Configuring Background Tasks to Autorun as Administrator

windows-7 boot administrator autorun
7,597

Okay, I figured out a way to do it without too much hassle or exposing a password in the clear.

First, you’ll need to enable the administrator account. This is the most inconvenient part. I set my normal account to auto-login, but it’s annoying that the administrator account is available on the login screen, even if I never really see it. Some may complain that by exposing the administrator account, it makes the system a little less secure, but since you must set a password for the account in order to use it from the command-line anyway, that concern is moot.

The method I chose requires using some sort of SHELLEXECUTE program that supports running programs minimized. (One could use the START command built into the command interpreter CMD instead, but that would cause a command prompt window to flash whereas a windowless non-console program would avoid that.) There are plenty to choose from, but I just used one that I wrote way back when.

Now, just create a registry entry in the RUN key that calls the ShellExecute, specifying the minimize option, and using RUNAS as the program to execute. (There are other programs that can run a program using a different account if you prefer, but RUNAS comes with Windows and can save the password to avoid including it in the command-line.) Alternately, you can create a regular Windows shortcut and move it to the Startup folder.

Finally, you’ll need to pass the program (and any arguments for it) as an argument to RUNAS.

(Don’t forget to run the target program—or any program for that matter—with RUNAS, specifying the /SAVECRED option, at least once without running it minimized in order to save the password.)

The command-line to use can get pretty complex because it is a program calling a program calling a program. It gets worse if you need to specify arguments to the target program, and much worse, if you need to include spaces. The quotation mark situation can quickly become maddening, so a lot of experimentation will likely be necessary.

For example, if you use ShelExec from P.J. Naughter and want to run SpeedFan, you would use a command-line like this:

shelexec /showcmd:sw_hide /EXE runas "/params:/user:administrator /savecred ""C:\Program Files\SpeedFan\speedfan.exe"""

I should point out that I have set SpeedFan’s options to start minimized, otherwise instead of running speedfan “directly”, I would have to run a second ShellExecute program with its minimize option to run SpeedFan (a program calling a program calling a program calling a program). Getting that to work would almost certainly drive even the most accomplished computer administrator stark raving mad.

It can be a bit of work to get the command-line worked out, but it seems to work quite well for any auto-run background tasks that require administrative access. Best of all, it works for standard/limited user accounts, so you can use this method to have programs auto-run with elevated privileges without giving a UAC prompt for regular users.

(While it works nicely, it does have its down-sides, most notably that because it runs the programs indirectly, autorun managers like Autoruns, StartupDelayer, HijackThis etc. will not be able to detect which actual program is being autorun—they’ll still work and be able to disable/delete/etc., but they won’t show the right icon or file resource info.)

Share:
7,597

Related videos on Youtube

Synetech
Author by

Synetech

Sadly, I’ve become soured by the SE network. It started great, but went downhill. Some mods are too aggressive/bias, policies are arbitrarily/capriciously/selectively applied, and some users treat the sites as MMOGs, “rep-whoring”, copying others’ work, and posting random guesses to game the system by abusing and exploiting auto-bounty assignment. I care(d) about the integrity of the site, so I feel anywhere that allows such disreputable behavior isn’t somewhere worth staying. My OCD not withstanding, I won’t be contributing much here anymore and will find somewhere else to help people. I apologize to all of the people I would have helped here in the future. Press the chemise key to continue… 😈 Images As a visual-learner, I often add images to my posts to make them more effective. Sometimes I take photos, sometimes I create them with software, sometimes I find them through Google Images or Wikipedia. Mod I’ve been asked hey bro, y u no b mod? get u POWR! impr0ve site (or some other variation). I had considered it and was even tempted to run a few times, but I just have too much to do already, so I can’t take on that kind of commitment when I know I won’t be able to do as good a job as I’d like, or as Sweet Brown would say, ain’t nobody got time fo’ dat. Besides, as the behavior of the other mods became more and more apparent, I realized that it would be pointless.

Updated on September 17, 2022

Comments

  • Synetech
    Synetech almost 2 years

    I am trying to figure out how to run a program that requires administrator access to autorun.

    Some programs like DuMeter, Speedfan, or ATI Tray Tools require administrator access to interface with the hardware. Further, they are background tasks that one wouldn't want to have to manually run on each and every boot, so they should be part of the startup.

    I looked around and the closest thing to a solution that I could find was to schedule them as tasks, but that is no good because not only does it clutter the task list, but some programs need to be run as soon as possible (eg to monitor bytes transferred on the NIC, to adjust fan speeds, or set the desktop colors and refresh rates).

    I considered converting them to run as services, but that seems unnecessarily excessive.

    Is there a better way to autorun programs as administrator?

    Thanks.


    Update
    Just to be clear, the method to elevate the autorun tasks should not require user input such as accepting the UAC prompt. Sure, one could disable UAC, but that is obviously not ideal.

  • Synetech
    Synetech over 13 years
    The built-in autorun functions only run them without admin which limits their functions (eg Speedfan uses a different, less-functional monitoring chip when not admin). Like I said, they need to run as early as possible and scheduling them as tasks is later than in the RUN key in the registry. Using the shortcut method (ie in the Startup folder has the same problem).
  • Sparx
    Sparx over 13 years
    Even after specifying RUN AS ADMINISTRATOR in the COMPATIBILITY tab?
  • Synetech
    Synetech over 13 years
    Using that option causes a UAC prompt. Autorun tasks obviously need to run without a prompt. I'll add that to the question though just to be absolutely clear.
  • Synetech
    Synetech over 13 years
    Right; that was one of the "other programs that can run a program using a different account" I was referring to. However, last I checked, it still requires putting the actual password on the command-line/registry/batch file/etc. in-the-clear. I did see another program that can run programs using a different account that can encode the password, but that is a commercial app.
  • Synetech
    Synetech over 10 years
    I had already considered this and used it for a while, however I already explained the shortcomings with it in the question.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to run a program as an administrator at startup on Windows 10?
New SSD, is the MBR broken? DISK BOOT FAILURE
Windows 7 - Cached Network Share Credentials?
Dual Boot - On the same drive as Windows?
Windows not booting in dual boot with Ubuntu 12.04 and Windows 7
ubuntu is not booting, after dual boot installation with windows 7
Installer of 14.04.1 LTS doesn't recognize Windows 7
Windows 7 not loading from Grub, Ubuntu 12.04 dual boot
Ubuntu install option "Install alongside Windows 7" is missing
Dual Boot Ubuntu and Windows 7: BOOTMGR is missing when I tried to boot in Windows