Computer Users Urged to Disable Java Because of Security Flaws

You can share this, including by text message!

  • Computer Users Urged to Disable Java Because of Security Flaws

The U.S. Department of Homeland Security alerted users of Java to a serious and urgent security risk, recommending that users disable Java until a suitable fix has been released. In the statement, the United States Computer Emergency Readiness Team (US-CERT), the branch of the federal government that manages computer security risks, warned that any system using Oracle Java 7 (1.7, 1.7.0) including Java Platform Standard Edition 7 (Java SE 7), Java SE Development Kit (JDK 7) and Java SE Runtime Environment (JRE 7) are at risk.

The Feds said that all versions of Java 7 through update 10 are affected, and even web browsers using the Java 7 plug-in are at serious risk.

According to the US-CERT, “A vulnerability in the Java Security Manager allows a Java applet to grant itself permission to execute arbitrary code. An attacker could use social engineering techniques to entice a user to visit a link to a website hosting a malicious Java applet. An attacker could also compromise a legitimate web site and upload a malicious Java applet (a “drive-by download” attack).”

(Article continues below)
Get notified of new Internet Patrol articles for free!
Or Read Internet Patrol Articles Right in Your Inbox!
as Soon as They are Published! Only $1 a Month!

Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time!
Computer Users Urged to Disable Java Because of Security Flaws

With this flaw, hackers are able to use Java to install malicious software, which will in turn allow them to turn computers into part of an ad-hoc network to be used for cyber attacks, as well as making the computers vulnerable to websites that are virus infected, identity theft and “ransomeware,” where the computer is locked and not unlocked until the user pays money to the hackers.

security experts were the first to break this news, with the US – CERT formally announcing it later in the day. Java is a highly-used program that enables an array of different software programs to run on various computers and websites.

 

Oracle issued a statement promising a patch on Tuesday, promising that it will contain “86 new security vulnerability fixes.” They went on to say that, “due to the threat posed by a successful attack, Oracle strongly recommends” that customers update Java on their computers with the patch as soon as possible.” As a reminder, until that patch comes out, the Department of Homeland Security strongly advises users to disable Java all together.

  
No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free? Thank you!

Computer Users Urged to Disable Java Because of Security Flaws

Get notified of new Internet Patrol articles!

You can share this, including by text message!

  • Computer Users Urged to Disable Java Because of Security Flaws

1 Reply to “Computer Users Urged to Disable Java Because of Security Flaws”

  1. I mockingly laughed threw reading this story. I have been hacked countless times due to java’s 1.6.blah blah blah!!! I messaged adobe, sunjava. and even contacted microsoft many times to report what was happening over the last 2 YEARS!!!! While on a “chat” with microsoft’s security, I was told it was impossible for this to happen since ALL THEIR sites are secure. Well during the “secure chat” the hacker was trying their hardest to get me off and succeeded and then came the blue screen of death. Although Microsoft had my phone number they weren’t willing to budge untill I paid the $99.00 for their help. That WAS a nice VIAO laptop.
    ***WATCH OUT FOR MICROSOFT SECURITY ESSENTIALS UPDATE TO UPGRADE 4.3.219.0*** IT’S NOT WHAT IT SEEMS…IT IS A TROJAN-
    copy of the log I was able to retrieve…

