impossible to change privilege level of an app ?

hackerman1

New member
Local time
4:31 PM
Messages
759
impossible to change privilege level of a program ?

hi !

a few days ago a-squared began asking for elevated privilege, W7 showing an UAC-prompt everytime a-squared started a scheduled scan or i opened the GUI.

i checked the properties of a2start.exe which is the main file, under compatibility, the privilege level is set to "Run as admin".

i´ve tried to change it by using "Change settings for all users", but when it starts it doesn´t show the "Run as admin" as marked.

i tried to mark it, and then to unmark, but after clicking ok, it´s still marked as "Run as admin".

i switched to my admin-account and checked the file, it is NOT marked !
it´s only marked on my USER-account...

how do i change that ?
 

My Computer My Computer

At a glance

W7-Enterprise + WS-2008 (Converted to Worksta...P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400M...2GBNVIDIA QUADRO2 PRO 64MB
Computer Manufacturer/Model Number
Dell
OS
W7-Enterprise + WS-2008 (Converted to Workstation)
CPU
P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400MHz FSB...)
Motherboard
Intel 850E
Memory
2GB
Graphics Card(s)
NVIDIA QUADRO2 PRO 64MB
Sound Card
Yes
Monitor(s) Displays
Dell 1702FP
Screen Resolution
1280x1024
Hard Drives
Yes
PSU
Yes
Case
Yes
Cooling
Yes
Keyboard
Yes
Mouse
Yes, and i also have Cats...
Internet Speed
University: 100 MBit/s, Home: UMTS 7,2 MBit/s
Other Info
W7 on a DINOSAUR: P2 with 266MHz CPU & 160MB RAM
It's likely because A Squared updated the version a couple of days ago. Have you tried turning off UAC and attempting the same thing from the Admin account? You may be well served to reinstall and run the installer as admin. For some reason, UAC sees the new version, and doesn't recognize it's admin authority. Mine doesn't even have run as admin checked, and no problems. A Guy
 

My Computer My Computer

At a glance

Windows 10 Home x64INTEL Core i5-750 Quad-Core 3.37GHzHyperX Fury Black Series 8GB (2 x 4GB) 1866MhzEVGA GeForce GTX 750 Superclocked 1GB 128-Bit...
Computer type
PC/Desktop
OS
Windows 10 Home x64
CPU
INTEL Core i5-750 Quad-Core 3.37GHz
Motherboard
ASUS P7P55D
Memory
HyperX Fury Black Series 8GB (2 x 4GB) 1866Mhz
Graphics Card(s)
EVGA GeForce GTX 750 Superclocked 1GB 128-Bit GDDR5
Monitor(s) Displays
LG 32MA68HY 32" IPS
Screen Resolution
1920 x 1080
Hard Drives
Samsung 840 Evo 120GB, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
PSU
ANTEC TruePower New TP-550, 80 PLUS, 550W
Case
ANTEC Three Hundred Illusion
Cooling
COOLER MASTER Hyper 212 Plus, 4 x 120mm 1 x 140mm Noctua's
Internet Speed
85 + Mbps
Antivirus
Avast
Browser
Vivaldi
perhaps you missed this above: "i switched to my admin-account and checked the file, it is NOT marked !
it´s only marked on my USER-account..."

i already asked about it on Emsisoft´s forum, a2´s now requires to run elevated ( UAC-prompt ) ? - Emsisoft Support

got a very quick reply from the Developer himself, it took 4 minutes, can you believe that ?
MINUTES, not hours or days....
WOW !

and he didn´t mention any changes in a2.
i also have Windows Server 2008 installed, and of course i also use a2 with WS-2008.
so i shutdown W7 & started WS-2008 instead, also running on a normal USER-account,
after having updated a2 to the same version as on W7 i did same tests,
on WS-2008 a2 behaves exactly as before, no elevation required, no UAC-prompt.

on WS-2008 a2start.exe is NOT marked as "Run this program as administrator",
so it´s definitely a problem with my W7-system.

i don´t think you really understand the problem, because as i see it, it´s not a problem with UAC, the problem is that the file has somehow got changed privileges.

and the installer of course runs as admin, because it requires admin-rights...
 

