With the release of the seventh version of Windows, absolutely all users faced a problem when the system does not allow editing, viewing or performing other actions with some files and folders, saying that this requires permission from TrustedInstaller Windows 7. What kind of service is this, how to disable it and manipulate protected files, see below. So let's get started.
TrustedInstaller Windows 7 - what is it?
The component itself first appeared in Windows 7, after which it migrated to the eighth and tenth versions, so the proposed solutions can equally be applied to them. But first, let's dwell on the TrustedInstaller service itself. What is this In the simplest sense, TrustedInstaller is a kind of virtual user who “takes away” rights from ordinary users and administrators for unauthorized interference with the structure of system files, preventing accidental or intentional changes that affect the stability of the OS.
The service operates on the basis of WRP (Windows Resource Protection) technology that protects system directories, DACLs and ACL folders, registry keys and corresponding files from making changes to them even at the level of the user having administrator rights.
That is why when trying to access, a warning appears that the file or directory is protected by TrustedInstaller. What is it, it is easy to understand, if we turn to security policies. Roughly speaking, this is a component of self-defense of the operating system, which is a preventive means of maintaining operability when trying to intervene. However, despite all the restrictions, it is quite simple to bypass such a lock. More about this later.
Why is the service consuming too many system resources?
Many users complain that the TrustedInstaller service loads the processor to an incredible degree, making it difficult for user processes to execute.
Yes, indeed, the load on system resources for the active TrustedInstaller process can be observed. Typically, these are two situations: a Windows update and a virus infection.
If the user in the “Task Manager” sees that TrustedInstaller loads the processor too much, first you should try to complete this process, and then perform a thorough scan of the system for viruses, malicious codes and any other threats. For this, it is best to use an anti-virus package not installed on the system, but independent portable utilities like Dr. Web Cure It! or the Virus Removal Tool of Kaspersky Lab.
The best solution is to check with the Rescue Disk utilities, which have their own graphical interface, and the scan module is loaded before the operating system starts.
In the second case, in order to avoid an increased load on system resources, you can simply turn off the automatic update of the system in the "Update Center". How appropriate is up to you.
Component Location
Now let's look at the TrustedInstaller software component itself. Where is this service located? The default location is the Windows system folder, which contains the servicing directory.
The TrustedInstaller.exe file located there is an executable component of the Windows Installer service (module installer). Often launching it manually, changing or performing any other actions with it will fail. It has protection against deletion and substitution.
TrustedInstaller: how to disable a service?
Now directly on disabling this component. We assume that the user understands all the consequences of deactivating the TrustedInstaller service. How to disable it? The whole process boils down to getting absolutely all the rights in the system for changing files and folders.
So, having selected the desired file, right-click on the context menu and go to the property bar, where in the new window on the security tab click the "Advanced" button.
In the next window we use additional parameters and go to the owner’s tab, where we use the change from TrustedInstaller to the administrator group. Confirm the changes by pressing the "OK" button. In the pop-up message, we do the same.
This is only half the work of deactivating TrustedInstaller. How to disable the service for a specific file completely will be clear in the next step. To do this, return to the properties window and on the security tab, having selected the group of administrators, click the "Change" button.
In the permissions window we tick off all the items on the list and confirm the changes. All necessary rights are obtained. Accordingly, after this, the file can be deleted, moved, copied or even changed its contents.
How expedient is shutdown?
Finally, another important point related to the TrustedInstaller Windows 7 service. What it is, it’s already clear how to deactivate a component, too. Naturally, a logical question arises: is it worth it?
By and large, a user who never accesses system files has no reason to deal with such procedures. In the best case, you can only turn off automatic system updates so that TrustedInstaller does not load resources.
But when specific software is installed on the computer, which needs to be given access to change system files and configurations, then understanding of the specifics of the TrustedInstaller Windows 7 module comes in. What is it? A permissive system, without obtaining rights from which the program simply will not work.
Instead of a total
In conclusion, it can be noted that the TrustedInstaller component itself usually does not block user files or applications. Its main purpose is to protect system components. So there is no special sense in deactivating the process. However, the load on the system is short-term (only for the period of installing the system update packages). In most cases, it will take a maximum of 5-10 minutes, depending on the configuration and speed of the Internet connection. So you can tolerate.
As for permissions for the installed software, one must be extremely careful and know for sure that granting rights to perform any actions with system files will not do any harm. Among other things, viruses that infect this particular component are very often disguised as the original service and even have the same name with it in the process tree displayed in the Task Manager. But the virus process can be determined quite simply by the lack of a description or signature of the publisher, especially if there are several of them. But this is very rare. If you have a sufficiently powerful anti-virus software at the input of infection, you can not be afraid. And the component itself has a fairly strong protection.