A problem with msiexec.exe

[Anthony Buckland]

I'm being constantly bedevilled, since about a month after
installing the current release of Google Earth, by AV
warnings (from ZoneAlarm) as follows:

Setup Launcher is trying to launch
C:\WINDOWS\system32\msiexec.exe,
or use another program to gain access to
privileged resources.
Application: GOOGLEEARTH.EXE

The Google Earth forum, which has a high volume, hasn't so
far yielded any hints about this behavior. Googling msiexec
hasn't either, although there are occurrences of warnings that
this service is itself malevolent (hardly seems likely) and that
viruses affecting it exist (no virus warnings lately). I've been
denying the requested access, but requests come at least
daily.

I don't expect people here to give advice about Google Earth
internals, of course, but would be interested to hear about
similar experiences and their outcomes.

Thanks.

 

[Shenan Stanley]

I'm being constantly bedevilled, since about a month after
installing the current release of Google Earth, by AV
warnings (from ZoneAlarm) as follows:

Setup Launcher is trying to launch
C:\WINDOWS\system32\msiexec.exe,
or use another program to gain access to
privileged resources.
Application: GOOGLEEARTH.EXE

The Google Earth forum, which has a high volume, hasn't so
far yielded any hints about this behavior. Googling msiexec
hasn't either, although there are occurrences of warnings that
this service is itself malevolent (hardly seems likely) and that
viruses affecting it exist (no virus warnings lately). I've been
denying the requested access, but requests come at least
daily.

I don't expect people here to give advice about Google Earth
internals, of course, but would be interested to hear about
similar experiences and their outcomes.

Thanks.

Drop the Zone Labs products.

If you have their AV solution, drop it and get Avira AntiVirus (free) or
better yet - eSet NOD32.

If you have their firewall solution, drop it and use the built in firewall
that comes with the operating system.

Things will run faster (if everything gets properly removed) and you have
removed the variables likely causing your issues.

 

[VanguardLH]

I'm being constantly bedevilled, since about a month after
installing the current release of Google Earth, by AV
warnings (from ZoneAlarm) as follows:

Setup Launcher is trying to launch
C:\WINDOWS\system32\msiexec.exe,
or use another program to gain access to
privileged resources.
Application: GOOGLEEARTH.EXE

The Google Earth forum, which has a high volume, hasn't so
far yielded any hints about this behavior. Googling msiexec
hasn't either, although there are occurrences of warnings that
this service is itself malevolent (hardly seems likely) and that
viruses affecting it exist (no virus warnings lately). I've been
denying the requested access, but requests come at least
daily.

I don't expect people here to give advice about Google Earth
internals, of course, but would be interested to hear about
similar experiences and their outcomes.

Thanks.

Are you logon under an admin-level account at the time? If so, have you run
their update?

Google doesn't care about Windows security. They only care that they get
their software onto your host. Limited/restricted users are normally not
allowed to install software. Google wants to circumvent Windows security to
allow limited users to install their software. So they dump their
executable files under your %userprofile% path which has full permissions,
including execute permission. That way, they dump their apps into a path
where even a limited user can run those executables and nothing prevents
putting the executables there. Some admins have caught onto this loophole
by changing permissions on user profiles to withdraw the execute permission
on all files and subfolders under the user's profile path.

Microsoft does care about permissions so its installer (MSI) will prevent
non-admins from installing software. If Google is using MSI then it is
likely that you have to be logged under a admin-level account to run that
MSI-controlled install.

Did you define an outbound rule for the Google app in your 3rd party
firewall? It might be trying to get an external connection but gets
prevented by the firewall. See if disabling the firewall eliminates the
problem (which might be due to the Google app trying to update itself).
Don't expect to find any auto-update option in Google apps. I don't know
about Google Earth but Google Chrome doesn't let you decide when to update
or even allow you not to update. Google isn't interested in following the
normal update cycle by releasing an update and letting users decide if and
when to update their hosts. Instead Google will push an update without
notice. This is how they force all their Google Chrome users to have the
latest version. Google doesn't believe in version control. Well, they
believe they should be in control, not you.

 

[Anthony Buckland]

Are you logon under an admin-level account at the time? If so, have you
run
their update?

Google doesn't care about Windows security. They only care that they get
their software onto your host. Limited/restricted users are normally not
allowed to install software. Google wants to circumvent Windows security
to
allow limited users to install their software. So they dump their
executable files under your %userprofile% path which has full permissions,
including execute permission. That way, they dump their apps into a path
where even a limited user can run those executables and nothing prevents
putting the executables there. Some admins have caught onto this loophole
by changing permissions on user profiles to withdraw the execute
permission
on all files and subfolders under the user's profile path.

Microsoft does care about permissions so its installer (MSI) will prevent
non-admins from installing software. If Google is using MSI then it is
likely that you have to be logged under a admin-level account to run that
MSI-controlled install.

Did you define an outbound rule for the Google app in your 3rd party
firewall? It might be trying to get an external connection but gets
prevented by the firewall. See if disabling the firewall eliminates the
problem (which might be due to the Google app trying to update itself).
Don't expect to find any auto-update option in Google apps. I don't know
about Google Earth but Google Chrome doesn't let you decide when to update
or even allow you not to update. Google isn't interested in following the
normal update cycle by releasing an update and letting users decide if and
when to update their hosts. Instead Google will push an update without
notice. This is how they force all their Google Chrome users to have the
latest version. Google doesn't believe in version control. Well, they
believe they should be in control, not you.

Thanks highly. That was really useful information.