win7 UAC 可以注册表关掉的！

用注册表关掉的前提首先是得得到UAC的允许呀

变成鸡和蛋的问题了

win7 低权限进程无法查找到高权限进程的窗口，高进程权限的进程可以查找到低权限进程的窗口，你直接用findwindow肯定不行的。而uac的窗口正好属于高全权限进程的窗口！

谢谢，了解了，看来想绕过UAC不是个简单的事情。网上找了几个办法，在我的WIN7 64位 Service Pack 1上都不好用

Only one windows station is permitted to interact with the user at the console; this is called Winsta0. Under Winsta0 there are three desktops loaded: Winlogon (the logon screen), Default (the user desktop) and Disconnect.  All three of these have separate logical displays, which is why your main desktop disappears if you lock the workstation.  When you lock the workstation, the display switches from Default to Winlogon and there is no user interaction between the two.  In Windows Vista this is even a bit more extreme.  When you get a UAC prompt for instance, it takes a screenshot of your Default desktop and then displays it dimmed out behind the UAC window in the foreground.  The UAC window is part of the Secure Desktop (new for Vista and similar to the logon desktop) and will not allow you to interact with the Default desktop until you provide input.

http://blogs.technet.com/b/askperf/archive/2007/07/24/sessions-desktops-and-windows-stations.aspx

绕过uac已经有公开的方法了啊，为啥会不好用呢？这个和win7 是32位还是64位， 是sp0 还是sp1 无关的。

UAC 是创建了一个新的桌面环境，对于你的程序是不可见的

真的有吗，给个链接参考下吧

劫持cryptbase.dll就行了
但是 你劫持这个得考虑主动防御软件～
鱼和熊掌不能兼得啊~

收到，多谢多谢，着手研究下

UAC弹窗貌似是在另一个session里面,这个搞定不容易啊

teamviewer远程软件可以看到这个UAC 的密码提示

... 直接bypass UAC不就结了   你想模拟鼠标点击关闭之呀?