My Computer My Computer

At a glance

W7-Enterprise + WS-2008 (Converted to Worksta...P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400M...2GBNVIDIA QUADRO2 PRO 64MB
Computer Manufacturer/Model Number
Dell
OS
W7-Enterprise + WS-2008 (Converted to Workstation)
CPU
P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400MHz FSB...)
Motherboard
Intel 850E
Memory
2GB
Graphics Card(s)
NVIDIA QUADRO2 PRO 64MB
Sound Card
Yes
Monitor(s) Displays
Dell 1702FP
Screen Resolution
1280x1024
Hard Drives
Yes
PSU
Yes
Case
Yes
Cooling
Yes
Keyboard
Yes
Mouse
Yes, and i also have Cats...
Internet Speed
University: 100 MBit/s, Home: UMTS 7,2 MBit/s
Other Info
W7 on a DINOSAUR: P2 with 266MHz CPU & 160MB RAM
Would running the executable at start-up via the scheduler with "run with highest privileges" work in this case - just an idea as it should take away link to a particular user profile
 

My Computers My Computers

  • At a glance

    Windows 11 Pro x64 [Latest Release and Releas...Ryzen 9 5950X, 3.8 - 5.2 MHz64GB [2 x 32GB] DDR4 3200MHz4GB NVIDIA GEFORCE GTX 1650 Ti
    Computer type
    PC/Desktop
    Computer Manufacturer/Model Number
    ChillBlast - Custom to my design
    OS
    Windows 11 Pro x64 [Latest Release and Release Preview]
    CPU
    Ryzen 9 5950X, 3.8 - 5.2 MHz
    Motherboard
    Asus Prime X570-Pro
    Memory
    64GB [2 x 32GB] DDR4 3200MHz
    Graphics Card(s)
    4GB NVIDIA GEFORCE GTX 1650 Ti
    Sound Card
    On-board SPDIF to 5.1 System + HDMI [5.1 system]
    Monitor(s) Displays
    32" UHD 32 Bit HDR Monitor + 43" UHD 4K 32Bit HDR TV
    Screen Resolution
    2 x 3840 x 2160 @60Hz
    Hard Drives
    1TB M2 SSD OS, 500GB Fast Access SSD, 2 x 8TB Data + Various Externals from 1TB to 4TB, 10TB NAS
    PSU
    NZXT C750 80 PLUS Gold 750W Modular PSU
    Case
    Workstation Case [Matt Black]
    Cooling
    NZXT Kraken X63 280mm CPU Cooler +2x Quiet Case fans
    Keyboard
    Logitech Wireless MX Keys & K400 + others
    Mouse
    Logitech Wireless MX Master 3S
    Internet Speed
    920 MB Down 50 MB Up
    Antivirus
    BitDefender Total Security Pro
    Browser
    Chrome (always run latest Non-Beta)
    Other Info
    Also run ...
    Laptop - Quad 8GB - Windows 10 Pro x64
    Nexus 7 Android tablet x2
    Samsung 10.2" tablet
    Blackview TAB 8 4G Android Tablet c/w Keyboard
    Wacom Intuos Pro Medium Pen Pad
    Wacom Intuos Pro Small Pen Pad
    Wacom Expresskeys Remote
    Loopdeck+ Graphics Controller
    Shuttle Pro v2 Control
  • At a glance

    Windows 11 Pro x64 Latest RPIntel I7 10750H 5.0GHz32GB [2x16GB] DDR4 2933 MHznVidia GTX1650Ti 4 GB GDDR6
    Computer type
    Laptop
    System Manufacturer/Model Number
    Dell XPS 17 10750H
    OS
    Windows 11 Pro x64 Latest RP
    CPU
    Intel I7 10750H 5.0GHz
    Motherboard
    Dell XPS
    Memory
    32GB [2x16GB] DDR4 2933 MHz
    Graphics Card(s)
    nVidia GTX1650Ti 4 GB GDDR6
    Sound Card
    Stock [Realtek] 4 Speaker
    Monitor(s) Displays
    17" IPS UHD+ Infinity Edge Touchscreen
    Screen Resolution
    3840 x 2400
    Hard Drives
    2TB M2 NVMe, 4TB External + various 500GB & 1TB External NVMe (also have access to spinner HDD from
    PSU
    Stock
    Case
    Stock XPS Aluminium & Carbon Fibre
    Cooling
    Stock - Active Fan Control
    Keyboard
    Backlit + Various Logitech
    Mouse
    Stock Track Pad + Logitech MX Trackball
    Internet Speed
    72 MB Down 18MB Up
    Browser
    Chrome
    Other Info
    Also run ...
    Laptop - Quad 8GB - Windows 10 Pro x64
    Nexus 7 Android tablet x2
    10.2" tablet
    Sony Z3 Android Smartphone
    Wacom Intuos Pro Medium Pen Pad
    Wacom Intuos Pro Small Pen Pad
    Wacom Expresskeys Remote
    Loopdeck+ Graphics Controller
    Shuttle Pro v2 Control Pad
    10TB NAS
hmmm, taskscheduler as admin or user ?
 

