I made a (small) script to run Explorer as Trusted Installer. What the script does: It will delete 'CreateExplorerShellUnelevatedTask' if present (this task is created when you try to "elevate" Explorer). It will rename "RunAs" value to "_RunAs_" under HKEY_CLASSES_ROOT\AppID{CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} registry key (with Nsudo help). This value also prevents Explorer elevation. It will launch an Explorer window as Trusted Installer (with NSudo), and finally sets the registry key back to its default value ("RunAs"). Credits to: @Mouri_Naruto for Nsudo and @abbodi1406 for the Nsudo script part/idea. Warning: USE CAREFULLY, as you will be able to delete protected files and folder. -Script (Note you have to have Nsudo next to the script) : Code: C:\Windows\system32\whoami.exe /USER | find /i "S-1-5-18" 1>nul && ( goto :OK) || ( "%~dp0NSudoLC.exe" -U:T -P:E -Wait -UseCurrentConsole "%~dpnx0"&& exit /b ) :OK Schtasks /query /TN "CreateExplorerShellUnelevatedTask" >nul 2>&1 && Schtasks /delete /TN "CreateExplorerShellUnelevatedTask" /f >nul 2>&1 reg delete "HKCR\AppID\{CDCBCFCA-3CDC-436f-A4E2-0E02075250C2}" /v "RunAs" /f >nul 2>&1 reg add "HKCR\AppID\{CDCBCFCA-3CDC-436f-A4E2-0E02075250C2}" /v "_RunAs_" /t REG_SZ /d "Interactive User" /f >nul 2>&1 c:\Windows\explorer.exe /NOUACCHECK /root, timeout /t 2 /nobreak >nul 2>&1 reg delete "HKCR\AppID\{CDCBCFCA-3CDC-436f-A4E2-0E02075250C2}" /v "_RunAs_" /f >nul 2>&1 reg add "HKCR\AppID\{CDCBCFCA-3CDC-436f-A4E2-0E02075250C2}" /v "RunAs" /t REG_SZ /d "Interactive User" /f >nul 2>&1 exit /b -App: Nsudo and script embedded in .exe (7zsfx) : Extract NSudo and script to temp folder and remove them after command is executed. https://github.com/Thdub/RunExplorerAsTrustedInstaller/releases -AIO: NSudo embedded inside the script itself : Extract NSudo to script folder and remove it after command is executed. https://github.com/Thdub/RunExplorerAsTrustedInstaller/blob/main/RunExplorerAsTI-AIO.bat
BTW, this is better Code: "%~dp0NSudo.exe" -U:T -P:E "%~dpnx0"&exit /b instead Code: "%~dp0NSudo.exe" -U:T -P:E "%~dpnx0" goto :eof
Awesome! It would be nice if we could just get our freedom and run all of Windows 10 with TI permissions. BTW, if, aside from the actual explorer, it allows to launch apps with even greater freedom than NSudo, then can it be integrated into right-click context menu? NSudo, through context menu after (NSudo.exe -install), is NOT as permission-allowing as right-clicking on NSudo.exe, selecting Run as Administrator, and then using NSudo.exe. I can't figure out why and NSudo developer linked me to this thread. I'm, again, trying to figure out why..? I simply wanted NSudo.exe to be as powerful permission-wise through right-click context menu as it is through "right-click & Run as Admin" method. Its also kind of weird because on my system UAC is disabled, so "As Admin" is kind of worthless, yet again. NSudo is weaker through context menu...
lol...that would be way too dangerous for regular (and even more experiended) user... It actually uses NSudo to launch explorer as TI...so any application you will launch through this "explorer shell" will have TI privileges...quite simple, not different in any way to Nsudo... it is because NSudo -install DOESN'T parse the right command to registry...I reported that in Nsudo thread. That's also why I made a simple NSudo installer, wich adds the right commands to commandstore + the ability to install anywhere you like : it will add "install path" to environment variables path (windir is already in environment variable path so no need) you're pretty confuse and confusing
P Pretty much the same as running around a Unix system as root, something you try to avoid. Though there are times where you need that kind of access. Difference is you can simply sudo to root on Unix then exit back, not something readily built into Windows which can be annoying.
With the difference that average linux users usually have more "computer skills" than average windows users...
Code: File : RunExplorerShellAsTrustedInstaller.exe Last Update: v.3 - 01/01/2019 SHA1: BD1C521590019DC28A929290F091F2EAE4D12828 https://s.put.re/iajFk6Ty.exe V.3 note: Now uses NSudoC (launches faster)
Downloaded: RunExplorerShellAsTrustedInstaller.exe but Windows Defender thinks it is a trojan and deletes it. Ideas?
Considering what the tool is able to do, the false-positives are consecutive (when checking virustotal results). Still messing with permissions is a two-edged thing to do.
That's strange because I just downloaded and also scanned and it didn't detect anything (V.3 above with hash BD1C521590019DC28A929290F091F2EAE4D12828)... Definitions are up to dat and file is not in my exclusion list either... Verify the hash before adding to exclusion list, or you can always use the script instead, it's just a bat converted to exe (with NSudo embedded) might be the kill CreateExplorerShellUnelevatedTask part they didn't like. My very first achievment
Grabbed the Windows Updates and downloaded again. Works, did not delete the file. The AV updates seem to have allowed it. Thanks -WS
The script didn't work for me. Whenever I clicked any links, explorer launched a new window in a separate process under my username. Any ideas how to resolve his ? Edit: I should mention that I don't have the folder option "open new explorer window in separate process" enabled"
Did you try script or latest .exe ? Might be dumb answer but for the script it needs NSudo.exe next to it. Otherwise .exe has NSudo embedded (and latest v3 above uses NSudoC which launches faster) That script is no rocket science, it does what is described in OP... If it doesn't work maybe you need bigger timeout, not sure... Anyway you can always use another file explorer (I like XYplorer, but there are plenty of options) Not sure I understand what you're trying to do, that script/exe just opens a new explorer shell as system, then you just browse from there...
My Security program stopped the exe from running so I used the script. And yes I had it next to the NSudo.exe. Permissions wasn't the issue. The script launched the explorer as it meant to do but then I couldn't browse from there. Whenever I clicked any links, from navigation pane or from main explorer window, a new explorer window would come up not as trusted installer but running under my user so so there wasn't much I could with it The Window that script opened remained static.
I think .exe is x64 (don't remember) but you can use the script. Or embed .bat script with NSudo in a 32bit exe: with Winrar or 7zip it is easy enough to make a 32bit SFX exe, or one can use bat to exe converter. The "key" in this simple script is to temporary rename "HKCR\AppID\{CDCBCFCA-3CDC-436f-A4E2-0E02075250C2}" /v "RunAs" before launching explorer This value normally forces explorer to run as standard user. edit: try this, 32 bit version (Win32 SFX module/exe + Win32 NSudo) https://www.upload.ee/files/10791656/Run.Explorer.as.Trusted.Installer.x86.zip.html