Obtaining a list of all programs that are run with elevated privileges

sojkovec

New member
Local time
2:08 PM
Messages
4
Anybody has any idea, how to obtain a complete list of EXEs that have the setting "run as an administrator" enabled? Obviously checking them manually one by one isn't a solution. Just point me in general direction (registry path, group policies, file attribute...). I'm stuck. Thanks.
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64Athlon X2 64 2,2GHz4 GBRadeon HD6450
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Asus
OS
Windows 7 Ultimate x64
CPU
Athlon X2 64 2,2GHz
Motherboard
M2N MX-SE+
Memory
4 GB
Graphics Card(s)
Radeon HD6450
Welcome to the forum.

Most executable files, including exe, cpl, msc, and more, will have this option. The context menu provides the option based on the file extension. This includes old DOS executables that predate UAC.
 

My Computer My Computer

At a glance

Windows 7 Pro 64 bitXeon W35208 GBNvidia Geforce 210
Computer type
PC/Desktop
Computer Manufacturer/Model Number
HP
OS
Windows 7 Pro 64 bit
CPU
Xeon W3520
Memory
8 GB
Graphics Card(s)
Nvidia Geforce 210
Thank you, I know that. But the setting does not modify the binary itself. It has to be saved somewhere and by that I do not mean a tick box in GUI, I mean where this mark is physically saved, e.g. some registry key, or within NTFS itself (like compression and/or encryption, etc.). That is what I need to know and am unable to google out.
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64Athlon X2 64 2,2GHz4 GBRadeon HD6450
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Asus
OS
Windows 7 Ultimate x64
CPU
Athlon X2 64 2,2GHz
Motherboard
M2N MX-SE+
Memory
4 GB
Graphics Card(s)
Radeon HD6450
I decribe my problem more generally: I have a Win7 PC to fix, which after malware infection remains in a state when various executables have "elevated rights" option enabled. Randomly over all hard drive. That causes UAC prompt to pop up, when running Word, for example. I will not resort to turning UAC off because of security, nor can't I let it in this state either, for same reason. Manually unticking them all one-by-one would inflame my index finger.. :) So I am looking for some easy way, short of complete reinstall (which is not needed, PC is clean and runs fine, except for this).
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64Athlon X2 64 2,2GHz4 GBRadeon HD6450
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Asus
OS
Windows 7 Ultimate x64
CPU
Athlon X2 64 2,2GHz
Motherboard
M2N MX-SE+
Memory
4 GB
Graphics Card(s)
Radeon HD6450
So, I have found it! How could I miss it? For info, it's here:
Code:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
for current user

and
Code:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
for all users. You can close this thread.
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64Athlon X2 64 2,2GHz4 GBRadeon HD6450
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Asus
OS
Windows 7 Ultimate x64
CPU
Athlon X2 64 2,2GHz
Motherboard
M2N MX-SE+
Memory
4 GB
Graphics Card(s)
Radeon HD6450
Just a thought.

You might consider a Clean Install again. Any infection that has changed that many permission settings can be lingering in your system.

I know you posted your system is clean. I personally would not take the chance.
I would also change all passwords to everything. (Banking, credit cards ect.) With all those permissions changed, your passwords may already be gathered.

I would change the passwords using another known clean computer.
 

My Computer My Computer

At a glance

Windows 10 Pro. 64/ version 1709 Windows 7 Pr...Intel i7-6800K @ 4.3Corsair Platinum 16 gig @2400EVGA GTX 1070 OC
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Home made Desktop
OS
Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
CPU
Intel i7-6800K @ 4.3
Motherboard
ASUS X-99 Deluxe II
Memory
Corsair Platinum 16 gig @2400
Graphics Card(s)
EVGA GTX 1070 OC
Monitor(s) Displays
Asus 27" LED LCD/VE278Q
Screen Resolution
1920-1080 or 1280-720 HDMI
Hard Drives
INTEL SSD 730-240 Gb Sata 3.0/
PSU
EVGA Platium 1200W
Case
Phanteks Luxe Tempered Glass 8 fans/ one radiator
Cooling
XSPC/ Water Cooled CPU
Keyboard
Das 4 Professional
Mouse
Logitech M705/MX Anywhere 2-S
Internet Speed
100 mbits
Antivirus
Microsoft Security Essentials/ Malwarebytes Premium 3.0/ SAS
Browser
I.E. 11 default/Firefox/ ISP Time Warner Cable/Spectrum
Other Info
LG BluRay Burner/
Sound system-KLipsch-THX/
Icy Dock ssd Hot Swap bays.
Back
Top