My Computer My Computer

At a glance

W7-Enterprise + WS-2008 (Converted to Worksta...P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400M...2GBNVIDIA QUADRO2 PRO 64MB
Computer Manufacturer/Model Number
Dell
OS
W7-Enterprise + WS-2008 (Converted to Workstation)
CPU
P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400MHz FSB...)
Motherboard
Intel 850E
Memory
2GB
Graphics Card(s)
NVIDIA QUADRO2 PRO 64MB
Sound Card
Yes
Monitor(s) Displays
Dell 1702FP
Screen Resolution
1280x1024
Hard Drives
Yes
PSU
Yes
Case
Yes
Cooling
Yes
Keyboard
Yes
Mouse
Yes, and i also have Cats...
Internet Speed
University: 100 MBit/s, Home: UMTS 7,2 MBit/s
Other Info
W7 on a DINOSAUR: P2 with 266MHz CPU & 160MB RAM
hi !

a few days ago a-squared began asking for elevated privilege, W7 showing an UAC-prompt everytime a-squared started a scheduled scan or i opened the GUI.

i checked the properties of a2start.exe which is the main file, under compatibility, the privilege level is set to "Run as admin".

i´ve tried to change it by using "Change settings for all users", but when it starts it doesn´t show the "Run as admin" as marked.

i tried to mark it, and then to unmark, but after clicking ok, it´s still marked as "Run as admin".

i switched to my admin-account and checked the file, it is NOT marked !
it´s only marked on my USER-account...

how do i change that ?

Maybe I am missing something here, so I read this 3 times, plus read the part you posted on a2 web site.

Instead of playing with the "Change settings for all users", mark and unmark, why not turn off compatibility mode all together?

Plus you were saying you are running the application from a shortcut, why not delete the shortcut and make a new one??

Maybe some screen shots would help; you know picture is worth a thousand words.
 

My Computer My Computer

At a glance

Windows 7 Enterprise (x64); Windows Server 20...16GB
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell OP7010
OS
Windows 7 Enterprise (x64); Windows Server 2008 R2 (x64)
Memory
16GB
Monitor(s) Displays
4 Dell 24" LCD
Screen Resolution
1280x1024
Keyboard
Dell
Mouse
Dell Optical
Internet Speed
40meg
yes i know, but i want to know how to change privilege level...
 

My Computer My Computer

At a glance

W7-Enterprise + WS-2008 (Converted to Worksta...P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400M...2GBNVIDIA QUADRO2 PRO 64MB
Computer Manufacturer/Model Number
Dell
OS
W7-Enterprise + WS-2008 (Converted to Workstation)
CPU
P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400MHz FSB...)
Motherboard
Intel 850E
Memory
2GB
Graphics Card(s)
NVIDIA QUADRO2 PRO 64MB
Sound Card
Yes
Monitor(s) Displays
Dell 1702FP
Screen Resolution
1280x1024
Hard Drives
Yes
PSU
Yes
Case
Yes
Cooling
Yes
Keyboard
Yes
Mouse
Yes, and i also have Cats...
Internet Speed
University: 100 MBit/s, Home: UMTS 7,2 MBit/s
Other Info
W7 on a DINOSAUR: P2 with 266MHz CPU & 160MB RAM
Ok my understanding of this as a non programmer is that we are dealing with two levels of "Privilege" here.

There are the actual file permissions which are part of the NTFS file system. These are fully controllable via the methods we all know, (and love ;) ). This system is the same as it has been since the first days of NT. There is also the "privilege" level that an application needs to manipulate the objects it works with.

The facts are now complicated by the addition of UAC into the mix, and it's use of the dual token system for administrators, plus the fact that the Privilege level required for the running of an application is set in the program code. Some programs will trigger the UAC prompt whatever is set in the compatibility mode settings. This is triggered by the program itself or by the security system when the program attempts to access an object that requires a higher privilege level the the one it is running at.

Without changing the actual code of the application, and the ACL's of all files that may be accessed by the application, all we can do at a user level are workarounds, to prevent the trigger of the UAC prompt, the application must run at the privilege level it requires to access and change the files it uses.