    === Verbose logging started: 10/12/2013 22:20:41 Build type: SHIP UNICODE 4.05.6001.00 Calling process: c:\458cab8f84405b81b80cf601be04\x86\setup.exe ===
    MSI (c) (74:EC) [22:20:41:453]: Resetting cached policy values
    MSI (c) (74:EC) [22:20:41:453]: Machine policy value ‘Debug’ is 0
    MSI (c) (74:EC) [22:20:41:453]: ******* RunEngine:
    ******* Product: c:\458cab8f84405b81b80cf601be04\x86\epp.msi
    ******* Action:
    ******* CommandLine: **********
    MSI (c) (74:EC) [22:20:41:453]: Client-side and UI is none or basic: Running entire install on the server.
    MSI (c) (74:EC) [22:20:41:453]: Grabbed execution mutex.
    MSI (c) (74:EC) [22:20:41:453]: Cloaking enabled.
    MSI (c) (74:EC) [22:20:41:453]: Attempting to enable all disabled privileges before calling Install on Server
    MSI (c) (74:EC) [22:20:41:453]: Incrementing counter to disable shutdown. Counter after increment: 0
    MSI (s) (30:C4) [22:20:41:484]: Running installation inside multi-package transaction c:\458cab8f84405b81b80cf601be04\x86\epp.msi
    MSI (s) (30:C4) [22:20:41:484]: Grabbed execution mutex.
    MSI (s) (30:C8) [22:20:41:484]: Resetting cached policy values
    MSI (s) (30:C8) [22:20:41:484]: Machine policy value ‘Debug’ is 0
    MSI (s) (30:C8) [22:20:41:484]: ******* RunEngine:
    ******* Product: c:\458cab8f84405b81b80cf601be04\x86\epp.msi
    ******* Action:
    ******* CommandLine: **********
    MSI (s) (30:C8) [22:20:41:484]: Machine policy value ‘DisableUserInstalls’ is 0
    MSI (s) (30:C8) [22:20:41:484]: File will have security applied from OpCode.
    MSI (s) (30:C8) [22:20:41:515]: SOFTWARE RESTRICTION POLICY: Verifying package –> ‘c:\458cab8f84405b81b80cf601be04\x86\epp.msi’ against software restriction policy
    MSI (s) (30:C8) [22:20:41:515]: SOFTWARE RESTRICTION POLICY: c:\458cab8f84405b81b80cf601be04\x86\epp.msi has a digital signature
    MSI (s) (30:C8) [22:20:41:812]: SOFTWARE RESTRICTION POLICY: c:\458cab8f84405b81b80cf601be04\x86\epp.msi is permitted to run at the ‘unrestricted’ authorization level.
    MSI (s) (30:C8) [22:20:41:812]: End dialog not enabled
    MSI (s) (30:C8) [22:20:41:812]: Original package ==> c:\458cab8f84405b81b80cf601be04\x86\epp.msi
    MSI (s) (30:C8) [22:20:41:812]: Package we’re running from ==> c:\WINDOWS\Installer\26e90f.msi
    MSI (s) (30:C8) [22:20:41:812]: APPCOMPAT: looking for appcompat database entry with ProductCode ‘{4D24F198-A2CB-46B5-BB16-41B69C644B6C}’.
    MSI (s) (30:C8) [22:20:41:812]: APPCOMPAT: no matching ProductCode found in database.
    MSI (s) (30:C8) [22:20:41:812]: MSCOREE not loaded loading copy from system32
    MSI (s) (30:C8) [22:20:41:812]: Machine policy value ‘TransformsSecure’ is 0
    MSI (s) (30:C8) [22:20:41:812]: User policy value ‘TransformsAtSource’ is 0
    MSI (s) (30:C8) [22:20:41:812]: Machine policy value ‘DisablePatch’ is 0
    MSI (s) (30:C8) [22:20:41:812]: Machine policy value ‘AllowLockdownPatch’ is 0
    MSI (s) (30:C8) [22:20:41:812]: Machine policy value ‘DisableLUAPatching’ is 0
    MSI (s) (30:C8) [22:20:41:812]: Machine policy value ‘DisableFlyWeightPatching’ is 0
    MSI (s) (30:C8) [22:20:41:843]: APPCOMPAT: looking for appcompat database entry with ProductCode ‘{4D24F198-A2CB-46B5-BB16-41B69C644B6C}’.
    MSI (s) (30:C8) [22:20:41:843]: APPCOMPAT: no matching ProductCode found in database.
    MSI (s) (30:C8) [22:20:41:843]: Transforms are not secure.
    MSI (s) (30:C8) [22:20:41:843]: Note: 1: 2205 2: 3: Control
    MSI (s) (30:C8) [22:20:41:843]: PROPERTY CHANGE: Adding MsiLogFileLocation property. Its value is ‘C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Security Client\Support\MSSecurityClient_Setup_4.3.219.0_epp_Upgrade.log’.
    MSI (s) (30:C8) [22:20:41:843]: Command Line: INUSETRACKING=1 REBOOT=ReallySuppress CURRENTDIRECTORY=c:\458cab8f84405b81b80cf601be04\x86 CLIENTUILEVEL=3 MSICLIENTUSESEXTERNALUI=1 CLIENTPROCESSID=2676
    MSI (s) (30:C8) [22:20:41:843]: PROPERTY CHANGE: Adding PackageCode property. Its value is ‘{DCEE8ABA-1B46-4369-ABBA-6AB070AC13D6}’.
    MSI (s) (30:C8) [22:20:41:843]: Product Code passed to Engine.Initialize: ”
    MSI (s) (30:C8) [22:20:41:843]: Product Code from property table before transforms: ‘{4D24F198-A2CB-46B5-BB16-41B69C644B6C}’
    MSI (s) (30:C8) [22:20:41:843]: Product Code from property table after transforms: ‘{4D24F198-A2CB-46B5-BB16-41B69C644B6C}’
    MSI (s) (30:C8) [22:20:41:843]: Product not registered: beginning first-time install
    MSI (s) (30:C8) [22:20:41:984]: Product {4D24F198-A2CB-46B5-BB16-41B69C644B6C} is not managed.
    MSI (s) (30:C8) [22:20:41:984]: MSI_LUA: Credential prompt functionality not available on this operating system
    MSI (s) (30:C8) [22:20:41:984]: PROPERTY CHANGE: Adding ProductState property. Its value is ‘-1’.
    MSI (s) (30:C8) [22:20:41:984]: Entering CMsiConfigurationManager::SetLastUsedSource.
    MSI (s) (30:C8) [22:20:41:984]: User policy value ‘SearchOrder’ is ‘nmu’
    MSI (s) (30:C8) [22:20:41:984]: Adding new sources is allowed.
    MSI (s) (30:C8) [22:20:41:984]: PROPERTY CHANGE: Adding PackagecodeChanging property. Its value is ‘1’.
    MSI (s) (30:C8) [22:20:41:984]: Package name extracted from package path: ‘epp.msi’
    MSI (s) (30:C8) [22:20:41:984]: Package to be registered: ‘epp.msi’
    MSI (s) (30:C8) [22:20:41:984]: Note: 1: 2262 2: AdminProperties 3: -2147287038
    MSI (s) (30:C8) [22:20:41:984]: Machine policy value ‘DisableMsi’ is 0
    MSI (s) (30:C8) [22:20:41:984]: Machine policy value ‘AlwaysInstallElevated’ is 0
    MSI (s) (30:C8) [22:20:41:984]: User policy value ‘AlwaysInstallElevated’ is 0
    MSI (s) (30:C8) [22:20:41:984]: Product installation will be elevated because user is admin and product is being installed per-machine.
    MSI (s) (30:C8) [22:20:41:984]: Running product ‘{4D24F198-A2CB-46B5-BB16-41B69C644B6C}’ with elevated privileges: Product is assigned.
    MSI (s) (30:C8) [22:20:41:984]: PROPERTY CHANGE: Adding INUSETRACKING property. Its value is ‘1’.
    MSI (s) (30:C8) [22:20:41:984]: PROPERTY CHANGE: Adding CURRENTDIRECTORY property. Its value is ‘c:\458cab8f84405b81b80cf601be04\x86’.
    MSI (s) (30:C8) [22:20:41:984]: PROPERTY CHANGE: Adding CLIENTUILEVEL property. Its value is ‘3’.
    MSI (s) (30:C8) [22:20:41:984]: PROPERTY CHANGE: Adding MSICLIENTUSESEXTERNALUI property. Its value is ‘1’.
    MSI (s) (30:C8) [22:20:41:984]: PROPERTY CHANGE: Adding CLIENTPROCESSID property. Its value is ‘2676’.
    MSI (s) (30:C8) [22:20:42:000]: Machine policy value ‘DisableAutomaticApplicationShutdown’ is 0
    MSI (s) (30:C8) [22:20:42:000]: MSIRESTARTMANAGERCONTROL property is ignored on this version of Windows.
    MSI (s) (30:C8) [22:20:42:000]: PROPERTY CHANGE: Adding MsiSystemRebootPending property. Its value is ‘1’.
    MSI (s) (30:C8) [22:20:42:000]: TRANSFORMS property is now:
    MSI (s) (30:C8) [22:20:42:000]: PROPERTY CHANGE: Adding VersionDatabase property. Its value is ‘200’.
    MSI (s) (30:C8) [22:20:42:000]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\Application Data
    MSI (s) (30:C8) [22:20:42:000]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\Favorites
    MSI (s) (30:C8) [22:20:42:000]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\NetHood
    MSI (s) (30:C8) [22:20:42:000]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\My Documents
    MSI (s) (30:C8) [22:20:42:000]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\PrintHood
    MSI (s) (30:C8) [22:20:42:000]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\Recent
    MSI (s) (30:C8) [22:20:42:000]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\SendTo
    MSI (s) (30:C8) [22:20:42:000]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\Templates
    MSI (s) (30:C8) [22:20:42:000]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Application Data
    MSI (s) (30:C8) [22:20:42:000]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\Local Settings\Application Data
    MSI (s) (30:C8) [22:20:42:000]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\My Documents\My Pictures
    MSI (s) (30:C8) [22:20:42:000]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
    MSI (s) (30:C8) [22:20:42:015]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    MSI (s) (30:C8) [22:20:42:015]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Start Menu\Programs
