Microsoft

How to Check Which Processes Are Running With Administrator Privileges on Windows

It’s easy to always run an app with administrative rights, so here’s how to track down which unused apps on your Windows PC still have them.

You may sometimes need to use the Run as Administrator option when launching apps and tools in Windows. But it isn’t immediately obvious how you can check which processes are being run with administrator privileges in the future.

Here’s how to customize the Task Manager to display the administrator status of all of your apps and processes.


What Does “Run as Administrator” Mean?

Windows features two types of accounts: standard and administrator. A standard account doesn’t have permission to access and make changes to certain system-level settings. An administrator account does. If you are using Windows on a home computer, rather than in a workplace, you probably use an administrator account.

This doesn’t mean that every app and process runs with administrator-level privileges. But it does mean that you have the option to override the standard privileges an app has, granting it administrator access.

When you run a piece of software as an administrator, you are basically telling Windows that you trust the software to access these system-level settings, and potentially make changes to them. This is also known as granting elevated privileges.

The thing is, it’s not a great idea to leave apps that you never use anymore running with administrator privileges. If the app decides to change something or gets compromised by criminals in the future, those privileges may end up doing more harm than good.

Our in-depth guide to granting elevated permissions in Windows explains more about administrator privileges and UAC Virtualization.

How to Check Which Processes Have Elevated Access

The information about which apps and processes are using elevated permissions is included in the Task Manager. You just need to know how to reveal it, as it is normally hidden from view.

  1. Open Task Manager by pressing Ctrl+Alt+Delete and selecting it from the menu that appears.
  2. Task Manager opens, by default, with the Processes tab selected. Click the Details tab to change views.
  3. The Details tab also shows your processes, but with a different set of information columns.
  4. Right-click in the row that contains the column names such as PID, Status, and Username. You should see a menu with options for to Hide column and Select columns. Choose Select columns.
  5. In the new pane that opens, scroll down until you see Elevated. Select it and click Ok.


The new column that was added shows if each individual process is running as administrator, with elevated permissions.

How to Check if Processes Have UAC Virtualization Enabled

You can also use Task Manager to check if processes have UAC Virtualization enabled. You have probably seen the User Account Control prompts that pop up and ask if you want to allow an app to make changes to your device. This is how UAC Virtualization is enabled.

UAC Virtualization is similar to administrator privileges, but also different. It is used by Windows to give additional permissions to legacy apps and processes. If you want to check which apps or processes are currently using UAC Virtualization, here’s how.

  1. Open Task Manager by pressing the keyboard shortcut Ctrl+Alt+Delete.
  2. Select the Details tab, and then right-click in the row showing column headings.
  3. Choose Select columns and then check the box next to UAC Virtualization.

In the new column that is added to Details, you will see Enabled, Disabled, or Not allowed. This third status means that the process is running as administrator.

If you want to learn how to do more with this useful Windows tool, here are some Task Manager tricks you might not know.

Checking Which Processes Are Running as Administrator, Made Easy

You sometimes need to run an app with administrator privileges, and as long as you trust the software it shouldn’t be a problem. But it is also a good idea to only use this feature when necessary, rather than constantly. Being able to see which apps and processes are being run as administrator allows you to maintain system security.

Source link

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button