The "Admin Shortcut" mentioned above is probably the most useful for system type applications, as the trigger in the Task Scheduler may be set to system start or user login (Standard or Admin).

This is of course my simplistic understanding of this and any of our accomplished programmers here will be able to explain this much more clearly :)
 

My Computers My Computers

  • At a glance

    Windows 11 Pro x64 [Latest Release and Releas...Ryzen 9 5950X, 3.8 - 5.2 MHz64GB [2 x 32GB] DDR4 3200MHz4GB NVIDIA GEFORCE GTX 1650 Ti
    Computer type
    PC/Desktop
    Computer Manufacturer/Model Number
    ChillBlast - Custom to my design
    OS
    Windows 11 Pro x64 [Latest Release and Release Preview]
    CPU
    Ryzen 9 5950X, 3.8 - 5.2 MHz
    Motherboard
    Asus Prime X570-Pro
    Memory
    64GB [2 x 32GB] DDR4 3200MHz
    Graphics Card(s)
    4GB NVIDIA GEFORCE GTX 1650 Ti
    Sound Card
    On-board SPDIF to 5.1 System + HDMI [5.1 system]
    Monitor(s) Displays
    32" UHD 32 Bit HDR Monitor + 43" UHD 4K 32Bit HDR TV
    Screen Resolution
    2 x 3840 x 2160 @60Hz
    Hard Drives
    1TB M2 SSD OS, 500GB Fast Access SSD, 2 x 8TB Data + Various Externals from 1TB to 4TB, 10TB NAS
    PSU
    NZXT C750 80 PLUS Gold 750W Modular PSU
    Case
    Workstation Case [Matt Black]
    Cooling
    NZXT Kraken X63 280mm CPU Cooler +2x Quiet Case fans
    Keyboard
    Logitech Wireless MX Keys & K400 + others
    Mouse
    Logitech Wireless MX Master 3S
    Internet Speed
    920 MB Down 50 MB Up
    Antivirus
    BitDefender Total Security Pro
    Browser
    Chrome (always run latest Non-Beta)
    Other Info
    Also run ...
    Laptop - Quad 8GB - Windows 10 Pro x64
    Nexus 7 Android tablet x2
    Samsung 10.2" tablet
    Blackview TAB 8 4G Android Tablet c/w Keyboard
    Wacom Intuos Pro Medium Pen Pad
    Wacom Intuos Pro Small Pen Pad
    Wacom Expresskeys Remote
    Loopdeck+ Graphics Controller
    Shuttle Pro v2 Control
  • At a glance

    Windows 11 Pro x64 Latest RPIntel I7 10750H 5.0GHz32GB [2x16GB] DDR4 2933 MHznVidia GTX1650Ti 4 GB GDDR6
    Computer type
    Laptop
    System Manufacturer/Model Number
    Dell XPS 17 10750H
    OS
    Windows 11 Pro x64 Latest RP
    CPU
    Intel I7 10750H 5.0GHz
    Motherboard
    Dell XPS
    Memory
    32GB [2x16GB] DDR4 2933 MHz
    Graphics Card(s)
    nVidia GTX1650Ti 4 GB GDDR6
    Sound Card
    Stock [Realtek] 4 Speaker
    Monitor(s) Displays
    17" IPS UHD+ Infinity Edge Touchscreen
    Screen Resolution
    3840 x 2400
    Hard Drives
    2TB M2 NVMe, 4TB External + various 500GB & 1TB External NVMe (also have access to spinner HDD from
    PSU
    Stock
    Case
    Stock XPS Aluminium & Carbon Fibre
    Cooling
    Stock - Active Fan Control
    Keyboard
    Backlit + Various Logitech
    Mouse
    Stock Track Pad + Logitech MX Trackball
    Internet Speed
    72 MB Down 18MB Up
    Browser
    Chrome
    Other Info
    Also run ...
    Laptop - Quad 8GB - Windows 10 Pro x64
    Nexus 7 Android tablet x2
    10.2" tablet
    Sony Z3 Android Smartphone
    Wacom Intuos Pro Medium Pen Pad
    Wacom Intuos Pro Small Pen Pad
    Wacom Expresskeys Remote
    Loopdeck+ Graphics Controller
    Shuttle Pro v2 Control Pad
    10TB NAS
Hi hackerman1,

What if the issue is a change in your PC's config, not Emisofts'? Check secpol.msc User account control settings, especially two in the screen prints I took below. The pics show the defaults for Windows 7.

I'll have a bit of a think and see what else sprigs to mind, will let you know if I come up with something.

