Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

5.0.9600.16384 (winblue_rtm.130821-1623) 3.68%
5.0.9600.16384 (winblue_rtm.130821-1623) 0.25%
5.0.9431.0 (winmain_bluemp.130615-1214) 0.20%
5.0.9431.0 (winmain_bluemp.130615-1214) 0.04%
5.0.9200.16384 (win8_rtm.120725-1247) 2.25%
5.0.9200.16384 (win8_rtm.120725-1247) 13.41%
5.0.8400.0 (winmain_win8rc.120518-1423) 0.08%
5.0.8400.0 (winmain_win8rc.120518-1423) 0.08%
5.0.8250.0 (winmain_win8beta.120217-1520) 0.04%
5.0.8102.0 (winmain_win8m3.110823-1455) 0.08%
5.0.7600.16385 (win7_rtm.090713-1255) 5.03%
5.0.7600.16385 (win7_rtm.090713-1255) 35.73%
5.0.7600.16385 (win7_rtm.090713-1255) 17.42%
5.0.7600.16385 (win7_rtm.090713-1255) 3.27%
5.0.7600.16385 (win7_rtm.090713-1255) 0.04%
5.0.7264.0 (win7_rtm.090622-1900) 0.04%
4.5.6002.18005 (lh_sp2rtm.090410-1830) 0.65%
4.5.6002.18005 (lh_sp2rtm.090410-1830) 0.12%
4.5.6001.22159 (vistasp1_ldr.080415-1732) 4.62%
4.5.6001.22159 (vistasp1_ldr.080415-1732) 0.04%
4.5.6001.22159 (vistasp1_ldr.080415-1732) 0.04%
4.5.6001.22159 (vistasp1_ldr.080415-1732) 0.12%
4.5.6001.22159 (vistasp1_ldr.080415-1732) 0.08%
4.5.6001.22159 (vistasp1_ldr.080415-1732) 0.12%
4.5.6001.22159 (vistasp1_ldr.080415-1732) 0.04%
View more

Relationships

Child process
Related files

PE structurePE file structure

Show functions
Import table
advapi32.dll
RegOpenKeyExW, RegCreateKeyExW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, OpenThreadToken, FreeSid, GetLengthSid, AllocateAndInitializeSid, DeregisterEventSource, ReportEventW, RegisterEventSourceW, MakeSelfRelativeSD, GetSecurityDescriptorLength, SetSecurityDescriptorGroup, SetSecurityDescriptorOwner, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, GetAce, AddAccessAllowedAce, InitializeAcl, RegCloseKey, RegSetValueExW, RegDeleteKeyW, RegQueryValueExW, RegDeleteValueW, RegEnumKeyW, CloseServiceHandle, CreateServiceW, OpenSCManagerW, SetThreadToken, DeleteService, QueryServiceStatus, ControlService, OpenServiceW, RegEnumKeyExW, SetServiceStatus, RegisterServiceCtrlHandlerW, EqualSid, GetSecurityDescriptorOwner, RegGetKeySecurity, MakeAbsoluteSD, GetTokenInformation, RevertToSelf, StartServiceCtrlDispatcherW, TraceMessage
kernel32.dll
lstrlenW, lstrcmpiW, CloseHandle, InterlockedExchange, GetCurrentProcess, GetLastError, GetCurrentThread, Sleep, GetVersionExW, GetEnvironmentVariableW, InitializeCriticalSection, DeleteCriticalSection, GetProcAddress, LoadLibraryW, MultiByteToWideChar, WideCharToMultiByte, SetLastError, GlobalAlloc, GlobalFree, FreeLibrary, UnhandledExceptionFilter, GetVersion, GetModuleHandleW, WaitForSingleObject, CreateProcessW, GetModuleFileNameW, InterlockedDecrement, InterlockedIncrement, lstrcmpW, FormatMessageW, GetSystemDefaultLangID, LoadLibraryExW, SetCurrentDirectoryW, OutputDebugStringW, WriteFile, GetLocaleInfoW, GetACP, LeaveCriticalSection, EnterCriticalSection, OpenProcess, CreateEventW, OpenEventW, CompareStringW, GetFileType, GetStdHandle, GetCommandLineW, ExitProcess, SetEvent, SetConsoleCtrlHandler, CreateThread, GetSystemDirectoryW, GetSystemTimeAsFileTime, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, GetModuleHandleA, TerminateProcess, SetUnhandledExceptionFilter, GetStartupInfoA, InterlockedCompareExchange, GetModuleHandleExW, DelayLoadFailureHook, LoadLibraryExA, CancelWaitableTimer
msvcrt.dll
DllMain
ntdll.dll
RtlNtStatusToDosError, RtlUnwind, NtQueryInformationProcess
ole32.dll
CoInitialize, CoRevokeClassObject, CoRegisterClassObject, StgOpenStorage, CoUninitialize
rpcrt4.dll
RpcRaiseException, RpcEpUnregister, RpcBindingVectorFree, RpcServerUnregisterIf, RpcServerUseProtseqW, RpcServerInqBindings, RpcServerRegisterIfEx, RpcEpRegisterW, NdrServerCall2
user32.dll
MsgWaitForMultipleObjects, IsCharAlphaNumericW, GetMessageW, PeekMessageW, DispatchMessageW, TranslateMessage, PostQuitMessage, PostThreadMessageW

