New
#11
Well, I just tested it to be sure (you could have tested it yourself before positing it as a solution I guess but never mind).
It would have been cute but it doesn't actually work - it works on an administrator account and not on a standard account.
So, no - there is no getting around Windows security that way. As per MS security you can't run elevated process under a standard account at startup and this method is no different.
Even hacky things like this fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking require a Admin account to work.