PS: I know you said you haven't changed anything; but please check anyway; besides you may be able to massage your settings here to make it work (balance that with security of course :) ).
 

Attachments

  • secpol.JPG
    secpol.JPG
    129.3 KB · Views: 327

My Computer My Computer

At a glance

Windows 7 Ultimate 64 bitIntel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz8 GB KingstonNvidia GeForce 9600GT
Computer Manufacturer/Model Number
Custom Hack job
OS
Windows 7 Ultimate 64 bit
CPU
Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Motherboard
GigaByte EP45-UD3
Memory
8 GB Kingston
Graphics Card(s)
Nvidia GeForce 9600GT
Sound Card
Soundblaster Audigy
Monitor(s) Displays
AOC x2 22"
Hard Drives
2 x Samsung 500GB (RAID)
2 x Samsung 2TB
1 x WD Green 2TB
1 x Seagate 1TB
1 x Samsung 500GB
PSU
Thermaltake QFan 750W
Case
CM Scout Gaming
Cooling
Coolermaster V10
Keyboard
Microsoft Wireless Keyboard 1000
Mouse
Microsoft Wireless Optical 2000
Internet Speed
320
Other Info
Winfast PVR2000CP
LG DVD-RAM DVD/RW/DL Super Multi
Linksys WMP300Nx2 Wireless Adapter
hi !

thanks for the tip about secpol.msc.
but i can´t check that now.
yesterday i decided that i had wasted too much time on this.

so i uninstalled a2, then i tried to start a2.exe from another folder in which i have another a2-installation for WS-2008,
that a2start.exe had normal rights BEFORE i uninstalled a2 from W7.
but AFTER the uninstall it got changed to "Run as admin" !

so i then reinstalled a2 to another folder with another name, as i suspected i would get the same problem again otherwise.

now everything is normal again with a2, no UAC-prompts anymore.
the a2start.exe in the WS-2008 installation is still marked as "Run as admin"...

a small note: i use a common program-partition for both W7 & WS-2008.
 

My Computer My Computer

At a glance

W7-Enterprise + WS-2008 (Converted to Worksta...P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400M...2GBNVIDIA QUADRO2 PRO 64MB
Computer Manufacturer/Model Number
Dell
OS
W7-Enterprise + WS-2008 (Converted to Workstation)
CPU
P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400MHz FSB...)
Motherboard
Intel 850E
Memory
2GB
Graphics Card(s)
NVIDIA QUADRO2 PRO 64MB
Sound Card
Yes
Monitor(s) Displays
Dell 1702FP
Screen Resolution
1280x1024
Hard Drives
Yes
PSU
Yes
Case
Yes
Cooling
Yes
Keyboard
Yes
Mouse
Yes, and i also have Cats...
Internet Speed
University: 100 MBit/s, Home: UMTS 7,2 MBit/s
Other Info
W7 on a DINOSAUR: P2 with 266MHz CPU & 160MB RAM
Another thought, since you're talking to the programmer, it might be a good idea to shoot him/her off a list of your users token privileges and to see whether they are fully fledged tokens, filtered tokens or something less likely to receive an admin prompt. The programmer would know what tokens are required to run their software (you could always ask for this too) and from the comparison you should be able to see exactly what's causing your issue.

Open an elevated command prompt and type whoamI /priv into a command prompt and post it here. NOTE: The whoamI /priv does work from a normal command prompt; but you only get a partial list of results.

About tokens
As far as I can remember.... and there's likely to be holes in my knowledge *grin*. When you sign into windows you receive 2 access tokens, one for group membership and another for authorization and access control, fully fledged tokens are granted to:
Built-In Administrators
Power Users
Account Operators
Server Operators
Printer Operators
Backup Operators
RAS Servers Group
Windows NT 4.0 App Compat Group
Network Configuration Operators
Domain Administrators
Domain Controllers
Certificate Publishers
Schema Administrators
Enterprise Administrators
Group Policy Administrators

i tried to find an MS article on the above, other than in my onenote's but I couldn't sorry. But I did find this info on whoamI /priv that you might find useful.

