I managed to resolve the situation. This solution is only for trusted environments.
See next post for a better solution.
My particular scenario is somewhat complicated. Without going into detail, the computer is locked-down (running Returnil, similar to Steady-State) and the software is virtualized (Symantec Workspace Virtualization). I had the GPO startup script and a non-elevated batch file which is run on startup to play with.
As the user account has no password it was difficult to import a task with elevated privileges intended to run visibly.
Via the GPO script a temporary password was created*1, the tasks then imported with an /it switch to run them interactively*2 and the password removed*3. The tasks were then started from the script*4. (The tasks were delayed (with NirSoft's nircmd) so the virtualized layers had time to load.*5 The layers themselves are loaded with delay too, earlier, to give them some time.)
*1 net user USERNAME PASSWORD
*2 schtasks /create /xml "X:\Task.xml" /ru USERNAME /rp PASSWORD /tn TASKNAME /it
*3 net user USERNAME ""
*4 schtasks /run /tn TASKNAME
(*5 nircmd cmdwait 6000 exec hide schtasks /run /tn TASKNAME)
Some issues emerged as a result of the temporary password. An environment variable called SEE_MASK_NOZONECHECKS with a value of 1 was created to prevent Open File - Security Warnings*6 and network passwords were cached to prevent network password dialogs*7. I placed these commands in the non-elevated startup.bat, as they didn't work from the GPO startup script.
*5 setx SEE_MASK_NOZONECHECKS 1
*6 cmdkey /add:COMPUTERNAME /user:USERNAME /pass:""