Printable Version of Topic

Posted by: HarveyH May 4 2011, 09:50 AM

Hi everyone,
We have a couple of new computers at home running Windows 7; (yeah, Windows/Mac/Linux arguments, but that’s what we have..) and I’ve run into the TRUSTEDINSTALLER problem. Does anyone know how (or if it’s even possible) to set up an account with Administrator-Administrator privilege rather than the Administrator-Normal privileges that are usually assigned?

For those not familiar with this “ENHANCEMENT” in Vista 64 and Win 7-64, an Administrator does not own certain systems, folders and applications in the computer, they are owned by a ‘service’ named TRUSTEDINSTALLER. This is done supposedly to keep uninformed users from doing something deadly to their computer, but it means that even the Administrator can’t do certain things. There are methods of taking ownership of these systems/folder/apps, but apparently this taking ownership does not percolate down through all of the nested folders and sub-folders so you have to do this for dozens if not hundreds of individual items. (yeah, I know, Windows/Mac/Linux arguments…) There are probably even a large number of things you can’t take ownership of at all because you can’t access them to a level where you can take ownership.

When you go into your User Account an Administrator sees that he/she/it (let’s be politically correct here…) has a ‘Normal’ level of access (as an administrator). There is an ‘Administrator’ (Administrator-Administrator????) level, but when you select it the APPLY button grays out and you can’t process the change.

Any help out there? I’ve done a bit of internet searching but all I’ve come up with is the taking ownership resolution.

Thanks,

Posted by: windforfun May 4 2011, 10:08 AM

Can't help, but I appreciate your question. I just installed Winows 7 last week at home since we now use it at work. I noticed what you're referring to. Let's see if someone can answer this. I'll talk to the PC expert at work.

Posted by: SirAndy May 4 2011, 10:50 AM

QUOTE(HarveyH @ May 4 2011, 08:50 AM)

Posted by: HarveyH May 4 2011, 11:01 AM

I ran Spybot for the first time last night on the new machine and it wouldn't let me apply the Innoculate function after the cleanup.

Posted by: HarveyH May 4 2011, 11:02 AM

I ran Spybot last night and it woulden't allow me to run the Innoculate function after the cleanup.

Posted by: windforfun May 4 2011, 11:24 AM

Is there an echo in here?

Posted by: SirAndy May 4 2011, 11:35 AM

QUOTE(HarveyH @ May 4 2011, 10:01 AM)

Posted by: windforfun May 4 2011, 12:04 PM

QUOTE(SirAndy @ May 4 2011, 10:35 AM)

QUOTE(HarveyH @ May 4 2011, 10:01 AM)

I ran Spybot for the first time last night on the new machine and it wouldn't let me apply the Innoculate function after the cleanup.

What was the file and type of alert Spybot gave you? Not everything it picks up is actually a threat.

In those hard to catch cases (mostly rootkit viruses) it really helps to have a dual boot with a Linux partition (i'm using Ubuntu on all my boxes for that).
Once you boot into Linux, you can access any system file and otherwise hidden stuff on your Windows partition.

Posted by: HarveyH May 4 2011, 12:16 PM

Only one or two cookies it didn't like. Supposedly it cleaned them up with no probelm. Machine has only been running for a week and a half or so, but my wife got an email from her brother that he claims he didn't send. Ran a Norton scan also with no major problems. In he past I've run both because one will sometimes pick up something the other didn't. Only keep the Norton running all of the time in the background.

Spybot also contains a functionality that is supposed to innoculate the system from further infection from known threats. When I tried to run that the system told me I didn't have the authority.

Posted by: SirAndy May 4 2011, 12:23 PM

QUOTE(HarveyH @ May 4 2011, 11:16 AM)

Posted by: eric9144 May 4 2011, 02:48 PM

Its the "feature" (I use that term loosley) called UAC - user account control - and it can be turned off...

Check the post here:
http://www.mydigitallife.info/how-to-disable-and-turn-off-uac-in-windows-7/

I'm @ work on my XP machine so I cant really double check until I get home tonight but I know my home machines never prompt me.

If it doesnt work out let me know.

Posted by: windforfun May 4 2011, 03:03 PM

http://social.technet.microsoft.com/Forums/en-US/w7itprogeneral/thread/1915d5bf-9068-4134-8d3c-bef7701a2211/

Posted by: eric9144 May 4 2011, 04:38 PM

If the UAC thing is "off" you shouldn't experience the ownership issues either as your account will be operating in a full administrative mode--administrators 'own' everything unless that's somehow gotten hosed...

In regards to apps like Spybot, I'd suggest avoiding having those on your system--download the free Microsoft Security Essentials suite (it's FREE from Microsoft). It works seamlessly and does anti-virus and malware removal.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=e1605e70-9649-4a87-8532-33d813687a7f

Most of the vendors we all used to use for that kind of thing have evolved into bloated programs that slow your system down or are a constant pain in the @ss (like Norton).

Posted by: windforfun May 4 2011, 05:22 PM

QUOTE(eric9144 @ May 4 2011, 03:38 PM)

Posted by: Gustl May 4 2011, 10:26 PM

if you log on as the built-in administrator you shouldn't experience such problems
you will have to activate it previously, because it's deactivated by default
there's no password set by default, but you could set it - what's highly recommended of course