Good Luck
Timo
 

My Computer My Computer

At a glance

Windows 7 Ultimate 64 bitIntel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz8 GB KingstonNvidia GeForce 9600GT
Computer Manufacturer/Model Number
Custom Hack job
OS
Windows 7 Ultimate 64 bit
CPU
Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Motherboard
GigaByte EP45-UD3
Memory
8 GB Kingston
Graphics Card(s)
Nvidia GeForce 9600GT
Sound Card
Soundblaster Audigy
Monitor(s) Displays
AOC x2 22"
Hard Drives
2 x Samsung 500GB (RAID)
2 x Samsung 2TB
1 x WD Green 2TB
1 x Seagate 1TB
1 x Samsung 500GB
PSU
Thermaltake QFan 750W
Case
CM Scout Gaming
Cooling
Coolermaster V10
Keyboard
Microsoft Wireless Keyboard 1000
Mouse
Microsoft Wireless Optical 2000
Internet Speed
320
Other Info
Winfast PVR2000CP
LG DVD-RAM DVD/RW/DL Super Multi
Linksys WMP300Nx2 Wireless Adapter
hi !

thanks for the tip about secpol.msc.
but i can´t check that now.
yesterday i decided that i had wasted too much time on this.

so i uninstalled a2, then i tried to start a2.exe from another folder in which i have another a2-installation for WS-2008,
that a2start.exe had normal rights BEFORE i uninstalled a2 from W7.
but AFTER the uninstall it got changed to "Run as admin" !

so i then reinstalled a2 to another folder with another name, as i suspected i would get the same problem again otherwise.

now everything is normal again with a2, no UAC-prompts anymore.
the a2start.exe in the WS-2008 installation is still marked as "Run as admin"...

a small note: i use a common program-partition for both W7 & WS-2008.

Congratulations on persevering and getting it working *sigh of relief*.

There are particular folders like 'system32', 'windows', 'program files' that require stronger tokens and force the UAC prompt. I wonder if your new folder was not one of these?
 

My Computer My Computer

At a glance

Windows 7 Ultimate 64 bitIntel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz8 GB KingstonNvidia GeForce 9600GT
Computer Manufacturer/Model Number
Custom Hack job
OS
Windows 7 Ultimate 64 bit
CPU
Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Motherboard
GigaByte EP45-UD3
Memory
8 GB Kingston
Graphics Card(s)
Nvidia GeForce 9600GT
Sound Card
Soundblaster Audigy
Monitor(s) Displays
AOC x2 22"
Hard Drives
2 x Samsung 500GB (RAID)
2 x Samsung 2TB
1 x WD Green 2TB
1 x Seagate 1TB
1 x Samsung 500GB
PSU
Thermaltake QFan 750W
Case
CM Scout Gaming
Cooling
Coolermaster V10
Keyboard
Microsoft Wireless Keyboard 1000
Mouse
Microsoft Wireless Optical 2000
Internet Speed
320
Other Info
Winfast PVR2000CP
LG DVD-RAM DVD/RW/DL Super Multi
Linksys WMP300Nx2 Wireless Adapter
hi !

i´ve been using a2 for long and i have never seen this before, until a few days ago.
Emsisoft has not changed anything in a2, it´s running now, without any "admin-rights" for a2start.exe, a scheduled scan also starts normally without any UAC-prompts.

somehow something got changed on my computer.
before uninstalling i also tried to "Take ownership" of a2start.exe, but it didn´t help...

maybe i CAN find something in secpol.msc, since the other a2start.exe in the WS2008-folder had the privilege level changed when i uninstalled a2 from the W7-folder,
which btw. i think is weird.
i´m going to take a look...

There are particular folders like 'system32', 'windows', 'program files' that require stronger tokens and force the UAC prompt. I wonder if your new folder was not one of these?

hmm, now you make me confused....:huh:

my "new" a2-folder for W7 is "E:\Program files\a2".
and the problem has now disappeared...
the old a2-folder was also on E.

i have several partitions, i use a system-partition for each O/S, all other programs are installed on a separate program-partition which is common for both O/S´s.

here is a detailed description about my system:
http://www.sevenforums.com/performance-maintenance/92465-few-tips-about-performance-etc.html

when running W7:
W7=C
WS2008=D
Programs=E

a2 is not installed on C, so i don´t understand what "windows" & "system32" has to do with it ?

i´m also going to check whoamI /priv.
 

My Computer My Computer

At a glance

W7-Enterprise + WS-2008 (Converted to Worksta...P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400M...2GBNVIDIA QUADRO2 PRO 64MB
Computer Manufacturer/Model Number
Dell
OS
W7-Enterprise + WS-2008 (Converted to Workstation)
CPU
P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400MHz FSB...)
Motherboard
Intel 850E
Memory
2GB
Graphics Card(s)
NVIDIA QUADRO2 PRO 64MB
Sound Card
Yes
Monitor(s) Displays
Dell 1702FP
Screen Resolution
1280x1024
Hard Drives
Yes
PSU
Yes
Case
Yes
Cooling
Yes
Keyboard
Yes
Mouse
Yes, and i also have Cats...
Internet Speed
University: 100 MBit/s, Home: UMTS 7,2 MBit/s
Other Info
W7 on a DINOSAUR: P2 with 266MHz CPU & 160MB RAM
hi!

