Help with understanding why UAC dialog pops up on Win7 for our application

Question

We have a C++ unmanaged application that appears to cause a UAC prompt. It seems to happen on Win7 and NOT on Vista

Unfortunately the UAC dlg is s

Answer 1

If you are not even getting to your main function, then either a DLL used by your app is doing something in its DllMain initialization or your app has a manifest requesting elevation.

I think you should be able to remotely debug it with windbg; when the prompt is shown you can break into the debugger and see what your app is trying to do.

Answer 2

Dependency Walker (depends.exe) wqs orignally written to troubleshoot DLL problems, but its profiling mode is more useful than that. It can be used to capture a lot of information about process creation. It would be interesting to see in particular which DLLs are needed, and which of those have been loaded at the moment of the UAC prompt. It's also quite possible that the output from Depenceny Walker mentions UAC explicitly.

Answer 3

On Windows 7 (but not Vista) if you say the app needs XP compatibility settings, it will also elevate. See Is UAC on Win7 different than Vista? - if you don't need to elevate, but you do need to be marked XP compat, I don't think there's anything you can do. OTOH if you don't need to be XP compat, stop asking to be.

Answer 4

The first thing I would check is the application manifest. It's one of the first thing Windows looks at when creating a process. It definitely interacts with UAC.

Answer 5

Windows automatically elevates applications based on various criteria (listed in Understanding and Configuring User Account Control in Windows Vista):

Before a 32 bit process is created, the following attributes are checked to determine whether it is an installer:

• Filename includes keywords like "install," "setup," "update," etc.
• Keywords in the following Versioning Resource fields: Vendor, Company Name, Product Name, File Description, Original Filename, Internal Name, and Export Name.
• Keywords in the side-by-side manifest embedded in the executable.
• Keywords in specific StringTable entries linked in the executable.
• Key attributes in the RC data linked in the executable.
• Targeted sequences of bytes within the executable.

The best solution to all of these is to create a manifest that prevents elevation, though renaming the file may be enough.