **********
MSI (c) (F8:F8) [23:11:07:812]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (F8:F8) [23:11:07:812]: Grabbed execution mutex.
MSI (c) (F8:F8) [23:11:07:937]: Cloaking enabled.
MSI (c) (F8:F8) [23:11:07:937]: Attempting to enable all disabled priveleges before calling Install on Server
MSI (c) (F8:F8) [23:11:07:953]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (E4:88) [23:11:07:984]: Grabbed execution mutex.
MSI (s) (E4:2C) [23:11:07:984]: Resetting cached policy values
MSI (s) (E4:2C) [23:11:07:984]: Machine policy value 'Debug' is 0
MSI (s) (E4:2C) [23:11:07:984]: ******* RunEngine:
******* Product: c:\8f696dda3b673dd73f2911b9667074ed\msxml.msi
******* Action:
******* CommandLine: **********
MSI (s) (E4:2C) [23:11:08:015]: Machine policy value 'DisableUserInstalls' is 0
MSI (s) (E4:2C) [23:11:08:062]: File will have security applied from OpCode.
MSI (s) (E4:2C) [23:11:08:125]: SOFTWARE RESTRICTION POLICY: Verifying package --> 'c:\8f696dda3b673dd73f2911b9667074ed\msxml.msi' against software restriction policy
MSI (s) (E4:2C) [23:11:08:125]: SOFTWARE RESTRICTION POLICY: c:\8f696dda3b673dd73f2911b9667074ed\msxml.msi has a digital signature
MSI (s) (E4:2C) [23:11:09:875]: SOFTWARE RESTRICTION POLICY: c:\8f696dda3b673dd73f2911b9667074ed\msxml.msi is permitted to run at the 'unrestricted' authorization level.
MSI (s) (E4:2C) [23:11:09:890]: End dialog not enabled
MSI (s) (E4:2C) [23:11:09:890]: Original package ==> c:\8f696dda3b673dd73f2911b9667074ed\msxml.msi

There's more but I thought this might be enough

LOL creepy

but yes normal- Author Microsoft- and if you check your process on Task manager- you will see it Running
(msiexec.exe)

Whenever you get the creeps- google it:p

Thanks Neverfly, I did but used the folder name and got no results, Thanks.

What gives me the creeps is when the two little monitor icons (down at the lower right of my screen) are blinking like mad, yet I don't have anything up or down loading from the internet. This seems to indicate to me that someone or some thing is downloading something to my computer without letting me know. When this happens I usually disconnect from the internet.

what? what is the folder name? and Where did it "appear"?

Did you install anything in XML?

Looks like mine in C:, but with a different long folder name of a big hexadecimal number. Similar contents, similar creation dates. I believe it's an Installer log, Microsoft Installer (http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/msiexec.mspx?mfr=true). A lot of both our logs look to be dealing with Microsoft XML Core Services (msxml). Probably some MS update then, mid-November, had logging turned for the installer, just in case of trouble, or maybe left on by accident. Probably searching the web for those kind of keywords might reveal the story behind it.

Someone asked... BigDon's folder name (from the log) is c:\8f696dda3b673dd73f2911b9667074ed. Mine is of the same sort, but a different value. My filename is msxml4-KB927978-enu.log, and his is probably same or similar.

Nothing to worry about.

This is a leftover log file from one of the MS security updates. I bet the name of your file is msxml4-KB927978-enu.log -- right? Give the file name or just KB927978 to Google for more info.

You can delete it with no worries.

Fred

MSI (c) (F8:F8) [23:11:07:937]: Cloaking enabled.
Knew it Romuluns.:lol:

Neverfly, could be, from the date, the machine was still my kid brother's. He's a major IT guy. Logs into work sometimes, fixes servers remotely in Britain, Hong Kong and India and minded a 1000 server "server farm" over half of which he built personally. His company sent him to Hong Kong to teach server clustering to a bunch of people who spoke no English and he doesn't speak Chinese and he pulled it off.

Thanks Nowhere man, 011, (you guys are replying while I'm typing, I can't keep up!)

Thanks Nowhere man, 011, (you guys are replying while I'm typing, I can't keep up!)

Lol yeah i have that trouble too

You can always google what looks suspicious.
Also im part of the GeeksToGo forum- i would highly reccomend it for anyone concerned about the workings of their computer.
You can run a Hijack This log.
As long as you have Good anti-virus- a firewall ( i use MS firewall, Zonealarm, a firewall router AND am behind Proxomitron Proxy) and you know a few basics about Security- you wont have much to be concerned about.

Now if you want to talk MS spying LOL... well lets just say i have a few MS features Turned off and Blocked :whistle:

<side note> my first look at Vista told me it was Good but had some Major Security Holes. I wont use Vista until MS addresses them.

Cloak typing...