msiexec.exe

Windows Installer - Unicode by Microsoft

Remove msiexec.exe
Version:   5.0.9200.16384 (win8_rtm.120725-1247)
MD5:   e38d9838439d0bbc22ef3f1e9f058f8e
SHA1:   bb187101d52c8d3e1e578836da4fed28ec868883
SHA256:   3dc0dd10b35bd35cb0c263cd51629712174173a9ce6daf6ee41ae915989ac772
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is msiexec.exe?

Microsoft Windows Installer is an installation and configuration service provided with Windows. The installer service enables customers to provide better corporate deployment and provides a standard format for component management. The installer also enables the advertisement of applications and features according to the operating system.

Overview

msiexec.exe runs as a service under the name Windows Installer -ohjelma (msiserver) with extensive SYSTEM privileges (full administrator access). It is installed in Internet Explorer as a Browser Helper Object (BHO) which has full acess to the web browser's behaviors and content. This version is installed on Windows 8 and is compiled as a 64 bit program.

DetailsDetails

File name:msiexec.exe
Publisher:Microsoft Corporation
Product name:Windows Installer - Unicode
Description:Windows® installer
Typical file path:C:\Windows\System32\msiexec.exe
Original name:msiexec.exe.mui
File version:5.0.9200.16384 (win8_rtm.120725-1247)
Product version:5.0.9200.16384
Size:121.5 KB (124,416 bytes)
Digital DNA
PE subsystem:Windows GUI
Entropy:5.753598
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • msiserver
  • 'msiserver' (Windows Installer)
Scheduled tasks
  • The job '{AD1C092E-8BF9-4322-8B6D-869115BC67D2}' runs on registration in the path '\{AD1C092E-8BF9-4322-8B6D-869115BC67D2}'
  • The job '{EFAD775F-CDF7-4932-BC9F-7C11500B0E27}' runs on registration in the path '\{EFAD775F-CDF7-4932-BC9F-7C11500B0E27}'
  • The task '{AF16EC4C-C7D3-4650-BE4D-593A0E554F4A}' runs on registration in the path '\{AF16EC4C-C7D3-4650-BE4D-593A0E554F4A}'
  • The task '{2A68DB8E-C884-4452-862A-37F7C7E8C162}' runs on registration in the path '\{2A68DB8E-C884-4452-862A-37F7C7E8C162}'
  • The task '{47FC463B-9928-45D3-823C-B4D5F78A7363}' runs on registration in the path '\{47FC463B-9928-45D3-823C-B4D5F78A7363}'
  • The task '{FB16A2A3-DB26-4127-9711-C5E0BF071B10}' runs on registration in the path '\{FB16A2A3-DB26-4127-9711-C5E0BF071B10}'
  • The job '{E29801CF-E188-4C12-9343-76AFA0F16BEB}' runs on registration in the path '\{E29801CF-E188-4C12-9343-76AFA0F16BEB}'
  • The job '{1869EC6C-EE7B-4B66-B13A-A2FF8E7EBDD0}' runs on registration in the path '\{1869EC6C-EE7B-4B66-B13A-A2FF8E7EBDD0}'
  • The job '{AF8E4C1B-E35B-4C57-9A64-1CB2C21CFA46}' runs on registration in the path '\{AF8E4C1B-E35B-4C57-9A64-1CB2C21CFA46}'
  • The job '{C02B77F7-A5CC-4BBE-90BF-75B82251A853}' runs on registration in the path '\{C02B77F7-A5CC-4BBE-90BF-75B82251A853}'
  • The job '{161E942A-7077-4225-AAE1-3727163FBBBF}' runs on registration in the path '\{161E942A-7077-4225-AAE1-3727163FBBBF}'
  • The task '{603A289F-660C-4649-8820-58FD6E7AA78F}' runs on registration in the path '\{603A289F-660C-4649-8820-58FD6E7AA78F}'
  • Entry path '\{8C9E5B76-E78A-411A-B939-C6A034267770}'
  • Entry path '\{7F6FE1B4-CD5C-4EB3-BA3C-FA05AEE67CB6}'
  • Entry path '\{0E478F47-D66E-4DE5-8BE0-876334CD9EBD}'
  • Entry path '\{E673B621-598C-4A26-8A81-2A485793D284}'
  • Entry path '\{C19210A5-228E-4FEA-8C35-D871B9C4FB5F}'
  • Entry path '\{9A26DFD9-8384-4F4C-B4E8-58F5A8829AFB}'
  • Entry path '\{5AA35628-621C-4869-8C3F-FDDA0E1007B1}'
  • Entry path '\{36EF27E1-070B-4449-BB00-BFD5F2EC510B}'
  • Entry path '\{1DCAC8D1-9B4D-4FF8-ABA2-CFD2CD44EEB3}'
  • Entry path '\{E7F58D98-807C-426A-8F92-2766A35F2221}'
Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
  • BHO CLSID: {127AD70F-B2B7-4f6a-ACD9-C7B1FE48C8C0}

