Severity scale:  

TrustedInstaller. How to remove? (Uninstall guide)

removal by Lucia Danes - - | Type: Malware

TrustedInstaller is malware that replaces legitimate Windows process

TrustedInstaller image

TrustedInstaller is a type of malware which hides under the name of the inbuilt Windows user account. It can render computer vulnerable to other severe infections and also compromise its operation by slowing down and crashing installed software. Because this type of virus is capable of evading detection, some victims might end up with an infected computer for a prolonged period, which can inflict an enormous amount of damage.

Name TrustedInstaller
Type Malware
Executable TrustedInstaller.exe
Damage potential Medium. Especially dangerous if not detected early
Distribution Infected or hacked websites, malicious attachments, spam emails, etc.
Symptoms High CPU usage, slowdown of the OS operation, crashes
Elimination Use security software like Reimage or Malwarebytes

Originally, TrustedInstaller.exe is an inbuilt user account used for all versions of Windows (starting from Windows Vista). Users would not even notice its presence most of the time. However, if malware replaced the mentioned file, it can cause problems. Nevertheless, you might see the following message if you try to edit/delete/install/uninstall specific files or folders on your OS:

You Require Permission from TrustedInstaller

This happens because the built-in user account is in control of all your files (even if you use Administrative privileges) and will overwrite your decisions. The primary goal of TrustedInstaller is to control user's ability to interact with the newest Windows updates, system files, and other essential programs. While it might be annoying sometimes, it is a useful feature for people without much computer knowledge, as it will prevent users from damaging system files.

The easiest way to identify if the running process is malicious program is by checking the CPU usage. If TrustedInstaller is using high amounts of your computer resources, it indicates that your system might be at risk. In spite of that, you might notice that your computer is significantly slower, it takes more time for programs to load or they continuously crash.

Moreover, this dangerous TrustedInstaller malware can collect personally identifiable information, including:

  • names;
  • email addresses;
  • home addresses;
  • credentials[1].

Usually, it happens when the inexperienced computer user submits logins and passwords in the fake pop-up window. 

Therefore, we suggest you remove TrustedInstaller right away if you do not want to suffer from financial losses. You can do that with the help of the instructions below. However, we kindly ask you to follow them strictly in order not to damage your computer's system.

TrustedInstaller illustrationAdditionally, be aware that TrustedInstaller virus might be able to let inside other dangerous cyber threats via backdoors. Likewise, to fix your computer, you will need to get rid of all of them. This procedure requires specific IT skills, and it might be challenging for a regular user.

Thus, use Reimage to perform TrustedInstaller removal for you. It will easily identify the malware and help you to protect your system in the future. However, feel free to use any other anti-malware tool until it is powerful enough to deal with this computer virus.

Malware spreads via infected messages or hacker-controlled sites

According to[2] experts, a vast of malicious programs enter the computer systems via spam emails which contain the malware. They can disguise as the invoices or receipts from popular companies or even governmental authorities. Therefore, many gullible people are tricked to install the virus manually.

It might happen when you open the attachment in the spam email. Note that letter usually urges to open the added files for further information. Unfortunately, but the attachment downloads the malware once the person clicks on it. Likewise, you should never open emails which raise any suspicions.

Also, you can unconsciously download the malicious program from hacker-controlled sites. Typically, the user is redirected to such page by clicking on the malware-laden ad[3]. Since they are designed to look legitimate, it is hard to determine the origins. Therefore, it is one of the most popular ways to infiltrate malware.

We suggest you protect your system by avoiding any illegal downloads, advertising content and suspicious email letters. If you closely monitor your online activity and use a professional antivirus tool, you should be able to prevent malware from entering your system.

TrustedInstaller virus

Remove TrustedInstaller virus automatically

We would like to warn you not to try to remove TrustedInstaller virus without any assistance. This malicious program is dangerous and might damage your computer permanently. However, you can use a powerful anti-malware software to eliminate the virus for you.

Download Reimage, Malwarebytes, or Plumbytes Anti-MalwareNorton Internet Security and run a full system scan. The security program will identify the malware together with other potentially dangerous computer threats and remove them. Note that this is the safest option you can choose to protect your system.

However, TrustedInstaller removal might require rebooting your computer into Safe Mode. If you are not aware how to do that, make sure to check the instructions below.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software you agree to our privacy policy and agreement of use.
do it now!
Reimage (remover) Happiness
Reimage (remover) Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
More information about this program can be found in Reimage review.

If you decided to select another anti-spyware, uninstall Reimage from your computer.
Press mentions on Reimage
Alternate Software
Alternate Software

To remove TrustedInstaller, follow these steps:

Remove TrustedInstaller using Safe Mode with Networking

Firstly, you need to deactivate the malware since it might not allow you to install the security software. For that, reboot you computer to Safe Mode with Networking:

  • Step 1: Reboot your computer to Safe Mode with Networking

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Safe Mode with Networking from the list Select 'Safe Mode with Networking'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window. Select 'Enable Safe Mode with Networking'
  • Step 2: Remove TrustedInstaller

    Log in to your infected account and start the browser. Download Reimage or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete TrustedInstaller removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Remove TrustedInstaller using System Restore

If you are still unable to get the antivirus tool, try this method to boot you system into Safe Mode:

  • Step 1: Reboot your computer to Safe Mode with Command Prompt

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of TrustedInstaller. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with Reimage and make sure that TrustedInstaller removal is performed successfully.

About the author

Lucia Danes
Lucia Danes - Virus researcher

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Lucia Danes
About the company Esolutions


Removal guides in other languages