    MSI (s) (30:C8) [22:20:42:015]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Start Menu
    MSI (s) (30:C8) [22:20:42:015]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Desktop
    MSI (s) (30:C8) [22:20:42:015]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools
    MSI (s) (30:C8) [22:20:42:031]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
    MSI (s) (30:C8) [22:20:42:031]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\Start Menu\Programs
    MSI (s) (30:C8) [22:20:42:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\Start Menu
    MSI (s) (30:C8) [22:20:42:062]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\Administrator\Desktop
    MSI (s) (30:C8) [22:20:42:062]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Templates
    MSI (s) (30:C8) [22:20:42:062]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\Fonts
    MSI (s) (30:C8) [22:20:42:062]: Note: 1: 2898 2: MS Sans Serif 3: MS Sans Serif 4: 0 5: 20
    MSI (s) (30:C8) [22:20:42:062]: PROPERTY CHANGE: Adding Privileged property. Its value is ‘1’.
    MSI (s) (30:C8) [22:20:42:062]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2
    MSI (s) (30:C8) [22:20:42:062]: PROPERTY CHANGE: Adding USERNAME property. Its value is ‘ ‘.
    MSI (s) (30:C8) [22:20:42:062]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2
    MSI (s) (30:C8) [22:20:42:062]: PROPERTY CHANGE: Adding DATABASE property. Its value is ‘c:\WINDOWS\Installer\26e90f.msi’.
    MSI (s) (30:C8) [22:20:42:062]: PROPERTY CHANGE: Adding OriginalDatabase property. Its value is ‘c:\458cab8f84405b81b80cf601be04\x86\epp.msi’.
    MSI (s) (30:C8) [22:20:42:062]: Machine policy value ‘MsiDisableEmbeddedUI’ is 0
    MSI (s) (30:C8) [22:20:42:062]: EEUI – Disabling MsiEmbeddedUI due to existing external or embedded UI
    MSI (s) (30:C8) [22:20:42:062]: EEUI – Disabling MsiEmbeddedUI for service because it’s not a quiet/basic install
    MSI (s) (30:C8) [22:20:42:062]: Note: 1: 2205 2: 3: PatchPackage
    MSI (s) (30:C8) [22:20:42:062]: Machine policy value ‘DisableRollback’ is 0
    MSI (s) (30:C8) [22:20:42:062]: User policy value ‘DisableRollback’ is 0
    MSI (s) (30:C8) [22:20:42:062]: PROPERTY CHANGE: Adding UILevel property. Its value is ‘2’.
    MSI (s) (30:C8) [22:20:42:062]: PROPERTY CHANGE: Adding MsiUISourceResOnly property. Its value is ‘1’.
    === Logging started: 10/12/2013 22:20:42 ===
    MSI (s) (30:C8) [22:20:42:062]: PROPERTY CHANGE: Adding ACTION property. Its value is ‘INSTALL’.
    MSI (s) (30:C8) [22:20:42:062]: Doing action: INSTALL
    Action start 22:20:42: INSTALL.
    MSI (s) (30:C8) [22:20:42:078]: Running ExecuteSequence
    MSI (s) (30:C8) [22:20:42:078]: Doing action: FindRelatedProducts
    Action start 22:20:42: FindRelatedProducts.
    MSI (s) (30:C8) [22:20:42:078]: PROPERTY CHANGE: Adding OLDERFOUND property. Its value is ‘{59D268DF-CCA9-44C5-8F96-2E51BB34C829}’.
    MSI (s) (30:C8) [22:20:42:078]: Skipping action: PreventDowngrading (condition is false)
    MSI (s) (30:C8) [22:20:42:078]: Doing action: AppSearch
    Action ended 22:20:42: FindRelatedProducts. Return value 1.
    Action start 22:20:42: AppSearch.
    MSI (s) (30:C8) [22:20:42:093]: PROPERTY CHANGE: Adding DRWATSON20PATH property. Its value is ‘**********’.
    MSI (s) (30:C8) [22:20:42:093]: PROPERTY CHANGE: Adding FLTMGRREGVALUE property. Its value is ‘#1’.
    MSI (s) (30:C8) [22:20:42:093]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Security Client Test\Setup 3: 2
    MSI (s) (30:C8) [22:20:42:093]: PROPERTY CHANGE: Adding PRODUCTICON property. Its value is ‘@C:\Program Files\Microsoft Security Client\EppManifest.dll,-100’.
    MSI (s) (30:C8) [22:20:42:109]: PROPERTY CHANGE: Adding PRODUCTICONREMEMBERED property. Its value is ‘@C:\Program Files\Microsoft Security Client\EppManifest.dll,-100’.
    MSI (s) (30:C8) [22:20:42:109]: PROPERTY CHANGE: Adding PRODUCTLOCALIZEDNAME property. Its value is ‘@C:\Program Files\Microsoft Security Client\EppManifest.dll,-1000’.
    MSI (s) (30:C8) [22:20:42:109]: PROPERTY CHANGE: Adding PRODUCTLOCALIZEDNAMEREMEMBERED property. Its value is ‘@C:\Program Files\Microsoft Security Client\EppManifest.dll,-1000’.
    MSI (s) (30:C8) [22:20:42:109]: PROPERTY CHANGE: Adding REMEDIATIONEXE property. Its value is ‘C:\Program Files\Microsoft Security Client\msseces.exe’.
    MSI (s) (30:C8) [22:20:42:109]: PROPERTY CHANGE: Adding REMEDIATIONEXEREMEMBERED property. Its value is ‘C:\Program Files\Microsoft Security Client\msseces.exe’.
    MSI (s) (30:C8) [22:20:42:109]: PROPERTY CHANGE: Adding SIGNATURECATEGORYID property. Its value is ‘6b9e8b26-8f50-44b9-94c6-7846084383ec’.
    MSI (s) (30:C8) [22:20:42:109]: PROPERTY CHANGE: Adding SIGNATURECATEGORYIDREMEMBERED property. Its value is ‘6b9e8b26-8f50-44b9-94c6-7846084383ec’.
    MSI (s) (30:C8) [22:20:42:109]: PROPERTY CHANGE: Adding PRODUCT_SKU property. Its value is ‘MSEv2’.
    MSI (s) (30:C8) [22:20:42:109]: PROPERTY CHANGE: Adding PRODUCT_SKUREMEMBERED property. Its value is ‘MSEv2’.
    MSI (s) (30:C8) [22:20:42:109]: PROPERTY CHANGE: Adding INSTALLDIR property. Its value is ‘c:\Program Files\Microsoft Security Client\’.
    MSI (s) (30:C8) [22:20:42:109]: PROPERTY CHANGE: Adding INSTALLDIRREMEMBERED property. Its value is ‘c:\Program Files\Microsoft Security Client\’.
    MSI (s) (30:C8) [22:20:42:109]: PROPERTY CHANGE: Modifying MARKET property. Its current value is ‘ALL’. Its new value: ‘en-us’.
    MSI (s) (30:C8) [22:20:42:109]: PROPERTY CHANGE: Adding MARKETREMEMBERED property. Its value is ‘en-us’.
    MSI (s) (30:C8) [22:20:42:109]: Note: 1: 1322 2:
    MSI (s) (30:C8) [22:20:42:109]: Note: 1: 1322 2:
    MSI (s) (30:C8) [22:20:42:171]: PROPERTY CHANGE: Adding MSI_INSTALLED property. Its value is ‘c:\WINDOWS\system32\msi.dll’.
    MSI (s) (30:C8) [22:20:42:171]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB914811 3: 2
    MSI (s) (30:C8) [22:20:42:171]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB914882 3: 2
    MSI (s) (30:C8) [22:20:42:171]: Note: 1: 1322 2:
    MSI (s) (30:C8) [22:20:42:171]: Note: 1: 1322 2:
    MSI (s) (30:C8) [22:20:42:171]: PROPERTY CHANGE: Adding MPFILTER_PREVIOUSVERSION property. Its value is ‘c:\Program Files\Microsoft Security Client\Drivers\mpfilter\’.
    MSI (s) (30:C8) [22:20:42:171]: Note: 1: 1322 2:
    MSI (s) (30:C8) [22:20:42:171]: Note: 1: 1322 2:
    MSI (s) (30:C8) [22:20:42:171]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\EarlyLaunch 3: 2
    MSI (s) (30:C8) [22:20:42:171]: PROPERTY CHANGE: Adding MORROLICENSEFOUND property. Its value is ‘c:\Program Files\Microsoft Security Client\’.
    MSI (s) (30:C8) [22:20:42:171]: Note: 1: 1322 2:
    MSI (s) (30:C8) [22:20:42:171]: Note: 1: 1322 2:
    MSI (s) (30:C8) [22:20:42:171]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Security Essentials 3: 2
    MSI (s) (30:C8) [22:20:42:187]: Skipping action: ApplyRegistryRollbackOnUpgrade (condition is false)
    MSI (s) (30:C8) [22:20:42:187]: Skipping action: CorrectMissingMarket (condition is false)
    MSI (s) (30:C8) [22:20:42:187]: Skipping action: CorrectMissingSku (condition is false)
    MSI (s) (30:C8) [22:20:42:187]: Skipping action: SetAMPRODUCT_FCSProperty (condition is false)
    MSI (s) (30:C8) [22:20:42:187]: Doing action: SetAMPRODUCT_MORROProperty
    Action ended 22:20:42: AppSearch. Return value 1.
    MSI (s) (30:C8) [22:20:42:187]: PROPERTY CHANGE: Adding AMPRODUCT property. Its value is ‘MORRO’.
    Action start 22:20:42: SetAMPRODUCT_MORROProperty.
    MSI (s) (30:C8) [22:20:42:187]: Skipping action: SetAMPRODUCT_JUPITERProperty (condition is false)
    MSI (s) (30:C8) [22:20:42:187]: Skipping action: SetAMPRODUCT_SCEPProperty (condition is false)
    MSI (s) (30:C8) [22:20:42:187]: Skipping action: SetAMPRODUCT_EPPProperty (condition is false)
    MSI (s) (30:C8) [22:20:42:187]: Doing action: SetProperty_CheckActiveThreatsAndRebootRequiredForCleaning
    Action ended 22:20:42: SetAMPRODUCT_MORROProperty. Return value 1.
    MSI (s) (30:C8) [22:20:42:187]: PROPERTY CHANGE: Adding CheckActiveThreatsAndRebootRequiredForCleaning property. Its value is ‘c:\Program Files\Microsoft Security Client\’.
