Computer Hope
Microsoft => Microsoft Windows => Windows Vista and 7 => Topic started by: tkmops on May 20, 2017, 07:25:26 PM
-
I've been told by my Trend Micro Antivirus tech to 'take ownership' of my 'C' drive, but it's been over a week, and I can't get a response to my question.
When I right click my 'C' drive, go to 'properties', then 'security', then 'Advanced', then 'owner', then 'Edit', there's two options in the 'Change owner to' box..
Tod(Tod-PC\Tod) and Administrators(Tod-PC\Administrators).
What is the difference between
between these two?
I normally sign on with my standard user account 'Tod'(not an administrator account).
Which account should I click in the 'Change owner to' box?
Thanks!
-
Administrators is a Group/Role. Tod-PC is a user account (which is almost certainly an administrator account as well). IF you want to take ownership you should assign it to your account (Tod).
At any rate I question their advice. I don't see any reason to take ownership of the C: drive. What is currently marked as the owner?
-
The current owner is 'TrustedInstaller'.
-
That is what it should be set to; It is set to that on all my Windows PCs and they are all functioning normally. I'm not sure what the Trend Micro tech's might have been trying to accomplish, but I imagine they wanted you to set ownership to the Tod-PC account.
-
Thanks everyone for responding...yikes! looks like I won't be taking ownership of my 'C' drive...sounds very dangerous.
The Trend tech wanted me to take ownership because, about a month ago the Trend scans would 'hang', and just 'freeze'. I let it run for hours, and even overnight, it was still frozen.
The Trend tech and I went back and forth for a month, either on the phone, or via email, trying various things to resolve this. About a week ago, he wanted me to run CHKDSK C:/f/r.
I did that via CMD prompt(elevated), and got this msg::Cannot lock current drive. Chkdsk cannot run because the volume is in use by another process. Would you like to schedule this volume to be checked the next time the system restarts? (Y/N).
Then he wanted me to change permissions to 'Everyone' Full control for CREATOR OWNER, SYSTEM, Administrators(Tod-PC\Administrators), Users(Tod-PC\Users), and TrustedInstaller.
The only group that has full control is 'SYSTEM'(there is no Creator Owner, or TrustedInstaller). When I first checked this(last week), when I clicked the 'Edit' button, and the 'Permissions for Local Disk (C:)' box came up, the 'Add' button was greyed out, and all the boxes in the 'Permissions for Authenticated Users' were un-clickable. But, trying it today, the 'Add' button is hi-lighted. Should I click the 'Full control' boxes for the Authenticated Users,
Administrators(Tod-PC\Administrators), and Users(Tod-PC\Users) groups? Should I add an 'Everyone', and/or a 'Creator Owner' group and give them full control?
Whew, all so confusing!
Thanks!
-
When there is some doubt, I do not tell anybody to run
CHKDSK C: /F
.. until other options have been tried. One can run the CHKDSK with no options and get a report without any changes made to the partition.
So that makes me think the guy on the phone has not received training.
Or else the people at TredMicro are very careless.
-
Thanks for the quick response. I ran chkdsk c:, it came back with '
Windows has checked the file system and found no problems.'
Quick DOS question(it's been a loooooooong time since I played with DOS...late '80's/early '90's)...when I bring up the elevated cmd prompt the path defaults to C:\Windows\system32>. Does it matter if I run chkdsk from there or 'C' root?. I navigated back to C:\ and ran chkdsk from there, and go the same 'no problems' msg.
-
You don't have a problem with the filesystem.
The problem is that something else. You should not have to take 'ownership' of the C: is that is where the system resides.
Do you have a dual-boot system? I don't think so. The ownership issue can happen when you boot another OS form another partition. If the other OS is on drive D:, you can not make changes to drive C:. That makes sense.
If you a a use with administrative level, you should not have to take ownership of the partition whee he OS resides.
Did you try to boot in safe mode?
-
I don't have any confidence that this tech knows at all what they are doing, because the owner or file permissions for the drive had nothing to do with the message from chkdsk. Perhaps they misunderstood the error message.
The hanging could be due to a hard drive problem nonetheless. It would be necessary to run a surface scan to do that, which I would recommend myself. Just make sure you have a lot of free time as it can take several hours. Overnight might be one way of doing it.
You can run the surface scan via chkdsk with chkdsk /r. Say yes to both questions which will run it during the next boot, then reboot. It will run the chkdsk which should take several hours.
-
I just got a response from the Trend tech, he says to:'Please change the ownership for your drives to Administrators(Tod-PC\Administrators). After changing the ownership,please do the CHKDSK [Drive Letter]: /f /r and afterwards a scan on your drives.'