Hi hackerman1,

What if the issue is a change in your PC's config, not Emisofts'? Check secpol.msc User account control settings, especially two in the screen prints I took below. The pics show the defaults for Windows 7.

I'll have a bit of a think and see what else sprigs to mind, will let you know if I come up with something.

PS: I know you said you haven't changed anything; but please check anyway; besides you may be able to massage your settings here to make it work (balance that with security of course :) ).


i´ve checked secpol.msc:

"Behavior of the elevation prompt for administrators in Admin approval mode"
is set to: "Prompt for consent on secure desktop"

"Behavior of the elevation prompt for standard users" is set to:
"Prompt for credentials on secure desktop"
 

My Computer My Computer

At a glance

W7-Enterprise + WS-2008 (Converted to Worksta...P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400M...2GBNVIDIA QUADRO2 PRO 64MB
Computer Manufacturer/Model Number
Dell
OS
W7-Enterprise + WS-2008 (Converted to Workstation)
CPU
P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400MHz FSB...)
Motherboard
Intel 850E
Memory
2GB
Graphics Card(s)
NVIDIA QUADRO2 PRO 64MB
Sound Card
Yes
Monitor(s) Displays
Dell 1702FP
Screen Resolution
1280x1024
Hard Drives
Yes
PSU
Yes
Case
Yes
Cooling
Yes
Keyboard
Yes
Mouse
Yes, and i also have Cats...
Internet Speed
University: 100 MBit/s, Home: UMTS 7,2 MBit/s
Other Info
W7 on a DINOSAUR: P2 with 266MHz CPU & 160MB RAM
Just a quick note:

If you are sharing "E:\Program files\a2" between Windows Server 2008 and Windows 7, you need to realize that Windows Server 2008 = Windows Vista, there have been issues with Vista and 7 sharing the same applications in the same folder(s). -WS
 

My Computer My Computer

At a glance

Windows 7 Enterprise (x64); Windows Server 20...16GB
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell OP7010
OS
Windows 7 Enterprise (x64); Windows Server 2008 R2 (x64)
Memory
16GB
Monitor(s) Displays
4 Dell 24" LCD
Screen Resolution
1280x1024
Keyboard
Dell
Mouse
Dell Optical
Internet Speed
40meg
hi !

NO, a2 is installed in 2 DIFFERENT folders.
it also was before the problem started...

have i explained this so badly ? :huh:
sorry !

a2 was installed on the same partition but is 2 separate folders:
in W7: "E:\Program files\EAM"
in WS2008: "E:\Program files\EAM WS 2008"

i uninstalled a2 from W7, and then deleted "E:\Program files\EAM".

then i tried to start a2´s main file (GUI) a2start.exe from "E:\Program files\EAM WS 2008".

THAT a2start.exe had normal "Privelege level" BEFORE i uninstalled a2 from "E:\Program files\EAM".
i know it because i checked the properties of a2start.exe in "E:\Program files\EAM WS 2008" BEFORE i uninstalled a2 from W7.
i also started a2start.exe, and it started without any UAC-prompts.
i then checked the properties of a2start.exe again, still no change.

but AFTER a2 was uninstalled from W7 it got changed to "Run as admin" !
i had a suspicion it would happen....

a2 is now installed to a new folder "E:\Program files\a2" and everything is back to normal,
except a2start.exe in "E:\Program files\EAM WS 2008", which still has a changed privilege level.
 
Last edited:

My Computer My Computer

At a glance

W7-Enterprise + WS-2008 (Converted to Worksta...P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400M...2GBNVIDIA QUADRO2 PRO 64MB
Computer Manufacturer/Model Number
Dell
OS
W7-Enterprise + WS-2008 (Converted to Workstation)
CPU
P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400MHz FSB...)
Motherboard
Intel 850E
Memory
2GB
Graphics Card(s)
NVIDIA QUADRO2 PRO 64MB
Sound Card
Yes
Monitor(s) Displays
Dell 1702FP
Screen Resolution
1280x1024
Hard Drives
Yes
PSU
Yes
Case
Yes
Cooling
Yes
Keyboard
Yes
Mouse
Yes, and i also have Cats...
Internet Speed
University: 100 MBit/s, Home: UMTS 7,2 MBit/s
Other Info
W7 on a DINOSAUR: P2 with 266MHz CPU & 160MB RAM
NO, a2 is installed in 2 DIFFERENT folders.
it also was before the problem started...

