Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Avast Found Rootkit - TrustedInstaller.exe

13 Aug 2010   #21

Windows 7 Ultimate 32 bit

Quote   Quote: Originally Posted by RockStar21 View Post
Thanks guys for the suggestions. Copied the trustedinstaller.exe profdlp uploaded to the servicing folder and everything seems to be working fine. Ran sfc and did not find any integrity violations. So big thanks to profdlp for the upload and everyone else for their input!!

Best Regards,
That is good news! Glad you solved the problem. Thanks for reporting back.

My System SpecsSystem Spec
13 Aug 2010   #22

Windows 7 Home Premium 64 bit

I have the same problem, by proxy. I'm helping a friend try to restore TustedInstaller to their new Windows 7 Home Premium 64Bit machine after they deleted it using Avast. I found the same solution as is posted here, for Vista machines, and tried it. However the step of just copying it into the servicing folder failed miserably for me. I'm not a Windows 7 expert, or even that familiar, but I consider myself to be competent for a non-IT user.

I had no luck accessing the servicing folder. No matter what approach I took, access was denied. I could not copy and paste the copy of TrustedInstaller into the folder. The root admin account was similarly locked out which I found surprising. I suspect there is a simple step I didn't try (eg. turning off read only, or changing permissions for the folder, both of which I tried). It would be very helpfull if Rockstar posted how this is accomplished, or if someone else could.

Fortunately, we're prepared for a full restore approach, so we should be fine. However it would be great for future Avast users on Win7 if we could get all of the instructions in one thread. My experience of finding half finshed threads and solutions was very frustrating.
My System SpecsSystem Spec
13 Aug 2010   #23

Windows 7 ultimate 64 bit / XP Home sp3

Quote   Quote: Originally Posted by RockStar21 View Post
I deleted mine... could someone please upload a copy of trustedinstaller.exe for Windows 7 Home Premium 64-bit?
This is a good example of why I reccomend creating a restore point before you make any changes to your system be it installing a new program or whatever.
It just makes it so much easier to get your system back to where it was before.
I do it before I download a new program, then I scan the program with MSE or Avast or both then I install it. if I decide I no longer want it i can uninstall it then restore my system back to where it was.
I know this doesn't help you now but might want to try it in the future.
I'm not sure it would restore deleted system files. Hope you can get it sorted out without to much trouble but their is a lesson to be learned here, some are harder than others, but learned none the less. Fabe
My System SpecsSystem Spec

13 Aug 2010   #24

Main - Windows 7 Pro SP1 64-Bit; 2nd - Windows Server 2008 R2

Quote   Quote: Originally Posted by rhj View Post
...I suspect there is a simple step I didn't try (eg. turning off read only, or changing permissions for the folder, both of which I tried)...
You can try using TakeOwn, unless that's one of the things that didn't work, of course. I'd just use it on the servicing folder located in C:\Windows\servicing.

Run the program and it will give you a new option to take ownership when you right-click a file or folder.

Don't go wild with it and try to take ownership of an entire drive or your whole Windows folder or something. I made that mistake during the Win7 beta period and regretted it.

Attached Files
File Type: zip (2.3 KB, 119 views)
My System SpecsSystem Spec
14 Aug 2010   #25
Lasy B

Windows 7 x64

Quote   Quote: Originally Posted by logicearth View Post
There is no need to go though that. Every single file the system needs is already extracted to C:\Windows\Winsxs
That's true. Didn't have my thinking head on!
Mine is in C:\Windows\winsxs\amd64_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.1.7600.16385_none_ed02252b66d7bca2
My System SpecsSystem Spec
17 Aug 2010   #26
Phone Man

Windows 8.1 Pro w/Media Center 64bit, Windows 7 HP 64bit

A while back Avast! gave me the same report. After the next definition update it was fine. Guess they tweaked the definitions and it was causing a false positive.

My System SpecsSystem Spec

 Avast Found Rootkit - TrustedInstaller.exe

Thread Tools

Similar help and support threads
Thread Forum
Avast thinks nVidia driver package contains a rootkit
Interesting. I ignored it. *
System Security
avast: winsxs rootkit detected. help?
The other day my computer started acting very strange, i knew i caught a virus somewhere just not sure where. I decided to go the simple way and just reformat. After the format and all the updates applied i found my PC ran very poorly. Did a scan with avast! free and found this: ...
System Security
Rootkit found -- avast! 5
Hello! avast! 5 found a Rootkit: :( C:\Windows\system32\drivers\ccdcmb.sys and C:\Windows\system32\drivers\ccdcmbo.sys Please help me what do I do?? and.... Is avast 5 really compatible with Windows 7? Some say they get the "Blue-screen Error" :)
System Security
Rootkit Found
I have NIS 2010 installed on my PC and I do a couple scans a day with Norton, Malwarebytes, and Hitman Pro 3.5.5. I just did a scan with Hitman Pro and it found a Rootkit in C:\Windows\system32\DRIVERS\ Isn't Norton supposed to detect and block these kind of malware attacks????? :mad::mad: ...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 00:03.
Twitter Facebook