XP "preparing to install" msiexec.exe running on startup

This is a good one. Some installer has failed and is attempting to install itself every time windows starts or a device is connected/disk inserted.

We have tried everything suggested here and elsewhere, (msiclean and all that) the machine is malware free and clean now Registry has no errors Just this annoying matter which is causing a 10 minute boot time and slowing everything down in use.

There is no problem with wiping and reinstalling, but I would like to get to the bottom of it for future reference.

Any ideas?

 

Hi varnull

Sounds like a pesky problem.

Before we begin the cleanup process, it is important to do a little analysis first. We will analyze your computer with a tool called HijackThis.

Please download the HijackThis zip file. Save it onto a convenient place in your computer, and then unzip the file.

Rename HijackThis(.exe) to scanner(.exe).

Next, run scanner(.exe). A window will pop up.

• Click on the button which says Main Menu, then Do a system scan and save a logfile.
• Please wait for the scan to be completed.
• After the scan has completed, a text window will pop up. Please post the contents of this window here.

This will also be located at hijackthis(.txt) in the same folder that HijackThis was originally saved.

NOTE:: Do not fix anything using HijackThis, as this may also damage legitimate components of your computer.

Also, in your next post, tell me if a file "autorun.inf" is present at the root of each drive. You will have to make sure the viewing of hidden files and system protected files and folders is enabled.

Best Regards

 

Some 1 was faster

 

Haha, sorry yaht. What were you going to say?

 

Some thing what you say

 

Already did all that. and combofix.. and some other things suggested o the M$ help pages.

It was related to some installer that had crashed during install, but the only process call was to msiexec.exe.. no clues to what was calling it as the program was never installed.. Taking that entry out didn't help as the process just spawned later.. most likely something broken in the kernel.

2 days.. too late.. machine was wiped and clean installed morning 5th because it is a vital work machine. Not possible to post here as the buildings network blocks afterdawn (adult images on profile pages is the owners excuse)

No worries.. next time I get one like that I'll do some proper logs and try to get to the bottom of it.. It wasn't possible to mess about that much with it in a shop with customers and distractions and the machine needing to be used all the time. It needed a good cleanout anyway.. loads of old bits of junk hanging about from 4 years of daily commercial use.

 

Drive imaging is the only way to go for recovery, my personal choice is ghost tho 2old would argue go with acronis,either way it's an investment that pays for itself & yep i practice what i preach,it also means you don't need system restore,the 3 options in imaging are as follows

1:-Clone whole hdd to another hdd

[Images are sort like iso's for lack of a better word,they can also be searched thru to recover specific data,images only contain the data so little space is taken up so to speak,however they also contain the data needed to recreate the empty space of the drives partition.]

2:-Create 1 time backup image of c drive or any other partition or all.

3:-Create incremental drive images of c & my doc's,works similar to system restore,except more configurable,you can set hourly,daily,weekly monthly including how many points you want,with a new set created at the start of each month,basicly only changes are saved so you save disk space,it works well

All images can be saved to dvd if needed

Further help when having issues go here,bookmark it even if you don't want to image at this time
http://radified.com/cgi-bin/yabb2/YaBB.pl

There's also xxclone which is free sort of,the bought version unlocks all functions,personally go with the commercial ones above,partition magic would'nt be a bad investment tho acronis has a more recent version that does the same as partition magic has'nt been updated in a while

EDIT: Just thought of something else,tho it depends on what the machine is used for & whether or not your IT person can configure it for a shop floor,putting ubuntu or a suitable linux distro onto another partition can let you continue even tho windows is out of action there are commercial linux distro's specifically targeted at businesses