Configuring on-access scanning of trusted installers
The Microsoft Windows Trusted Installer, or TrustedInstaller service, protects certain systemfiles from being replaced, changed, or deleted. This protects these files from threats that wouldinstall a rootkit or other malware on the system. These "Trusted installer" files are very difficultfor malware to change and should not require on-access scanning.
The on-access scan trusted installer setting is disabled by default with VirusScan Enterprise 8.8.This allows the installation of trusted software without on-access scanning, which improvesperformance. This is specifically true for service pack installations for Microsoft Windows.
For security reasons, you could enable this feature so all files being installed by the trustedinstaller are also being scanned, but this increase the installation time and reduces the overallsystem performance.