That is good, I just wanted to note it, just in case.
 

My Computer My Computer

At a glance

Windows 7 Enterprise (x64); Windows Server 20...16GB
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell OP7010
OS
Windows 7 Enterprise (x64); Windows Server 2008 R2 (x64)
Memory
16GB
Monitor(s) Displays
4 Dell 24" LCD
Screen Resolution
1280x1024
Keyboard
Dell
Mouse
Dell Optical
Internet Speed
40meg
hi !

when i installed WS2008, after having done the workstation conversion,
i decided to install a2 in a new folder for WS2008 just because it could be some compatibility-issues with a2.
and i really didn´t want to get any security-problems on W7, caused by some WS2008-problems, because a2 is my primary A/V, although i also have MSE, Avast & MBAM installed, i normally use only a2 for realtime-protection.
 

My Computer My Computer

At a glance

W7-Enterprise + WS-2008 (Converted to Worksta...P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400M...2GBNVIDIA QUADRO2 PRO 64MB
Computer Manufacturer/Model Number
Dell
OS
W7-Enterprise + WS-2008 (Converted to Workstation)
CPU
P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400MHz FSB...)
Motherboard
Intel 850E
Memory
2GB
Graphics Card(s)
NVIDIA QUADRO2 PRO 64MB
Sound Card
Yes
Monitor(s) Displays
Dell 1702FP
Screen Resolution
1280x1024
Hard Drives
Yes
PSU
Yes
Case
Yes
Cooling
Yes
Keyboard
Yes
Mouse
Yes, and i also have Cats...
Internet Speed
University: 100 MBit/s, Home: UMTS 7,2 MBit/s
Other Info
W7 on a DINOSAUR: P2 with 266MHz CPU & 160MB RAM
Hi Hackerman1,

I can't say with certainty how the tokens are affected with the sharing of program files on different disks. I can only guess that whoever is the owner of the disk/folder (W7 or S2008) might affect the tokens and whether or not it's recognized as a "Program Files" folder, could even be the logged in user?

I have S2008 and W7 on different partitions as well although my program files are localized.You have me curious and I'd like to test this further! Unfortunately it's exam week for me :( so I've no time to set up your scenario and check it. It might be interesting to check whoamI from both OS' and compare this to secedit and folder permissions and ownership. I'd be curious to find out if any are different and if changing them alters the admin prompt scenario.

RE: Secpol
hi!

"Behavior of the elevation prompt for administrators in Admin approval mode"
is set to: "Prompt for consent on secure desktop"

"Behavior of the elevation prompt for standard users" is set to:
"Prompt for credentials on secure desktop"

Note the difference in your "Behavior of the elevation prompt for administrators in Admin approval mode"
I'm pretty certain that the default should be "Prompt for consent for non-windows binaries"

I didn't mention previously but "Behavior of the elevation prompt for standard users" should be "prompt for credentials".

Perhaps WindowsStar or another reader can verify theirs?

-Timo

PS: You've probably already noted this, but our timezone differences may make for delays in my replies. :)
 

My Computer My Computer

At a glance

Windows 7 Ultimate 64 bitIntel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz8 GB KingstonNvidia GeForce 9600GT
Computer Manufacturer/Model Number
Custom Hack job
OS
Windows 7 Ultimate 64 bit
CPU
Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Motherboard
GigaByte EP45-UD3
Memory
8 GB Kingston
Graphics Card(s)
Nvidia GeForce 9600GT
Sound Card
Soundblaster Audigy
Monitor(s) Displays
AOC x2 22"
Hard Drives
2 x Samsung 500GB (RAID)
2 x Samsung 2TB
1 x WD Green 2TB
1 x Seagate 1TB
1 x Samsung 500GB
PSU
Thermaltake QFan 750W
Case
CM Scout Gaming
Cooling
Coolermaster V10
Keyboard
Microsoft Wireless Keyboard 1000
Mouse
Microsoft Wireless Optical 2000
Internet Speed
320
Other Info
Winfast PVR2000CP
LG DVD-RAM DVD/RW/DL Super Multi
Linksys WMP300Nx2 Wireless Adapter
Back
Top