From what I've read in the prior posts, changing ownership is not a good idea, neither is doing CHKDSK [Drive Letter]: /f /r.
Thoughts, anyone?
Thanks!
-
CHKDSK [Drive Letter]: /f /r.
is totally redundant.../r assumes /f
The /r switch is all you should ever use with chkdsk...
You sure your talkin to TrendMicro ? ?
Link or contact info ? ?
-
I called their phone number as listed in their 'help' link within the Trend program, and have been emailing back and forth with the tech I talked to. You think that the emailer is a scammer?
-
You think that the emailer is a scammer?
Scammers would typically be trying to trick you into giviing them money in some way- by say getting remote access to your PC and then claiming you have a lot of viruses.
Seems more like an inexperienced tech to me, or somebody following a script without any real understanding.
-
Here is another thing he can to try. :)
Boot into safe mode.
Sign in as the Administrator.
He should now have ownership.
Create a new user with administrator privilege.
Log into the new user and check.
Does that help?
Maybe the normal user got corrupted.
Or t may be his normal user got demoted somehow.
Perhaps some kind of malware. (A number of malware things go undetected.)
-
Thanks for all the responses...I just did chkdsk both ways...right click the drive, properties, tools, check now(both boxes unchecked), and via DOS elevated, and they came back with 'no problems'. I don't think that the tech is a scammer, as he hasn't asked for $$$, or tried to get me to go a website. It's just possible he's inexperienced, or not trained properly. I will try the 'safe mode' thing after I try a few other things. Will post back later with an update.
-
Latest findings:ran chkdsk on my 3 'C' drives(one is my main 'C', one is an old HD, one is an old SSD drive),
all finished OK. Did a sfc /scannow on all three 'C' drives, all ran OK.
As per the Trend tech, I changed the ownership of my old HD to Administrators(Tod-PC\Administrators), and ran the chkdsk and sfc again...both ran OK.
Then Trend hung at 26% scanning my old HD(E) drive.
Emailed this to the Trend tech...waiting for a response.
Thanks everyone for all your help...will post back when I have more info.
-
You should give him a heads up...a previous install of another A/V app may be causing the hangs...just a suggestion.
-
Latest news:The Trend tech wanted to know exactly what file Trend was hanging on...I told him, along with the fact that when I scanned just that file, Trend ran OK.
Then I ran a scan using right-click on the drive(instead of using the Trend interface), and it hung.
Then I ran a scan on just the file it hung on, and it ran OK.
So, I asked the Trend tech why does Trend hang when running scans on whole drive, but works OK when scanning individual files. Waiting for response....
I don't have any other A/V, unless you count Windows Defender...and I've been using that and Trend for years with no issues.
-
I don't know if this is related or not, but since it happened right after I changed the ownership, WMP is not working again. I've tried to change the owner of my old PC 'C'(E) drive back to 'TrustedInstaller', it comes up with 'name cannot be found'. How can I change this back?
-
I googled how to do this and was able to use NT SERVICE\TrustedInstaller to put my E drive back to TrustedInstaller owner. WMP still won't work, maybe it will take a reboot? Will post back later...
-
After many hours of un-installing/installing, research, this is what happened:
1) I uninstalled Trend
2) uninstalled Mal-Ware Bytes...I didn't know I had this, as there was no desktop, or task bar icon.
3) Noticed that 'TrustedInstaller' was 'stopped' in task manager/services, at first, I got 'unable to start service', but after a few trys, it started.
4) Re-installed Trend, and a 'C' scan to completion(first time in 5 weeks)
5) Re-installed Mal-Ware Bytes, ran a 'C' scan OK
6) Ran another Trend 'C' scan...it hung.
So, it seems that Trend work fine by itself, but hangs when Mal-Ware Bytes is running.
7) Un-installed both Trend and Mal-Ware Bytes
8) Installed Mal-Ware Bytes first this time, then...
9) Installed Trend.
10) Ran a Trend 'C' scan, it hung.
Not sure why this is happening now, as I've had Trend and Mal-Ware Bytes(unknown to me) running for years. Maybe one of the Trend updates has made it impossible to work with Mal-Ware Bytes?
So, after all this, I have just Mal-Ware Bytes running. I have about 6 months left on my Trend subscription, but it's only about $18...so no big deal.
My two questions now are:should I have 'TrustedInstaller' stopped, or running in Task Manager\services? And, is just having Mal-Ware Bytes(Premium 3.1.2) going to be sufficient protection?
(Latest:'TrustInstaller in Task Manager\Services is Stopped, and I get 'Access Denied' when trying to start it...is this a concern?)
For every scan Mal-Ware Bytes checks for updates, pre-scan operations, scan for rootkits, scan memory, scan startup files, scan registry, scan file system, and Heuristics Analysis.
In the Mal-Ware Bytes dashboard, it has:Web Protection On, Exploit protection On, Malware protection On, and Ransomware protection On.
If just running Mal-Ware Bytes is not going to be enough protect, can the forum community recommend a anti-virus-mal-ware-ransomware/internet protection product? OK if paid.
According the Mal-Ware Bytes web site, it does this:
Protects you from advanced (zero-day) threats, including ransomware, so you can surf the Web without worry
Removes all traces of malware for complete safety
Removes potentially unwanted programs (PUPs) that make your computer run poorly
Scans fast so you don't have to sit around and wait for your security to finish working
Easy to use, just set it and forget it
Can replace antivirus or run alongside other antivirus programs(eh, this part not true)
-
You running both scans at once ? ?
Cause i've never seen MBAM cause this running standalone...
-
The background protection forms of Malwarebytes I'd expect to have or cause issues with other AV programs.
Doing a search and I can find loads of people saying they have issues in one or the other program which go away when the opposite program is removed from the system.
-
Oh no, I was not running both at the same time. It seems Mal-Ware Bytes is a better program...but not sure. Any one out there have any opinion, as to which is better...Trend, or Mal-Ware Bytes Premium? Care to tell me which anti-virus program you're using?
-
Maybe somebody wants to try and duplicate your findings.
So can you:
Provide exact version of Mal-Ware Bytes?
Likewise excavate version of TredMicro?
Os your Windows 7 up to date?
-
Mal-Ware Bytes is premium 3.1.2, Trend is 11.0...both have been updated as of today, and my win7 is updated.
-
Can someone address the issue of if 'TrustedInstall' in task manager\services(Windows Modules Installer) should be 'stopped', or 'running'?
-
Can someone address the issue of if 'TrustedInstall' in task manager\services(Windows Modules Installer) should be 'stopped', or 'running'?
It's not "supposed" to be either; If it is installing something- Windows Updates, certain programs, etc. then it is running. if it isn't, it will be Stopped. It requires admin privileges to start or stop. It doesn't make much difference either way. It is not really related to the TrustedInstaller account.
-
Oh, OK, I guess I was getting the 'TrustedInstaller' owner thing confused with the 'TrustedInstall' service in Task Manager? They are two different, separate things?
-
Maybe this could hlp clarify the question about trustedinstaller.
http://www.makeuseof.com/tag/what-is-trustedinstaller-and-why-does-it-keep-me-from-renaming-files/
TrustedInstaller is a built-in user account in Windows 8, Windows 7, and Windows Vista. This user account “owns” a variety of system files, including some files in your Program Files folder, your Windows folder, and even the Windows.old folder that is created after you upgrade from one version of Windows to another. To rename or delete these files, you’ll have to take ownership of them away from the TrustedInstaller user account.
...
The TrustedInstaller user account is used by the Windows Modules Installer service included with Windows. This service is responsible for installing, modifying, and removing Windows updates and other optional Windows components, so it has the exclusive ability to modify them.
...
Warning – the TrustedInstaller user account owns your system files. If TrustedInstaller is preventing you from renaming or deleting a folder, it’s often for a good reason. For example, if you rename the C:\Windows\System32 folder, your operating system will stop functioning and will need to be repaired or reinstalled.
Video:
https://www.youtube.com/watch?v=rGGImf6_S9Y
-
The premium ver. of MBAM has a real-time scanner that runs in the background,,,
I suspect this is what is causing the hiccups.
Both good apps...because they do different things.
I'd suggest disabling MBAM to run your Trend scans...and vice-versa and all should be good.
That is if you finally got Trend to install proper.
Either way the Trend tech shoulda known this IMHO.
-
Thanks everyone for all your help. I've finally(after 5 weeks) got things working normally.
Yeah, it seems that Trend and Mal-Ware Bytes don't play nice together.
I'm keeping Mal-Ware Bytes running as my main anti-virus program, disabling it and running Trend once a week. Then I probably won't be renewing Trend this year.
I just hope that all the stuff I did during the past 5 weeks didn't screw things up...all the programs that I use daily are working fine...after about a month or so, I'll have used 90% of programs. If everything is still working, I should be good. Again, thanks everyone for your help!!!
-
Doing your due diligence with your protection apps won't or shouldn't screw up any of your apps so you should be good to go...
Good to hear you are fixed up and thanx for keeping us posted.
-
BTW...Welcome Aboard !.