I’m getting a User Account Control warning, that asks if I want to allow msiexec.exe to make changes to this computer. I keep saying NO, but it persists in asking. How do I make it stop?
Yes, I DID go to Google, but my fu is weak and my search terms are inadequate. Or something.
Win7, running Firefox, and I have Microsoft Security Essentials, which I’ve just run.
Ctrl + Shift + Esc and then select the process and end it. If it’s happening at boot, Start -> Run -> msconfig and disable whatever Installer is trying to run. Msiexec.exe just runs .msi installers, so it could be pretty much anything.
The task manager won’t end the process. Says “Operation could not be completed. Access denied”
I’ll try disabling the installer, if I can figure out which one is trying to install.
Thanks.
Do you have Chrome? It installs in the background even if it’s not running. I only know about it from some HIPS software.
That’s the only program I know of (besides something from Windows updates) that constantly installs.
Why are you saying “no” to it? Msiexec.exe appears to be a legitimate component of Windows. Do you have any particular reason to think it has been hi-jacked by malware? Most likely, it is trying to install some sort of update (to Windows itself, or to one of your applications), which is probably a good thing to have.
I would run Malwarebytes as well as MSE, and if neither finds anything wrong, I would let it run.
Well, it’s an installer, and I don’t DO automatic updates, and I haven’t installed anything lately. So it shouldn’t be running. Apparently there’s some virus or trojan that calls itself msiexec.exe, and so I really don’t want that thing running unless it’s necessary.
I run Firefox and IE, not Chrome or any other browser.
And I can’t figure out which program is trying to install.
You also might try disabling the UAC completely via the control panel. Christ, you can’t take a piss using Windows 7 without it asking for confirmation three times.
I agree here is the link to the free version of Malwarebytes
Also you could try running the computer in safe mode, to see if anything happens there.
I recently had this problem on my laptop. I didn’t want to give it permission out of paranoia - I was afraid something had hijacked it. I updated MalwareBytes and ran it and it didn’t have any impact on the problem. I finally just did a system restore, and that cleared it up.
What is the UAC?
And yeah, every time I try to take a potty break, the computer wants to know if I’m sure I need to pee.
Clearly, I need to table my plans for Saturday and just spend all day trying to convince my computer that I want it to do what I tell it to do, and no more.
UAC is user account control
I like it myself.
If you hit ctrl-shift-esc, which brings up the task manager, and go to the “processes” tab, and then and then go to “View … Select Columns” and check the box next to “Command Line,” then click OK, the processes tab will show the actual command each process is running with, and you should be able to see what exactly the msiexec.exe is trying to do – if it’s trying to execute an .msi installer and is running from C:\Windows\System32\msiexec.exe like it should be, or if it’s running from somewhere else and is just on its own. That might provide a clue…
The thing is, the publisher is listed as “unknown”, and if this is REALLY msiexec.exe from Microsoft, I would think that the publisher would be known.
I bring up the Task Manager, but the damned Warning will appear in front of it, making it impossible to use the Task Manager. Grrrr. And grrrrr again.
Second.
This should tell you what is trying to start msiexec.
The problem is, I don’t KNOW which installer is trying to run. I can’t tell what’s an installer and what isn’t. I see something that I suspect might be it, consent.exe, but the computer won’t let me end it. There’s a lot of things running that have a lot of letters that appear to be random.
I did get MalwareBytes, and bought it, as it found over a thousand errors.
Having spent ten years of my life with MSI, I understand how frustrating this is.
Without getting into perusal of system logs and full 'tech support" mode, the most likely cause is a damaged application that the system is attempting to ‘repair’ by re-running the original installer.
Have you tried letting it run and complete what it wants to do? If that doesn’t work or you want to identify the installer first, we’ll have do some more digging.
I’m tempted to do just that, but I’m scared. However, if it’s a damaged application…that actually makes sense. I’ll shut everything down and try it.
But shouldn’t it only do that when you try to start the original program, and not just randomly?
And don’t shut off UAC. It may be annoying, but shutting it off is about as stupid as not running an antivirus used to be. It’s not perfect, but it does make your computer more secure.
I think it’s worth pointing out that anything can call itself “msiexec.exe”, or whatever. In this case it probably is the legitimate application of that name, but you shouldn’t rely too much on the name that a process runs under. Malware can, and does, use legitimate-sounding process names. You are better-off using other utilities which tell you what the actual executable file is. If it’s a legitimate Windows component, it probably should have come from \windows\systems32 or somewhere like that. If it’s malware, it may reside in some weird temporary directory, possibly under your user account’s home directory.
I am not quite clear where you are seeing this, but I think it probably refers to whatever msiexec.exe is trying to install rather than to msiexec.exe itself. In my experience Windows reportss most non-Microsoft programs (and even, I think, a few Microsoft ones) as publisher unknown. I do not think it is much to be worried about.
That, however, does not sound good at all!
Did I understand you correctly, upthread, to say that you do not run Windows updates. If so, that is not a good policy. Not having the updates can leave you with all sorts of vulnerabilities that malware can exploit.