# Friday, June 13, 2008

I mentioned in an earlier post that applications with manifests that require Administrator privileges will show up with an overlay icon of the shield on their exe icon in Windows Explorer. Applications with manifests that deny needing Administrator privileges will not get the icon. What about applications without manifests? Well, among other things some Vista heuristics come into play. I found some really old executables (15 year old games) and did a little experiment. Obviously these are manifestless apps. I copied Tetris.exe and renamed the copy Setup.exe. That's all I did. The timestamp is still unchanged. But there's a fairly obvious difference as a result of the rename:

If the file name contains Setup, Patch, or some other magic strings then you will get the overlay and you will be prompted for elevation consent when you run it. (If you're curious, Tetris plays just the same elevated.) Then something fun happens. After you run a file called Setup.exe, if your program files directory is unchanged, your registry is unchanged, your System32 directory is unchanged etc, something is probably wrong. Well, not if you're just playing Tetris, but if the plan was to install something, there's a good chance it didn't install. So Vista says:

If you let it try again, it actually uses Group Policy to store extra information about this application - including whether it needs to elevate or not, should be lied to about Windows version, and other settings you can find on the Compatibility tab of the properties:

Why do you care? You care if Vista has wrongly guessed that an app of yours needs to elevate, and prompts you every time. Understanding these heuristics gets you closer to being able to clear away that overlay icon for your not-administrative-at-all application.


Friday, June 13, 2008 9:45:22 PM (Eastern Daylight Time, UTC-04:00)  #