Very odd file for Windows Update

Has anyone ever seen this before for a windows update? This freaked me out.

 

The file msiexec.exe belongs to the Windows Installer Component. It might be installing the latest Windows updates.

thanatos

 

That indeed is a very odd file name. Did you allow it?

 

There were a total of 4 updates. I wasn't paying close attention to the first two that did install, but when I seen this I blocked it and the update failed like the next.

I was puzzled because I have never seen a file like this from something legit. For a brief moment I thought malware was involved. It really threw me. Usually files that look like this is related to malware.

I ran Gmer, Kaspersky and now I'm running SAS Pro just to play it safe.

 

A silly question.....are you sure you were at the MS updates site and not spoofed to another site? Have you tried going back? I just checked MS updates for XP yesterday and no critical ones were available. I agree, such a randomly named file is usually malware related.

 

Last weeks Patch Tuesday had 4 updates. These are all for Office. But there should be Malicious Software Removal Tool as well. Perhaps one of them is the reason?

 

Hi gang,

Yes Seer, you are correct there were 4 office updates and the pop up I got from OA was from 2 of them. I didn't d/l the MSR Tool.

@ThunderZ

I would hope so cuz I clicked on the icon from the desktop. If I was spoofed they were very good. I just typed the url in and compared it to the one I used my icon and they look the same. I had to boot into another snapshot (due to another snafu) and update my Primary so it's all gone now.

I have sat many a times and watched windows update and I have never seen anything like this. I really don't feel comfortable installing this.

@Stapp

Thanks for the link stapp. It does look similar.

 

Maybe msiexec.exe is trying to install a corrupted Windows update.

thanatos

 

Sure has my curiosity perked.....as well as the hairs on the back of my neck. A possible option to check into this some more would be to use Belarc Advisor. This will allow you to download the individual updates from MS without using the update site. Would be curious if it shows an update by that name. It runs about a week behind the actual release time of the updates. However if you choose the IT download link from the MS site it takes you to you can get the updates to install at your leisure and\or slip-stream them using nLite for an unattended install as well.
It also shows a wealth of other information about your system and the software installed.

 

That's a good idea, I forgot about that program. I will give it a try next week and let you know what happens cuz I'm curious myself.