The release of the seventh version of Windows was marked by an extremely unpleasant event for users. Not only did a super administrator appear in the system, but also a new service related to security components called TrustedInstaller appeared. What kind of program is this, far from all users understand. Fill this gap by looking at troubleshooting solutions for Windows 7 and later.
TrustedInstaller: what is it?
It is believed that developers of Microsoft operating systems pay great attention to security. True, the main emphasis is not on protection against virus threats (although such elements are also present), but on the impossibility of changing system files, which can lead to disruption of the OSโs performance until its complete failure. The TrustedInstaller component is responsible for this. What is it in the broadest sense?
In simple terms, this blocker service is something like a virtual user with administrator rights (not to be confused with the super administrator), which, by virtue of the privileges granted by the system, takes away the userโs rights to change critical system elements (files, folders, keys) system registry, etc.).
That is why when trying to perform any actions with such objects, messages are issued stating that they are protected and that permission is required to perform operations from the TrustedInstaller service. What is security in terms of this is easy to understand. The user must have certain rights, without which interference in the system is simply impossible. Nevertheless, circumventing such restrictions can be quite easy.
Of course, it is not possible to delete the service itself or the executable file responsible for starting it, which is located in the servicing directory of the Windows root folder, due to the current policy and the established protection: the TrustedInstaller.exe file is protected from renaming, copying, moving, deleting, and spoofing. But you can provide yourself with the necessary permissions to carry out the above operations.
How to get permission from TrustedInstaller for operations with folders and files?
Consider the general case. First you need to select the object with which it is supposed to perform some actions that are blocked by this service (we assume that TrustedInstaller does not allow to delete a folder or file).
Right-click on the object in the usual "Explorer", call the drop-down menu and go to the property bar. In the new window, go to the security tab and use the "Advanced" button to change the settings.
After that, we again select additional parameters where we need the โOwnerโ tab. By default, the corresponding field is TrustedInstaller. We change the owner to the administrator group and confirm the changes made.
Now another aspect related to the TrustedInstaller component. How to delete system type files or a regular object blocked by a service? To do this, make additional settings. We return to the security section, but now select the administrator group and use the button for changing privileges.
In the appeared permission window on the right in the first column we put โbirdsโ on all the items in the list, then confirm the changes again with the โOKโ button. The rights are obtained, and with the selected object you can work without problems as with a regular file or a standard folder that does not have protection.
Note: this method implies the choice of changing rights for only one specifically selected object. Mass obtaining of necessary privileges is not provided. By the way, exactly the same actions can be performed by the registry branches, calling the corresponding menu on each of those for which it is supposed to set full access rights.
Possible problems with the consumption of system resources
Very often, users complain that the service, while running in the background, consumes too many system resources. In part, this may be due to two reasons: the consequences of viral infection and active automatic updating of the system.
Although it is believed that the executable file of the TrustedInstaller service is very securely protected, some threats still find security holes. First you need to look at the processes in the "Task Manager" (there may be several of the same name). The active process without the signature of the publisher or developer, apparently, is the very virus disguised as the original service.
Checking the system for viruses
It is best to clean the system using third-party portable applications, and not the installed standard antivirus.
Ideally, it is best to use disk utilities that are collectively called Rescue Disk. Their own interface can be downloaded from optical media or a conventional flash drive even before the initial start of the operating system, after which a deep scan is performed. Such programs can detect deep-seated threats, even those that are in the form of processes loaded into RAM.
Disable system update
When updating the system, the TrustedInstaller service is also activated, checking the installed components for originality.
If there is too much load, automatic updating can be turned off. This is done in the appropriate section of the "Control Panel". After that, the process will not be activated. However, it is worth paying attention that when you try to search for available updates and integrate them into the system manually, the service will start again, no matter how hard the user tries to disable it.
Should I disable the TrustedInstaller service?
Finally, another important question regarding the advisability of disabling the TrustedInstaller service. What is this in terms of security and what can a component deactivation lead to? Everything is simple here. The user with his inept actions can accidentally remove or change the system component, which is fraught with a complete crash for the system. So disabling this component is not recommended.
The necessary deactivation of TrustedInstaller can only be called in a situation where specialized software is installed on the computer that will not work without obtaining rights to change system components. But there are not so many such programs, and an ordinary user is unlikely to install them.