    Action start 22:20:42: SetProperty_CheckActiveThreatsAndRebootRequiredForCleaning.
    MSI (s) (30:C8) [22:20:42:187]: Doing action: CheckActiveThreatsAndRebootRequiredForCleaning
    Action ended 22:20:42: SetProperty_CheckActiveThreatsAndRebootRequiredForCleaning. Return value 1.
    MSI (s) (30:DC) [22:20:42:218]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI9E2.tmp, Entrypoint: CheckActiveThreatsAndRebootRequiredForCleaning
    MSI (s) (30:78) [22:20:42:218]: Generating random cookie.
    MSI (s) (30:78) [22:20:42:250]: Created Custom Action Server with PID 2504 (0x9C8).
    MSI (s) (30:6C) [22:20:42:265]: Running as a service.
    MSI (s) (30:6C) [22:20:42:265]: Hello, I’m your 32bit Impersonated custom action server.
    Action start 22:20:42: CheckActiveThreatsAndRebootRequiredForCleaning.
    MSI (s) (30:C8) [22:20:42:562]: Doing action: LaunchConditions
    Action ended 22:20:42: CheckActiveThreatsAndRebootRequiredForCleaning. Return value 1.
    Action start 22:20:42: LaunchConditions.
    MSI (s) (30:C8) [22:20:42:562]: Doing action: ValidateProductID
    Action ended 22:20:42: LaunchConditions. Return value 1.
    Action start 22:20:42: ValidateProductID.
    MSI (s) (30:C8) [22:20:42:562]: Doing action: SetMpAppDataSubDir
    Action ended 22:20:42: ValidateProductID. Return value 1.
    MSI (s) (30:C8) [22:20:42:562]: PROPERTY CHANGE: Adding MpAppDataSubDir property. Its value is ‘Microsoft\Microsoft Antimalware’.
    Action start 22:20:42: SetMpAppDataSubDir.
    MSI (s) (30:C8) [22:20:42:562]: Doing action: SetMpAppDataDir
    Action ended 22:20:42: SetMpAppDataSubDir. Return value 1.
    MSI (s) (30:9C) [22:20:42:593]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI9E3.tmp, Entrypoint: SetMpAppDataDir
    Action start 22:20:42: SetMpAppDataDir.
    WIXFXCA: SetMpAppDataDir: INFO: begin.
    MSI (s) (30!A4) [22:20:42:656]: PROPERTY CHANGE: Adding MSMPAPPDATAFOLDER property. Its value is ‘C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\’.
    WIXFXCA: SetMpAppDataDir: INFO: MSMPAPPDATAFOLDER is: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\
    WIXFXCA: SetMpAppDataDir: INFO: end.
    MSI (s) (30:C8) [22:20:42:656]: Doing action: FindExistingConfigRoot
    Action ended 22:20:42: SetMpAppDataDir. Return value 1.
    MSI (s) (30:CC) [22:20:42:687]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI9E4.tmp, Entrypoint: RegistryFindKey
    MSI (s) (30!38) [22:20:42:703]: PROPERTY CHANGE: Adding ExistingConfigRoot property. Its value is ‘SOFTWARE\Microsoft\Microsoft Antimalware’.
    Action start 22:20:42: FindExistingConfigRoot.
    MSI (s) (30:C8) [22:20:42:703]: Doing action: SetRegistrySaveKeyParams
    Action ended 22:20:42: FindExistingConfigRoot. Return value 1.
    MSI (s) (30:C8) [22:20:42:703]: PROPERTY CHANGE: Adding RegistrySaveKeyParams property. Its value is ‘RegBackupKey;HKLM;SOFTWARE\Microsoft\Microsoft Antimalware;HKLM;SOFTWARE\Microsoft\Microsoft Antimalware’.
    Action start 22:20:42: SetRegistrySaveKeyParams.
    MSI (s) (30:C8) [22:20:42:703]: Doing action: SetWellKnownSids
    Action ended 22:20:42: SetRegistrySaveKeyParams. Return value 1.
    MSI (s) (30:34) [22:20:42:734]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI9E5.tmp, Entrypoint: SetWellKnownSids
    Action start 22:20:42: SetWellKnownSids.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinNullSid property. Its value is ‘NULL SID’.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinWorldSid property. Its value is ‘Everyone’.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinLocalSid property. Its value is ‘LOCAL’.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinCreatorOwnerSid property. Its value is ‘CREATOR OWNER’.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinCreatorGroupSid property. Its value is ‘CREATOR GROUP’.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinCreatorOwnerServerSid property. Its value is ‘CREATOR OWNER SERVER’.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinCreatorGroupServerSid property. Its value is ‘CREATOR GROUP SERVER’.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinNtAuthoritySid property. Its value is ‘NT Pseudo Domain’.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinDialupSid property. Its value is ‘DIALUP’.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinNetworkSid property. Its value is ‘NETWORK’.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinBatchSid property. Its value is ‘BATCH’.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinInteractiveSid property. Its value is ‘INTERACTIVE’.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinServiceSid property. Its value is ‘SERVICE’.
    MSI (s) (30!38) [22:20:42:750]: PROPERTY CHANGE: Adding WinAnonymousSid property. Its value is ‘ANONYMOUS LOGON’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinProxySid property. Its value is ‘PROXY’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinEnterpriseControllersSid property. Its value is ‘ENTERPRISE DOMAIN CONTROLLERS’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinSelfSid property. Its value is ‘SELF’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinAuthenticatedUserSid property. Its value is ‘Authenticated Users’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinRestrictedCodeSid property. Its value is ‘RESTRICTED’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinTerminalServerSid property. Its value is ‘TERMINAL SERVER USER’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinRemoteLogonIdSid property. Its value is ‘REMOTE INTERACTIVE LOGON’.
    WIXFXCA: SetWellKnownSids: INFO: begin.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinLocalSystemSid property. Its value is ‘SYSTEM’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinLocalServiceSid property. Its value is ‘LOCAL SERVICE’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinNetworkServiceSid property. Its value is ‘NETWORK SERVICE’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinBuiltinDomainSid property. Its value is ‘BUILTIN’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinBuiltinAdministratorsSid property. Its value is ‘Administrators’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinBuiltinUsersSid property. Its value is ‘Users’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinBuiltinGuestsSid property. Its value is ‘Guests’.
    MSI (s) (30!38) [22:20:42:765]: PROPERTY CHANGE: Adding WinBuiltinPowerUsersSid property. Its value is ‘Power Users’.
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinLogonIdsSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: LookupAccountSidW(WinBuiltinAccountOperatorsSid) failed, hr = 0x80070534
    WIXFXCA: SetWellKnownSids: INFO: LookupAccountSidW(WinBuiltinSystemOperatorsSid) failed, hr = 0x80070534
    MSI (s) (30!38) [22:20:42:796]: PROPERTY CHANGE: Adding WinBuiltinBackupOperatorsSid property. Its value is ‘Backup Operators’.
    MSI (s) (30!38) [22:20:42:796]: PROPERTY CHANGE: Adding WinBuiltinReplicatorSid property. Its value is ‘Replicator’.
    WIXFXCA: SetWellKnownSids: INFO: LookupAccountSidW(WinBuiltinPrintOperatorsSid) failed, hr = 0x80070534
    MSI (s) (30!38) [22:20:42:796]: PROPERTY CHANGE: Adding WinBuiltinRemoteDesktopUsersSid property. Its value is ‘Remote Desktop Users’.
    MSI (s) (30!38) [22:20:42:796]: PROPERTY CHANGE: Adding WinBuiltinNetworkConfigurationOperatorsSid property. Its value is ‘Network Configuration Operators’.
    WIXFXCA: SetWellKnownSids: INFO: LookupAccountSidW(WinBuiltinPreWindows2000CompatibleAccessSid) failed, hr = 0x80070534
