background
When writing a program, you can set UAC in the linker in vs:
But in fact, there is another way to add UAC icon, only need to modify the properties of the file.
Process reference
Reposted from: https://www.zhihu.com/question/27895048/answer/38533509
Windows Vista Application Development Requirements for User Account Control (UAC) will apply installer detection if it is an installer. I turned out the Interstellar CD at the bottom of my home and tried it. As expected, the UAC icon was added to INSTALL.exe.
But we all know that when Starcraft was released, it was still in the Windows 98 era. Not to mention UAC, even the NT kernel system has not yet entered the home market. So the system must have checked the content of the exe and judged that it belongs to the UAC icon added by the installer.
How exactly is it detected? The installer detection in the above link has the following expressions.
Before a 32-bit process is created, the system will check its following attributes to determine if it is an installer.
- Does the file name contain keywords: "install", "setup", "update"
- Does the Versioning field of the resource area of the exe contain keywords?
- Does the SXS list contain keywords
- Does the StringTable contain keywords? 5. Does the attribute field in the resource contain keywords? 6. The exe contains a characteristic byte stream, which may generate instructions for high-privilege operations.
After knowing the principle, we try to remove the UAC icon of INSTALL.exe.
1. First change it to test.exe. In this way, the first one is invalid.
The result is not very satisfactory, and UAC rights escalation is still needed.
2, Let's take a look at what is included in Versioning. Right-click test.exe, select properties, detail page.
(Please ignore the Japanese system...) You can see that there are still many install keywords here, let's remove them all.
Next we will use exeScope, which is a convenient tool to modify exe attributes.
The interface is like this after opening.
We delete all the information including install.
After saving, the UAC icon disappeared from test.exe!
Double click and the program will start without UAC prompt!
So the conclusion is that the old program, especially the installation package, will also be marked with UAC. One of the reasons is: Windows will automatically detect whether the exe is an installation package through some standard logic, and if it is, it will automatically require the use of UAC to increase the privilege.