How to run a program on startup with admin access from registry, before user logs on

0

I'm working on a tool that can change the password for an account without having to log in (account recovery). My thought was to put a key that runs a batch file in HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce. The batch file would contain net user password. This would all be set up via a WinPE drive (A bootable Windows installation enviornment with access to the registry. However, the RunServicesOnce is not in my registry. In HKLM\Software\Microsoft there is no CurrentVersion path. It needs to work on 64 and 32 bit machines (Windows 10). What is the path to these keys?

I also assumed that putting it in the RunServicesOnce would make it run one time then never again, but from what I've read online it will run every time the computer starts. How is this different than the RunServices entry?

Mark Deven

Posted 2019-07-02T12:40:54.490

Reputation: 1 101

Answers

0

Some inaccuracies in your post:

  • The registry keys are common for both 64 and 32 bit Windows

  • In HKLM\Software\Microsoft there is no CurrentVersion sub-key, since it is in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion

  • The difference between the Once and non-Once keys is that the programs in the Once keys execute before all non-Once programs. Once is a bad name, it should really have been named First or Before.

harrymc

Posted 2019-07-02T12:40:54.490

Reputation: 306 093

I was able to find the path you referred to, however there is still no RunServiceOnce in there. There is RunOnce but those run after log on. – Mark Deven – 2019-07-02T18:34:49.060

A lot of the documentation about those keys dates from Windows versions preceding Windows NT. I also scanned all my registry hives and didn't find any keys named RunServicesOnce or RunServices. I would guess that they are deprecated in later versions of Windows, so I wouldn't count on them being used if you created them. – harrymc – 2019-07-02T19:25:04.143

At least in regards to runonce, the items In there are run only once. A non-error return code tells windows to remove the item and it will disappear from the registry. – Appleoddity – 2019-07-03T01:31:16.927

@Appleoddity: More complete from Microsoft: "By default, the value of a RunOnce key is deleted before the command line is run. You can prefix a RunOnce value name with an exclamation point (!) to defer deletion of the value until after the command runs. Without the exclamation point prefix, if the RunOnce operation fails the associated program will not be asked to run the next time you start the computer." – harrymc – 2019-07-03T17:40:46.280

So is there no way to run a program on the startup before login? That seems rather silly. – Mark Deven – 2019-07-04T12:55:32.343

You can schedule it.

– harrymc – 2019-07-04T13:29:29.513

Is it possible to schedule from a winpe enviornment? Task Scheduler does use the registry for all of it's data, so it must be somewhere... – Mark Deven – 2019-07-10T11:01:52.390

Asked: 2019-07-02T12:40:54.490

Viewed: 321 times

Active: 2019-07-02T13:06:34.887