Can Genshin Impact be run as non-administrator on Windows 10?
Solution 1:
Is there a way to allow it be run without administrator privileges?
Without breaking any of miHoYo's ToS, and risking your account being permanently banned, the answer is no.
However, if you still want to know how to do it while breaking their ToS, read on.
There is a way of doing this and which involves modifying game files. It is assumed that you have decent knowledge of reverse engineering and are comfortable with Assembly instructions.
The goal is to disable the checks for whether mhyprot2.sys
has started properly. This is the process for their kernel-level anti cheat. It is automatically started with the game, after you click the "Launch" button on the Launcher.
If you open GenshinImpact.exe
found in C:\Program Files\Genshin Impact\Genshin Impact Game
in IDA Pro, you'll find that the import segment has been destroyed, and that the debug symbol list is missing. This is miHoYo's first barrier to reversing - destroying the list of imports so you will have to rebuild it from scratch. As for the debug symbols, you'll need Genshin's source code for that so don't bother.
The next thing you'll notice are the chunks of code that look like data instead of assembly. They look like this:
These are the anti-debugging defense miHoYo has included in the binary, by protecting it against static analysis. By tracing the function call, we can find the chunk with the obfuscator. Since we have neither the debug symbols nor imports, we'll need to reconstruct the imports segment for a start.
For this, we need Scylla to dump the process while Genshin is running. I would suggest you do a fresh installation of Genshin on a new computer for this, as your login data is still saved on the login screen and hooking a process dumper to Genshin might constitute as 'cheating' and get your account banned. Do a binary search for the registry strings in IDA, then put the hexadecimal address into Scylla, which should return a partial imports segment. Open this modified GenshinImpact.exe
back in IDA Pro, and then turn on the debugger and hunt for the missing segments by taking a memory snapshot of the process.
Now you just have to find the start function at the subroutine where mhyprot2.sys
is called, and set it to always True. If you don't know how to set to always True, read AMD64 Architecture Programmer’s Manual on Procedure Calls and Procedure Stacks.
Finally, we can disable the access privilege check which is usually found in the CS Register. Save the .exe
and run it and you should be able to run as any user without the anti-cheat now. Since there is no integrity requirement before you can login to your account (there is a check, but it does not prevent you from logging in), you should have no problems playing the game.
Disclaimer: I take no responsibility if your account gets banned.
Also, miHoYo can patch this easily so it might not work by next patch.
Solution 2:
my problem was how to run Genshin Impact in my daugter's profile (User) even when it needs Admin priviledges. I was searching several forums where people were asking for the same problem solution. There was answers with some cheating or tricks that can lead to BAN. So this is not the right way. Finally I have found solution. I have used "RunAsRob" utility that allows to store crypted admin password for one specific exe program. RunasRob is only free for private use. https://robotronic.de/runasroben.html free personal download is at the bottom: https://robotronic.de/runasrob/runasroben.zip
Download it and unzip to some folder accesible by Everyone (read and run priviledges are enough + ability to see content of the folder). (sorry I have Windows in Czech language so I'm not sure about exact English terminology) Then run "RunAsRob.exe" - and fill in:
- Path ... X:(programfolder)\Genshin Impact\launcher.exe
- leave localhost
- username ... (admin username)
- password ... (admin password) (this will be binary encrypted)
- crypt file ... where encrypted file *.xus will be stored (this file should be runable via RunAsRob)
- logon as ... another user
- program window ... visible
- other settings .. I have both enabled
Then "Save crypt file". Double click on saved *.xus file should run the game (without asking password). In case Windows are not recognizing XUS file extension, select path to your locally stored RunAsRob.exe and save it.
Last it is good idea to create shortcut to this XUS file. Name it simply "Genshin Impact". Then right click on it -> Properties -> Change icon and find path to the original installed launcher (X:(programfolder)\Genshin Impact\launcher.exe). Use its icon. Copy this shortcut to your child Desktop (or elsewhere) - it is possible to run the game now as user withow sharing your admin password. It is running as admin without cheating.
Solution 3:
I think this is probably due to the anti-cheat software being used in the game. It is the same system used in League of Legends.
It taps directly into your machine and as such needs administrator access to do its job. The nub of it seems to be that cheaters use kernal level cheats, so the anti-cheat needs to be on the same level to catch them.
an abundance of cheats currently run at a higher privilege level than our anti-cheat does
There is a blog post with more details.
https://www.pcgamer.com/uk/genshin-impacts-kernel-level-anti-cheat-no-longer-runs-after-you-close-the-game/.
Technical explanation: https://na.leagueoflegends.com/en-us/news/dev/dev-null-anti-cheat-kernel-driver/