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountAdministratorSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountGuestSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountKrbtgtSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountDomainAdminsSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountDomainUsersSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountDomainGuestsSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountComputersSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountControllersSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountCertAdminsSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountSchemaAdminsSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountEnterpriseAdminsSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountPolicyAdminsSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountRasAndIasServersSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinNTLMAuthenticationSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinDigestAuthenticationSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinSChannelAuthenticationSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinThisOrganizationSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinOtherOrganizationSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinBuiltinIncomingForestTrustBuildersSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinBuiltinPerfMonitoringUsersSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinBuiltinPerfLoggingUsersSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinBuiltinAuthorizationAccessSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinBuiltinTerminalServerLicenseServersSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinBuiltinDCOMUsersSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinBuiltinIUsersSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinIUserSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinBuiltinCryptoOperatorsSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinUntrustedLabelSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinLowLabelSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinMediumLabelSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinHighLabelSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinSystemLabelSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinWriteRestrictedCodeSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinCreatorOwnerRightsSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinCacheablePrincipalsGroupSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinNonCacheablePrincipalsGroupSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinEnterpriseReadonlyControllersSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinAccountReadonlyControllersSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinBuiltinEventLogReadersGroup) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinNewEnterpriseReadonlyControllersSid) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: CreateWellKnownSid(WinBuiltinCertSvcDComAccessGroup) failed, hr = 0x80070057
    WIXFXCA: SetWellKnownSids: INFO: end.
    MSI (s) (30:C8) [22:20:42:812]: Doing action: SetARPInstallLocation
    Action ended 22:20:42: SetWellKnownSids. Return value 1.
    MSI (s) (30:C8) [22:20:42:812]: PROPERTY CHANGE: Adding ARPINSTALLLOCATION property. Its value is ‘c:\Program Files\Microsoft Security Client\’.
    Action start 22:20:42: SetARPInstallLocation.
    MSI (s) (30:C8) [22:20:42:812]: Doing action: CostInitialize
    Action ended 22:20:42: SetARPInstallLocation. Return value 1.
    MSI (s) (30:C8) [22:20:42:812]: Machine policy value ‘MaxPatchCacheSize’ is 10
    Action start 22:20:42: CostInitialize.
    MSI (s) (30:C8) [22:20:42:843]: PROPERTY CHANGE: Adding ROOTDRIVE property. Its value is ‘c:\’.
    MSI (s) (30:C8) [22:20:42:843]: PROPERTY CHANGE: Adding CostingComplete property. Its value is ‘0’.
    MSI (s) (30:C8) [22:20:42:843]: Note: 1: 2205 2: 3: Patch
    MSI (s) (30:C8) [22:20:42:843]: Note: 1: 2205 2: 3: PatchPackage
    MSI (s) (30:C8) [22:20:42:843]: Note: 1: 2205 2: 3: MsiPatchHeaders
    MSI (s) (30:C8) [22:20:42:843]: Note: 1: 2205 2: 3: __MsiPatchFileList
    MSI (s) (30:C8) [22:20:42:843]: Note: 1: 2205 2: 3: PatchPackage
    MSI (s) (30:C8) [22:20:42:843]: Note: 1: 2228 2: 3: PatchPackage 4: SELECT `DiskId`, `PatchId`, `LastSequence` FROM `Media`, `PatchPackage` WHERE `Media`.`DiskId`=`PatchPackage`.`Media_` ORDER BY `DiskId`
    MSI (s) (30:C8) [22:20:42:843]: Note: 1: 2205 2: 3: Patch
    MSI (s) (30:C8) [22:20:42:843]: Skipping action: WixOP_FreshInstall_set (condition is false)
    MSI (s) (30:C8) [22:20:42:843]: Skipping action: WixOP_Update_set (condition is false)
    MSI (s) (30:C8) [22:20:42:843]: Skipping action: WixOP_Remove_set (condition is false)
    MSI (s) (30:C8) [22:20:42:843]: Doing action: WixOP_UpgradeInstall_set
    Action ended 22:20:42: CostInitialize. Return value 1.
    MSI (s) (30:C8) [22:20:42:843]: PROPERTY CHANGE: Adding WixOP_UpgradeInstall property. Its value is ‘Yes’.
    Action start 22:20:42: WixOP_UpgradeInstall_set.
    MSI (s) (30:C8) [22:20:42:843]: Skipping action: WixOP_UpgradeRemove_set (condition is false)
    MSI (s) (30:C8) [22:20:42:843]: Skipping action: InstallOOBEComponentsPropertySet (condition is false)
    MSI (s) (30:C8) [22:20:42:843]: Skipping action: PreventDownlevelOEMInstall (condition is false)
    MSI (s) (30:C8) [22:20:42:843]: Doing action: CloseClient
    Action ended 22:20:42: WixOP_UpgradeInstall_set. Return value 1.
    MSI (s) (30:C4) [22:20:42:890]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI9E6.tmp, Entrypoint: CloseClientApp
    Action start 22:20:42: CloseClient.
    Custom Action Trace (CloseClientApp): Close client application – file path ‘C:\Program Files\Microsoft Security Client\msseces.exe’
    Custom Action Trace (CloseProcess): Succeeded to close all processes
    MSI (s) (30:C8) [22:20:45:687]: Skipping action: CloseOOBEWizard (condition is false)
    MSI (s) (30:C8) [22:20:45:687]: Skipping action: OEMRegValuePropertySet (condition is false)
    MSI (s) (30:C8) [22:20:45:687]: Doing action: FileCost
    Action ended 22:20:45: CloseClient. Return value 1.
    Action start 22:20:45: FileCost.
    MSI (s) (30:C8) [22:20:45:734]: Note: 1: 2205 2: 3: MsiAssembly
    MSI (s) (30:C8) [22:20:45:734]: Note: 1: 2205 2: 3: Class
    MSI (s) (30:C8) [22:20:45:734]: Note: 1: 2205 2: 3: Extension
    MSI (s) (30:C8) [22:20:45:734]: Note: 1: 2205 2: 3: TypeLib
    MSI (s) (30:C8) [22:20:45:734]: Doing action: SetUserDefinedTargetFolder
    Action ended 22:20:45: FileCost. Return value 1.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding TARGETDIR property. Its value is ‘c:\Program Files\Microsoft Security Client\’.
    Action start 22:20:45: SetUserDefinedTargetFolder.
    MSI (s) (30:C8) [22:20:45:734]: Skipping action: SetWin8MetroUIShortcutDir (condition is false)
    MSI (s) (30:C8) [22:20:45:734]: Doing action: CostFinalize
    Action ended 22:20:45: SetUserDefinedTargetFolder. Return value 1.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding OutOfDiskSpace property. Its value is ‘0’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding OutOfNoRbDiskSpace property. Its value is ‘0’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceAvailable property. Its value is ‘0’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceRequired property. Its value is ‘0’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceRemaining property. Its value is ‘0’.
    MSI (s) (30:C8) [22:20:45:734]: Note: 1: 2205 2: 3: Patch
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Modifying DesktopFolder property. Its current value is ‘C:\Documents and Settings\All Users\Desktop\’. Its new value: ‘c:\Documents and Settings\All Users\Desktop\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding USERPROFILE property. Its value is ‘c:\Program Files\Microsoft Security Client\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding ALLUSERSPROFILE property. Its value is ‘c:\Program Files\Microsoft Security Client\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Modifying WindowsFolder property. Its current value is ‘C:\WINDOWS\’. Its new value: ‘c:\WINDOWS\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding InfFolder property. Its value is ‘c:\WINDOWS\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Modifying TempFolder property. Its current value is ‘C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\’. Its new value: ‘c:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Modifying SystemFolder property. Its current value is ‘C:\WINDOWS\system32\’. Its new value: ‘c:\WINDOWS\system32\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding DriverFolder property. Its value is ‘c:\WINDOWS\system32\Drivers\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding System64Folder property. Its value is ‘c:\Program Files\Microsoft Security