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.03649106%
0.028634%
Kernel CPU:0.01313064%
0.013761%
User CPU:0.02336042%
0.014873%
Kernel CPU time:173,876 ms/min
100,923,805ms/min
CPU cycles:1,305,649/sec
17,470,203/sec
Context switches:7/sec
284/sec
Memory
Private memory:23.29 MB
21.59 MB
Private (maximum):17.78 MB
Private (minimum):9.21 MB
Non-paged memory:23.29 MB
21.59 MB
Virtual memory:455.89 MB
140.96 MB
Virtual memory (peak):565.82 MB
169.69 MB
Working set:13.93 MB
18.61 MB
Working set (peak):28.12 MB
37.95 MB
Page faults:69,708/min
2,039/min
I/O
I/O read transfer:112.86 KB/sec
1.02 MB/min
I/O read operations:8/sec
343/min
I/O write transfer:62.02 KB/sec
274.99 KB/min
I/O write operations:4/sec
227/min
I/O other transfer:3.93 KB/sec
448.09 KB/min
I/O other operations:222/sec
1,671/min
Resource allocations
Threads:12
12
Handles:309
600

BehaviorsProcess properties

Integrety level:System
Platform:64-bit
Command lines:
  • C:\Windows\System32\msiexec.exe /v
Owner:SYSTEM
Windows Service
Service name:msiserver
Display name:Windows Installer -ohjelma
Description:“Lisää, muokkaa tai poistaa Windows Installer- tai APPX-pakettina (*.msi, *.msp ja *.appx) tarjottuja sovelluksia. Jos tämä palvelu poistetaan käytöstä, siitä suoraan riippuvaiset palvelut eivät käynnisty.”
Type:Win32OwnProcess
Parent process:services.exe (by Microsoft)

ResourcesThreads

Averages
 
ntdll.dll
Total CPU:0.23691958%
0.272967%
Kernel CPU:0.09438287%
0.107585%
User CPU:0.14253671%
0.165382%
CPU cycles:6,051,221/sec
5,741,424/sec
Context switches:15/sec
79/sec
Memory:1.75 MB
1.16 MB
msiexec.exe (main module)
Total CPU:0.00245549%
Kernel CPU:0.00175925%
User CPU:0.00069624%
CPU cycles:31,711/sec
Memory:140 KB
ESENT.dll
Total CPU:0.00021388%
Kernel CPU:0.00000000%
User CPU:0.00021388%
CPU cycles:1,179/sec
Memory:2.75 MB
combase.dll
Total CPU:0.00000238%
Kernel CPU:0.00000000%
User CPU:0.00000238%
CPU cycles:377/sec
Memory:1.69 MB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 59.50%
Windows 7 Ultimate 25.50%
Windows 7 Professional 9.50%
Windows 7 Home Basic 2.50%
Windows 7 Starter 1.50%
Windows 8 Pro 1.00%
Windows 8 Enterprise Evaluation 0.50%

Distribution by countryDistribution by country

United States installs about 48.74% of Windows Installer - Unicode.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 23.57%
Hewlett-Packard 18.63%
ASUS 12.93%
Toshiba 12.93%
Acer 11.79%
Lenovo 4.56%
Samsung 3.04%
Sony 3.04%
GIGABYTE 3.04%
Gateway 1.52%
MSI 1.52%
Alienware 0.76%
Medion 0.76%
Intel 0.76%
NEC 0.76%
Sahara 0.38%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE