When started, many programs require permission elevation (shield on the app icon), but actually they don’t need the administrator privileges for their normal operation. For example, you can manually grant permissions for your users on the app folder in the ProgramFiles and/or registry keys used by the program. So when starting such a program under non-admin user account, a UAC prompt will appear and the user will be required to enter an administrator password (if User Account Control is enabled on the computer). To bypass this mechanism, many users simple disable UAC or grant admin privileges to a user by adding a user account to the local group “Administrators”. Of course, both methods are not safe.
Why some Windows apps not run under standard users and require administrator permissions?
An app may need the administrator privileges to modify some files (logs, configs, etc.) in its own folder in the C:\Program Files (x86)\SomeApp. By default, users don’t have edit (write and modify) permissions on this directory. In order this program to work normally, the administrator permissions are required. To solve this problem, you have to manually grant the modify and/or write permission for a user (or the built-in Users group) on the app folder at the NTFS file system level.
How to run a program that requires admin privileges under standard user?
Earlier we described how to disable a UAC prompt for the certain app using RunAsInvoker parameter. However, this method is not flexible enough.
You can also use RunAs with the saved administrator password (in the Windows Credentials Manager) using the /SAVECRED option. It is also insecure because the user can use the saved administrator credentials password to run any program on this computer.
Let’s consider an easier way to force any program to run without administrator privileges (without entering the admin password) and with UAC enabled (Level 4, 3 or 2 of the UAC slider).
Let’s take the Registry Editor as an example — regedit.exe (it is located in the C:\Windows\ folder). Notice the UAC shield next to the app icon. This icon means that elevation of privileges via UAC will be requested to run this program.
If you run regedit.exe, you will see a User Account Control window asking for the administrator credentials (Do you want to allow this app to make changes to your device?). If you do not provide a password and do not confirm elevation, the app won’t start.
Let’s try to bypass the UAC request for this program. Create the text file run-as-non-admin.bat containing the following code on your Desktop:
cmd /min /C "set __COMPAT_LAYER=RUNASINVOKER && start "" %1"
To force the regedit.exe to run without the administrator privileges and to suppress the UAC prompt, simple drag the EXE file you want to start to this BAT file on the desktop.
Then the Registry Editor should start without a UAC prompt and without entering an administrator password. If you open the Task Manager and add the Elevated column, you will see that there is the regedit.exe process without the elevated status (run with non-admin user permissions).
Try to edit any parameter in the HKEY_LOCAL_MACHINE registry hive. As you can see, a user cannot edit the item in this registry key (the user doesn’t have write permissions to the system registry keys). But you can add or edit registry keys and parameters in your user hive — HKEY_CURRENT_USER.
In the same way you can run any app using the BAT file. Just specify the path to the executable file.
run-app-as-non-admin.bat
Set ApplicationPath="C:\Program Files\SomeApp\testapp.exe"
cmd /min /C "set __COMPAT_LAYER=RUNASINVOKER && start "" %ApplicationPath%"
You can also add a context menu that allows to run all apps without elevation. To do it, create the RunAsUser.REG file, copy the following code into it, save and import it into the Windows registry by double clicking on the reg file (you will need administrator permissions to apply this change).
Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\*\shell\forcerunasinvoker] @="Run as user without UAC privilege elevation" [HKEY_CLASSES_ROOT\*\shell\forcerunasinvoker\command] @="cmd /min /C \"set __COMPAT_LAYER=RUNASINVOKER && start \"\" \"%1\"\""
After that, to run any application without the administrator privileges, just select “Run as user without UAC privilege elevation” in the context menu of File Explorer.
How to Bypass UAC with RunAsInvoker in __COMPAT_LAYER?
The environment variable __COMPAT_LAYER allows you to set different compatibility levels for the applications (the Compatibility tab in the properties of an EXE file). Using this variable, you can specify the compatibility settings to be used when starting a program. For example, to start an app in Windows 8 compatibility mode and 640×480 resolution, set the following:
set __COMPAT_LAYER=Win8RTM 640x480
The __COMPAT_LAYER variable has some options we are interested in. There are the following parameters:
- RunAsInvoker – run an app with the privileges of a parent process without the UAC prompt;
- RunAsHighest – run a program with the highest-level permission available to the user (the UAC prompt will appear if a user has the administrator privileges);
- RunAsAdmin – run an app as administrator (the UAC prompt appears each time).
The following CMD code enables the RunAsInvoker mode for the current process and runs the specified program without elevation:
set __COMPAT_LAYER=RUNASINVOKER
start "" "C:\Program Files\MyApp\testapp.exe"
Enable RunAsInvoker Mode in the EXE File Manifest
As we said above, Windows 10 displays a UAC shield icon for programs that require elevation to run. Developers set this requirement when compiling the application in the program manifest .
You can edit the manifest of any exe file and disable the requirement to run the program in elevated mode.
To edit the program manifest, you can use the free Resource Hacker tool. Open the executable file of the app in Resource Hacker.
Autologon.exe tool by Sysinternals, which can be used to automatically log into Windows without a password.In the tree on the left, go to the Manifest section and open the program manifest. Pay attention to the following xml section:
<requestedPrivileges> <requestedExecutionLevel level="requireAdministrator" uiAccess="false"/> </requestedPrivileges>
It is thanks to the requireAdministrator option that Windows always tries to run this program as an administrator.
Change requireAdministrator to asInvoker and the save changes in exe file.
Note that now the UAC shield has disappeared from the program icon, and you can run it without asking for administrator password with the current user permissions.
In this case, you can force the program to use an external manifest file. Create a plain text file appname.exe.manifest (for example, Autologon.exe.manifest) in the directory with the exe file and copy the manifest code from Resource Hacker into it. Change requireAdministrator to asInvoker. Save the manifest file.
To have Windows always try to use the external manifest file when launching exe files, enable a special registry parameter:
REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide" /v PreferExternalManifest /t REG_DWORD /d 1 /f
Restart Windows and make sure the program is using an external manifest file that says to run without administrator privileges.
66 comments
Are you able to help me?
I cannot import the .REG file without having to use an admin Registry Editor, it gives me an error otherwise.
Thanks
Use the bat file to run your application (instead of the reg file that should be imported into the registry).
So you have to drag and drop your application everytime to launch it?
The whole point is to remove the extra step of clicking yes on the UAC prompt, not replace that with a different step of dragging and dropping.
It is still not working
omg this was way more simple than i thought it would be. used it to run a screen recorder! thanks 😀
What if The software you Installed is Requesting to Run as a Administrator What am I supposed to do now?
hey can u tell me on how to download davinci resolve 16/17 with these methods pls
Can you also install an exe with this method and then freely use it without dragging and dropping?
Peter, did you ever figure out how to get this working?
they never respond lmfao and i wont too
Thanks! This article helped me in more ways than you can imagine!
Doesn’t work, it still prompts for admin credentials
It doesn’t work for all .exe or all setup.exe files.
.bat files say this app can’t run on your pc for me
Different problem, maybe a 32bits program running on 64bits computer or reverse, or maybe you need the compatibility mode (try the troubleshooter)
Doesn’t work. Still requires root password for a given .EXE
Idiot, it doesn’t work for all .exe or all setup.exe files.
No need for insults ya smelly fish man. Perhaps you could elaborate as to why it doesn’t work for some while it works for others? Or maybe just don’t comment at all.
It’s great to get rid of the UAC prompt for specific programs but I still need a way to allow Windows 10 users who only have standard rights to run some legacy applications that require administrative rights to use the program.
You may be able to do what you need using the Task Scheduler method. Look it up, as it will allow you to run a program with elevated privileges.
Same as me. Scheduler doesn’t work anymore. Now I use the tool Runasrob to run an application as administrator with standard user rights.
Where in the registry do you import the REG file? Help pls
HKEY_CURRENT_USER
Ok, so in “HKEY_CURRENT_USER”: in which specific folder do we need to import the REG file?
In any case, the system blocks the operation by sending me “Imbossible to import… Error during the access to system registry”. So what can I do?
I have the same problem
Hello, Thanks a lot, this is really helpful and amazing for me.
Also, I would like to know after I installed the program but I can’t uninstall or delete some programs that have require permission (shield on the app icon).
Could you please share the method to uninstall without Admin Privileges and to Bypass UAC Prompt, please?
Thanks again.
I think it is impossible. You cannot uninstall a correctly registered program without admin permissions.
But you can try the following:
1) Find the name of toyr app name in the reg key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall (just browse through each sub key)
2) Locate the GUID of your application: for example {0000000-1111-2222-3333-4444444444444}
3) Create a bat file uninstallapp.bat with the code: msiexec.exe /x {0000000-1111-2222-3333-4444444444444}
4) Run the uninstallapp.bat file with bypass UAC according with this article
works very well, thanks ….. apart from a dll error that I am getting during the installation process
it says error: access to path denied C:\\WINDOWS\METASETUP.dll is denied
any suggestions please ?