Client\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Modifying System16Folder property. Its current value is ‘C:\WINDOWS\system\’. Its new value: ‘c:\WINDOWS\system\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Modifying StartMenuFolder property. Its current value is ‘C:\Documents and Settings\All Users\Start Menu\’. Its new value: ‘c:\Documents and Settings\All Users\Start Menu\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding ProgramFiles64Folder property. Its value is ‘c:\Program Files\Microsoft Security Client\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Modifying CommonFilesFolder property. Its current value is ‘C:\Program Files\Common Files\’. Its new value: ‘c:\Program Files\Common Files\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding CommonFiles64Folder property. Its value is ‘c:\Program Files\Microsoft Security Client\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding METROUISHORTCUTDIR property. Its value is ‘c:\Program Files\Microsoft Security Client\Programs\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Modifying ProgramMenuFolder property. Its current value is ‘C:\Documents and Settings\All Users\Start Menu\Programs\’. Its new value: ‘c:\Documents and Settings\All Users\Start Menu\Programs\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Modifying ProgramFilesFolder property. Its current value is ‘C:\Program Files\’. Its new value: ‘c:\Program Files\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding HomeDir property. Its value is ‘c:\Program Files\Microsoft Security Client\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Modifying MSMPAPPDATAFOLDER property. Its current value is ‘C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\’. Its new value: ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding CleanStoreFolder property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Clean Store\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding LocalCopyFolder property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding TelemetryFolder property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Telemetry\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding SupportFolder property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Support\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding ScanLocationFolder property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding ScanHistoryFolder property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding ScanResultsFolder property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\Results\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding ResultsSystemFolder property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\Results\System\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding ScanResourceFolder property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding QuickResultsFolder property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\Results\Quick\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding ScanContextsFolder property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\Contexts\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding QuarantineLocationFolder property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Quarantine\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding SignatureRootFolder property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding Updates property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Updates\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding Backup property. Its value is ‘c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding Symbols property. Its value is ‘c:\Program Files\Microsoft Security Client\Symbols\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding enus property. Its value is ‘c:\Program Files\Microsoft Security Client\en-us\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding MuiLang_SR_LATN property. Its value is ‘c:\Program Files\Microsoft Security Client\SR-LATN-CS\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding MuiLang_ZH_TW property. Its value is ‘c:\Program Files\Microsoft Security Client\ZH-TW\’.
    MSI (s) (30:C8) [22:20:45:734]: PROPERTY CHANGE: Adding MuiLang_ZH_CN property. Its value is ‘c:\Program Files\Microsoft Security Client\ZH-CN\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_VI_VN property. Its value is ‘c:\Program Files\Microsoft Security Client\VI-VN\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_UK_UA property. Its value is ‘c:\Program Files\Microsoft Security Client\UK-UA\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_TR_TR property. Its value is ‘c:\Program Files\Microsoft Security Client\TR-TR\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_TH_TH property. Its value is ‘c:\Program Files\Microsoft Security Client\TH-TH\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_SV_SE property. Its value is ‘c:\Program Files\Microsoft Security Client\SV-SE\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_SK_SK property. Its value is ‘c:\Program Files\Microsoft Security Client\SK-SK\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_RU_RU property. Its value is ‘c:\Program Files\Microsoft Security Client\RU-RU\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_RO_RO property. Its value is ‘c:\Program Files\Microsoft Security Client\RO-RO\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_PT_PT property. Its value is ‘c:\Program Files\Microsoft Security Client\PT-PT\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_PT_BR property. Its value is ‘c:\Program Files\Microsoft Security Client\PT-BR\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_PS_PS property. Its value is ‘c:\Program Files\Microsoft Security Client\qps-ploc\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_PS_MI property. Its value is ‘c:\Program Files\Microsoft Security Client\qps-plocm\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_PL_PL property. Its value is ‘c:\Program Files\Microsoft Security Client\PL-PL\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_NL_NL property. Its value is ‘c:\Program Files\Microsoft Security Client\NL-NL\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_NB_NO property. Its value is ‘c:\Program Files\Microsoft Security Client\NB-NO\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_LV_LV property. Its value is ‘c:\Program Files\Microsoft Security Client\LV-LV\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_KO_KR property. Its value is ‘c:\Program Files\Microsoft Security Client\KO-KR\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_JA_JP property. Its value is ‘c:\Program Files\Microsoft Security Client\JA-JP\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_LT_LT property. Its value is ‘c:\Program Files\Microsoft Security Client\LT-LT\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_IT_IT property. Its value is ‘c:\Program Files\Microsoft Security Client\IT-IT\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_HU_HU property. Its value is ‘c:\Program Files\Microsoft Security Client\HU-HU\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_HR_HR property. Its value is ‘c:\Program Files\Microsoft Security Client\HR-HR\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_FR_FR property. Its value is ‘c:\Program Files\Microsoft Security Client\FR-FR\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_FI_FI property. Its value is ‘c:\Program Files\Microsoft Security Client\FI-FI\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_ET_EE property. Its value is ‘c:\Program Files\Microsoft Security Client\ET-EE\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_ES_ES property. Its value is ‘c:\Program Files\Microsoft Security Client\ES-ES\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_EL_GR property. Its value is ‘c:\Program Files\Microsoft Security Client\EL-GR\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_DE_DE property. Its value is ‘c:\Program Files\Microsoft Security Client\DE-DE\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_DA_DK property. Its value is ‘c:\Program Files\Microsoft Security Client\DA-DK\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_CS_CZ property. Its value is ‘c:\Program Files\Microsoft Security