TrustedInstaller Windows 7 - what is it? How to delete files protected by TrustedInstaller

With the release of the seventh version of Windows, absolutely all users are faced with a problem when the system does not allow editing, browsing, or performing other actions with some files and folders, saying that it requires permission from TrustedInstaller Windows 7. What is this service, how to disable it And manipulate the protected files, see below. So, let's get started.

TrustedInstaller Windows 7 - what is it?

The component itself first appeared in Windows 7, then it moved to the eighth and the tenth modifications, so the proposed solutions can equally apply to them. But for a start, let's look at the TrustedInstaller service itself. What is it? In the simplest sense, TrustedInstaller is a kind of virtual user who "selects" the rights of ordinary users and administrators for unauthorized interference in the structure of system files, without giving rise to random or deliberate changes affecting the stability of the OS.

The service operates on the basis of WRP (Windows Resource Protection) technology that protects system directories, DACLs and ACL folders, registry keys and the corresponding files from making changes to them even at the level of having administrator rights.

That's why when you try to access, a warning appears that the file or directory is protected by TrustedInstaller. What it is, it is easy to understand, if you turn to security policy. Roughly speaking, this is a component of the self-protection of the operating system, which is a preventive means of maintaining the operability when trying to intervene. However, despite all the limitations, it's quite easy to get around this lock. About this later.

Why does the service consume too much system resources?

Many users complain that the TrustedInstaller service will load the processor to an incredible degree, making it difficult to execute user processes.

Yes, indeed, the load on system resources for the active TrustedInstaller process can be observed. Typically, these are two situations: updating Windows and virus infection.

If the user in the "Task Manager" sees that TrustedInstaller loads the processor too much, you should first try to complete this process, and then perform a thorough system scan for viruses, malicious codes and any other threats. For this, it is best to use an anti-virus package not installed in the system, and independent portable utilities like Dr. Web Cure It! Or Virus Removal Tool of Kaspersky Lab.

The optimal solution will be checking with the help of disk utilities Rescue Disk, which have their own graphical interface, and the load of the verification module is made even before the start of the operating system.

In the second case, in order to avoid an increased load on system resources, you can simply disable the automatic update of the system in the "Update Center". As far as possible, decide for yourself.

Component location

Now let's look at the software component TrustedInstaller itself. Where is this service located? The default location is the Windows system folder, which has a servicing directory.

The TrustedInstaller.exe file located there is the executable component of the Windows Installer service (the module installer). Often, you can not start it manually, change or perform any other actions with it. It has protection against removal and substitution.

TrustedInstaller: How to disable the service?

Now directly about disabling this component. We assume that the user understands all the consequences of deactivating the TrustedInstaller service. How to disable it? The whole process is to get absolutely all the rights in the system for changing files and folders.

So, after selecting the desired file, right click to call the context menu and go to the property bar, where in the new window on the security tab click the "Advanced" button.

In the next window we use additional parameters and go to the owner tab, where we use the change from TrustedInstaller to the administrative group. Confirm the changes by clicking the "OK" button. In the pop-up message, we do the same.

This is only half the case for deactivating TrustedInstaller. How to disable the service for a particular file completely, will be clear in the next step. To do this, go back to the properties window and on the security tab, selecting the group of administrators, click the "Change" button.

In the permissions window, tick all the items on the list and confirm the changes. All necessary rights have been obtained. Accordingly, after that, the file can be deleted, moved, copied, or even changed its contents.

How relevant is the trip?

Finally, another important point related to the service of TrustedInstaller Windows 7. What is it, it is already clear how to deactivate the component - too. Naturally, a natural question arises: is it worth it?

By and large, a user who never accesses system files does not have to deal with such procedures and there is no sense. At best, you can only disable the automatic system update so that TrustedInstaller does not load resources.

But when a specific software is installed on a computer and you need to give access to changing system files and configuration, here comes the understanding of the specificity of the TrustedInstaller module of Windows 7. What is it? Permission system, without obtaining rights from which the program simply does not work.

Instead of the total

Finally, it can be noted that the TrustedInstaller itself usually does not block user files or applications. Its main purpose is to protect system components. So there is no special sense in deactivating the process. However, the load on the system is also short-lived (only for the period of installation of the system update packages). In most cases, it will take a maximum of 5-10 minutes, depending on the configuration and speed of Internet connection. So you can suffer.

As for the permissions for the software being installed, one must be extremely cautious and know exactly what the granting of rights to perform any actions with system files will not do any harm. In addition, viruses that damage this component are very often masked for the original service and even have the same name in the process tree displayed in the "Task Manager". But the virus process can be defined quite simply by the absence of a description or the signature of the publisher, especially if there are several. But this is a great rarity. If there is enough powerful antivirus software on the input of infection, you can not be afraid. And the component itself has strong enough protection.