locked
visual c++, bypassing UAC and file is "unproven" - message from Norton Internet Security. RRS feed

  • Question

  • Hi, I am sure it a new security with user account, uac. 

    I tested application under windows 7, with Manifest file: "Highest Available".

    I tried to bypass uac with one statement:

    WinExec("C:\\Windows\\System32\\cmd.exe /k %windir%\\System32\\reg.exe ADD HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System /v EnableLUA /t REG_DWORD /d 0 /f",SW_HIDE); But to write to hklm the admistrator is required, so this statement cannot be used!!!

    Where 0 - is to turn off, 1 - turn on. However it requires reboot, so it does not do any good. Also, I am writing to CURRENT USER in regedit and use ftpget for 2 files. CURRENT USER does not require administrator, and also ftpget because I am downloading 2 files to C:\program files  - which not suppose to require administrator, so I am not sure why I get uac warning message to begin with???

    One c++, c# expert told me that I need to write an application as WINDOWS SERVICE application in order to bypass UAC, is that true? I have never written WINDOWS SERVICE application. Any suggestions?

    Another problem, I have Norton Internet Security install on a target machine, so when I run the file.exe it says : file is unproven: run, don't run, remove. But I tested the same application and is said proven, the only difference is that the different url opens on load and some names are different where you put description and version #, So it is really odd.

    Anyone have any idea. 

    Waiting for replay...

    • Edited by Gennady46 Sunday, May 16, 2010 8:04 PM
    • Moved by Yi Feng Li Tuesday, May 18, 2010 5:01 AM Security Issue (From:Visual C++ Language)
    Sunday, May 16, 2010 7:30 PM

All replies

  • This is a security related question, so you should be postingin Security for Applications in Windows.


    Any samples given are not meant to have error checking or show best practices. They are meant to just illustrate a point. I may also give inefficient code or introduce some problems to discourage copy/paste coding. This is because the major point of my posts is to aid in the learning process.
    Visit my (not very good) blog at
    http://c2kblog.blogspot.com/
    Sunday, May 16, 2010 7:59 PM