Client\CS-CZ\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang_BG_BG property. Its value is ‘c:\Program Files\Microsoft Security Client\BG-BG\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding DRIVERS property. Its value is ‘c:\Program Files\Microsoft Security Client\Drivers\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding DRIVERBACKUP property. Its value is ‘c:\Program Files\Microsoft Security Client\Drivers\Backup\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding NIS_DRIVER_Backup property. Its value is ‘c:\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MPBOOT_Backup property. Its value is ‘c:\Program Files\Microsoft Security Client\Drivers\Backup\MpBoot\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MPFILTER_Backup property. Its value is ‘c:\Program Files\Microsoft Security Client\Drivers\Backup\mpfilter\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding NIS_DRIVER property. Its value is ‘c:\Program Files\Microsoft Security Client\Drivers\NisDrv\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MPBOOT property. Its value is ‘c:\Program Files\Microsoft Security Client\Drivers\MpBoot\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MPFILTER property. Its value is ‘c:\Program Files\Microsoft Security Client\Drivers\mpfilter\’.
    MSI (s) (30:C8) [22:20:45:750]: PROPERTY CHANGE: Adding MuiLang property. Its value is ‘c:\Program Files\Microsoft Security Client\en-US\’.
    MSI (s) (30:C8) [22:20:45:750]: Target path resolution complete. Dumping Directory table…
    MSI (s) (30:C8) [22:20:45:750]: Note: target paths subject to change (via custom actions or browsing)
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: TARGETDIR , Object: c:\Program Files\Microsoft Security Client\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: NISDRIVERWFP_PREVIOUSVERSION , Object: NULL
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MPBOOT_PREVIOUSVERSION , Object: NULL
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MPFILTER_PREVIOUSVERSION , Object: c:\Program Files\Microsoft Security Client\Drivers\mpfilter\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: DesktopFolder , Object: c:\Documents and Settings\All Users\Desktop\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: ELAM_BACKUP_FOLDER , Object: NULL
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: USERPROFILE , Object: c:\Program Files\Microsoft Security Client\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: ALLUSERSPROFILE , Object: c:\Program Files\Microsoft Security Client\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: WindowsFolder , Object: c:\WINDOWS\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: InfFolder , Object: c:\WINDOWS\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: TempFolder , Object: c:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: SystemFolder , Object: c:\WINDOWS\system32\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: DriverFolder , Object: c:\WINDOWS\system32\Drivers\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: System64Folder , Object: c:\Program Files\Microsoft Security Client\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: System16Folder , Object: c:\WINDOWS\system\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: StartMenuFolder , Object: c:\Documents and Settings\All Users\Start Menu\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: ProgramFiles64Folder , Object: c:\Program Files\Microsoft Security Client\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: CommonFilesFolder , Object: c:\Program Files\Common Files\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: CommonFiles64Folder , Object: c:\Program Files\Microsoft Security Client\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: METROUISHORTCUTDIR , Object: c:\Program Files\Microsoft Security Client\Programs\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: ProgramMenuFolder , Object: c:\Documents and Settings\All Users\Start Menu\Programs\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: ProgramFilesFolder , Object: c:\Program Files\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: HomeDir , Object: c:\Program Files\Microsoft Security Client\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MSMPAPPDATAFOLDER , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: CleanStoreFolder , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Clean Store\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: LocalCopyFolder , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: TelemetryFolder , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Telemetry\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: SupportFolder , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Support\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: ScanLocationFolder , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: ScanHistoryFolder , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: ScanResultsFolder , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\Results\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: ResultsSystemFolder , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\Results\System\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: ScanResourceFolder , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: QuickResultsFolder , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\Results\Quick\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: ScanContextsFolder , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\Contexts\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: QuarantineLocationFolder , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Quarantine\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: SignatureRootFolder , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: Updates , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Updates\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: Backup , Object: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: INSTALLDIR , Object: c:\Program Files\Microsoft Security Client\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: Symbols , Object: c:\Program Files\Microsoft Security Client\Symbols\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: enus , Object: c:\Program Files\Microsoft Security Client\en-us\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_SR_LATN , Object: c:\Program Files\Microsoft Security Client\SR-LATN-CS\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_ZH_TW , Object: c:\Program Files\Microsoft Security Client\ZH-TW\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_ZH_CN , Object: c:\Program Files\Microsoft Security Client\ZH-CN\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_VI_VN , Object: c:\Program Files\Microsoft Security Client\VI-VN\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_UK_UA , Object: c:\Program Files\Microsoft Security Client\UK-UA\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_TR_TR , Object: c:\Program Files\Microsoft Security Client\TR-TR\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_TH_TH , Object: c:\Program Files\Microsoft Security Client\TH-TH\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_SV_SE , Object: c:\Program Files\Microsoft Security Client\SV-SE\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_SK_SK , Object: c:\Program Files\Microsoft Security Client\SK-SK\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_RU_RU , Object: c:\Program Files\Microsoft Security Client\RU-RU\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_RO_RO , Object: c:\Program Files\Microsoft Security Client\RO-RO\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_PT_PT , Object: c:\Program Files\Microsoft Security Client\PT-PT\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_PT_BR , Object: c:\Program Files\Microsoft Security Client\PT-BR\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_PS_PS , Object: c:\Program Files\Microsoft Security Client\qps-ploc\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_PS_MI , Object: c:\Program Files\Microsoft Security Client\qps-plocm\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_PL_PL , Object: c:\Program Files\Microsoft Security Client\PL-PL\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_NL_NL , Object: c:\Program Files\Microsoft Security Client\NL-NL\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_NB_NO , Object: c:\Program Files\Microsoft Security Client\NB-NO\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_LV_LV , Object: c:\Program Files\Microsoft Security Client\LV-LV\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_KO_KR , Object: c:\Program Files\Microsoft Security Client\KO-KR\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_JA_JP , Object: c:\Program Files\Microsoft Security Client\JA-JP\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_LT_LT , Object: c:\Program Files\Microsoft Security Client\LT-LT\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_IT_IT , Object: c:\Program Files\Microsoft Security Client\IT-IT\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_HU_HU , Object: c:\Program Files\Microsoft Security Client\HU-HU\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_HR_HR , Object: c:\Program Files\Microsoft Security Client\HR-HR\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_FR_FR , Object: c:\Program Files\Microsoft Security Client\FR-FR\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_FI_FI , Object: c:\Program Files\Microsoft Security Client\FI-FI\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_ET_EE , Object: c:\Program Files\Microsoft Security Client\ET-EE\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_ES_ES , Object: c:\Program Files\Microsoft Security Client\ES-ES\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_EL_GR , Object: c:\Program Files\Microsoft Security Client\EL-GR\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_DE_DE , Object: c:\Program Files\Microsoft Security Client\DE-DE\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_DA_DK , Object: c:\Program Files\Microsoft Security Client\DA-DK\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_CS_CZ , Object: c:\Program Files\Microsoft Security Client\CS-CZ\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang_BG_BG , Object: c:\Program Files\Microsoft Security Client\BG-BG\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: DRIVERS , Object: c:\Program Files\Microsoft Security Client\Drivers\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: DRIVERBACKUP , Object: c:\Program Files\Microsoft Security Client\Drivers\Backup\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: NIS_DRIVER_Backup , Object: c:\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MPBOOT_Backup , Object: c:\Program Files\Microsoft Security Client\Drivers\Backup\MpBoot\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MPFILTER_Backup , Object: c:\Program Files\Microsoft Security Client\Drivers\Backup\mpfilter\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: NIS_DRIVER , Object: c:\Program Files\Microsoft Security Client\Drivers\NisDrv\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MPBOOT , Object: c:\Program Files\Microsoft Security Client\Drivers\MpBoot\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MPFILTER , Object: c:\Program Files\Microsoft Security Client\Drivers\mpfilter\
    MSI (s) (30:C8) [22:20:45:750]: Dir (target): Key: MuiLang , Object: c:\Program Files\Microsoft Security Client\en-US\
    MSI (s) (30:C8) [22:20:45:750]: Note: 1: 2205 2: 3: MsiAssembly
    MSI (s) (30:C8) [22:20:45:750]: Note: 1: 2228 2: 3: MsiAssembly 4: SELECT `MsiAssembly`.`Attributes`, `MsiAssembly`.`File_Application`, `MsiAssembly`.`File_Manifest`, `Component`.`KeyPath` FROM `MsiAssembly`, `Component` WHERE `MsiAssembly`.`Component_` = `Component`.`Component` AND `MsiAssembly`.`Component_` = ?
    Action start 22:20:45: CostFinalize.
    MSI (s) (30:C8) [22:20:46:156]: Doing action: MigrateFeatureStates
    Action ended 22:20:46: CostFinalize. Return value 1.
    Action start 22:20:46: MigrateFeatureStates.
    MSI (s) (30:C8) [22:20:46:156]: Doing action: InstallValidate
    Action ended 22:20:46: MigrateFeatureStates. Return value 0.
    MSI (s) (30:C8) [22:20:46:156]: Note: 1: 2205 2: 3: Dialog
    MSI (s) (30:C8) [22:20:46:156]: Feature: NIS; Installed: Absent; Request: Null; Action: Null
    MSI (s) (30:C8) [22:20:46:156]: Feature: EppOobe; Installed: Absent; Request: Null; Action: Null
    MSI (s) (30:C8) [22:20:46:156]: Feature: MpUxSrvOob; Installed: Absent; Request: Null; Action: Null
    MSI (s) (30:C8) [22:20:46:156]: Feature: UACSupport; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Feature: MSMPService; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Feature: LocFiles; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Feature: NIS_FEATURE; Installed: Absent; Request: Null; Action: Null
    MSI (s) (30:C8) [22:20:46:156]: Feature: EppBody; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Feature: EppLocFullBody; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Feature: BootStrapper; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: MsMpComDllPreVista; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: MsMpComDllVista; Installed: Absent; Request: Local; Action: Null
    MSI (s) (30:C8) [22:20:46:156]: Component: MsMpComAppIdRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: INSTALLDIRLocation; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: MalwareProtectionKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: InstallLocationRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: ProductAppDataPathRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: BetaPlatformRegistry; Installed: Absent; Request: Local; Action: Null
    MSI (s) (30:C8) [22:20:46:156]: Component: BetaPlatformMAPSOptin; Installed: Absent; Request: Local; Action: Null
    MSI (s) (30:C8) [22:20:46:156]: Component: BetaPlatformSqmOptin; Installed: Absent; Request: Local; Action: Null
    MSI (s) (30:C8) [22:20:46:156]: Component: NotificationExeRegistry; Installed: Absent; Request: Local; Action: Null
    MSI (s) (30:C8) [22:20:46:156]: Component: ThrottlingIntervalRegistry; Installed: Absent; Request: Local; Action: Null
    MSI (s) (30:C8) [22:20:46:156]: Component: ServiceHardeningFlagsRegistry; Installed: Absent; Request: Local; Action: Null
    MSI (s) (30:C8) [22:20:46:156]: Component: ProductIconRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: ProductLocalizedNameRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: RemediationExeRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: WatCheckDllRegistry; Installed: Absent; Request: Local; Action: Null
    MSI (s) (30:C8) [22:20:46:156]: Component: SignatureCategoryIdRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: RealTimeProtectionKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: ScanKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: EnableTrustedImageRegistry; Installed: Absent; Request: Local; Action: Null
    MSI (s) (30:C8) [22:20:46:156]: Component: QuarantineKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: ReportingKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: SignatureUpdatesKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: SpyNetKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: SpyNetReportingLocationRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: ThreatsKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: ThreatIDDefaultActionKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: ThreatSeverityDefaultActionKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: ExclusionsKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: ExclusionsExtensionsKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: ExclusionsPathsKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: ExclusionsTempPathsKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: ExclusionsProcessesKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: UXConfigurationKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: MiscellaneousConfigurationKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: MpEngineKeyRegistry; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: SavePRODUCTICON; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:46:156]: Component: SavePRODUCTLOCALIZEDNAME; Installed: Absent; Request: Local; Action: Local
    MSI (s) (30:C8) [22:20:4

Leave a Reply

Your email address will not be published. Required fields are marked *