Running Secunia PSI as non-admin

Your machine was compromised (again!) by malware you caught up somewhere on the web. Sick and tired of it you went looking for a solution and after reading my religious Non-Admin HOWTO you decided to bite the bullet and downgrade yourself to the Users group. To keep all your applications up-to-date you installed Secunia PSI, which seems to work fine, but unfortunately it only runs with admin privileges:

The Secunia PSI can only be run by an Administrator. Please log in with Administrative privileges and try running the application again.

You seem to have to choices, both of which suck:

  • Be admin and run the PSI. You system is ready to be screwed but you do know about vulnerable 3rd party apps
  • Be non-admin, and don’t run the PSI. You are saver but you don’t know about vulnerable 3rd party apps. PSI only starts with admin privs so you log in with your admin account once a week and do a scan.

Secunia says it is designed this way so though luck for you. Damn!

However, using RUNAS there is a middle-of-the-road way to have the best of both worlds:

Edit your Secunia startup shortcut C:\Documents and Settings\Joe Average\Start Menu\Programs\Startup\Secunia PSI and change the target to:

runas /user:administrator /env /savecred "C:\Program Files\Secunia\PSI\psi.exe --start-in-tray"

(While you’re at it, consider moving the shortcut to the All Users settings)

Now you can be non-admin and run PSI 🙂

Leave a comment

Your email address will not be published. Required fields are marked *