The installer really needs elevated permissions to access this file. You can change the NTFS permissions for the file under admin account using the ICACLS tool or via File Explorer. Grant Read/Write permissions for your non-admin user.
not working still askin for yes no prompt for uac
Im Not Sharing My Real Name but i will say its good
Are you Geronimo ?
nope he is g4y
Big brain man here.
Where in the registry do you import the REG file? Help pls
HKEY_CURRENT_USER
right click the reg file, run as admin
worked perfect thanks a lot
Hello.
I want to activate “Direct Play”.
I manage to access “OptionalFeatures.exe” with the first and 2nd method, but a message is displayed: “an error has occurred. Some functionality has not been modified correctly”.
And with the 3rd method, a message appears: “Unable to import … registry access error”.
Can you help me please?
This program does not have a program associated with it for performing this actions, i cannot run without admin rights nor use recovery media and installation disk. WELP!
…and when going to user accounts said im an admin, confused and dead someone got any solutions!
Not the good type of admin maybe… This happened to me once, I activated default admin account (google it pls I can’t now)
I need some help with this.
I need to run this app as an administrator.
Any way to fix it?
How to make admin regedit shortcut win 10?
Hello, got the Run as admin.bat file and I copied the code, but when I drag it on top of the System Config App, it still asks for the admin password. I think it might be because the .bat file is actually a text document. Could someone please help me with this? I am trying to get into the System Config so I can disable my Microsoft Family restrictions.
go to the files app and at the top select view and then in the top right will be 3 check boxes, u want to click “File Name Extensions” , now rename it to a .bat and it will change
Bruh the bat file isnt even working it doesnt show gear as it icon its still showing a text icon what to do please help im so close ;(
Okay fixed it but here my new question now what do we save the bat file as and how do we use it to open the uac application, do we have to find the applications exe and use the bat file on the exe to open it?
Should we save as a txt or to all files?
Save it to all files and in the name you have to put .bat
Helpful? If not let me know
I cant find registry editor’s exe, sorry for so many comments im not much of a computer expert :/
Ok most of my probelms have been sovled now my last question is: after putting in the code in the text document do we have to save it as run as non admin,bat afterwards then do we save it to all files instead of txt? bc its still not working idk why rlly
I did all of the steps but its still not working what do you guys think the problem is
so it still making me enter in admin information. is there something that i may have done wrong or a way around this
I have a custom uninstaller that is registered in current user Uninstall. From what I observed so far, uninstallers registered like this are always launched as admin.
I want my uninstaller to be launched as the current user because it needs to remove some current user registry keys. And if the uninstaller is run as another user (who is admin), then it will try to delete from the wrong current user keys.
I noticed that in the Uninstall key I can specify as a value the uninstall string which currently is simply the path to my custom uninstaller.
Work fine for me, not for all but its work for some
Please Give Me Video I Can Follow By That.
None of these Methods Work for CurseForge 🙁
hey im trying to install bittorrent without admin password but as soon as i run it with the batch file it just shows the place where im supposed to put the admin password, what should i do??
I’m trynna get blender on my school computer but everything I try doesn’t work. It keeps saying this app has been blocked by the admin. I’m going to keep trying but pls, can anybody help? If so I would appreciate it so much.
Hi, thank you for the instructions! I’m just curious — after dragging the .exe to the .bat file (which worked great!), where is the command saved in the .exe file? I don’t see it in the .exe properties like I expected, in the “target” command. Is it inserting the elevated permission in the registry key for the .exe app? Also, can I then delete the .bat file from the desktop and the .exe will continue to run with elevated permissions?
Thank you so much for this!!!!!!!!!!!!!!!
it works 100% even on domain controlled workstation.
I’ve been googling this for years.
This webpage is really interesting: NONE of the suggestions ever works! It’s pathetic!
it doesnt work, blocked by admin lol.
hi can you help me pls , i have a pc and i am not admin ,the pc belongs to me , i found it and buy it on ebay …The problem is that when i want to do anything like opening cmd as admin it asks me a fingerprint but i hav no fingerprint associated, i also have no yes button but just a no button.
Hi, how to force a process to open with UAC virtualization enabled?