disable parts of uac

Discussion in 'Windows Vista Security' started by sanderl, Jun 14, 2008.

  1. sanderl

    sanderl Guest

    Is it plausible to disable parts of UAC?
    this because I hate the parts
    -blocked startupprograms (in dutch geblokkeerde opstartprogramma's)
    -'are you sure you want to proceed'-messages (weet u zeker dat u hiermee
    door wilt gaan)
    , but the other parts are very usefull.

    so is it plausible to disable these parts?

    the only thing I know is how to disable the whole UAC.
     
    sanderl, Jun 14, 2008
    #1
    1. Advertisements

  2. sanderl

    Charlie42 Guest

    Charlie42, Jun 14, 2008
    #2
    1. Advertisements

  3. sanderl

    Nonny Guest

    You can set it so that you don't get the constant questions/messages

    Google "TweakUAC.exe".

    Download it and run it (one time run does it).
     
    Nonny, Jun 14, 2008
    #3
  4. Silent mode will still block some programs at startup. However, usin
    TweakUAC and putting it in silent mode is definitely preferred t
    disabling UAC altogether
     
    CarolinaFaithful, Jun 15, 2008
    #4
  5. sanderl

    Nonny Guest

    I found that a couple of my oft-used programs got screwed up while
    using UAC in silent mode... dumped UAC completely and won't go back.
     
    Nonny, Jun 15, 2008
    #5
  6. sanderl

    Wil Guest

    Silent mode is worse then disabling UAC all together because it gives
    you a false sense of security. All an application has to do is have a
    manifest that says grant full rights and it has admin rights to your
    system.

    If you need your application to run as admin on startup you should
    code it (or bug the coder who coded it wrong) so the admin components
    run as a service.
     
    Wil, Jun 15, 2008
    #6
  7. sanderl

    Gerald309 Guest

    You may want to consider this article information (below) before
    'hacking' the Windows system .... a Windows Vista empowered computer
    is too pretty to "deface":

    Techworld.com - Vista's UAC spots rootkits, tests find
    http://www.techworld.com/security/news/index.cfm?newsid=101583

    Do you know what a rootkit is ? (Certainly one of the most dangerous
    malware threats aside from a 'blended threat' attack). Do you know
    what notifications you are turning off ? Are they malware alerts you
    should attend for a stable and secure system ?

    An easy way to wade through this is simply if you have ever had a
    personal firewall installed that is quality and a tad "agressive" and
    you get the several alerts. You go through them one by one and off to
    the search engine to see if the process is part of Windows or trusted
    software to give permission to.

    What you may turn off with some hacker tweak is an actual alert to
    malware much as the same as turning off firewall protection to a port
    malware is communicating through - or allowing malware by clicking
    "OK" to allow it internet access and defeating the purpose of the
    security software (antivirus, antispyware, firewall).

    I would investigate with extreme prejudice before proceeding as you
    ask or are answered in today's crimeware enviroment.

    MORE:
    Is Limited User Account enough? Not really...
    http://www.prevx.com/blog/83/Is-Limited-User-Account-enough-Not-
    really.html
     
    Gerald309, Jun 15, 2008
    #7
  8. Thank you Wil and Gerald309, for correcting me. The Techworld.com
    article finally convinced me to re-enable my UAC. What I thought was
    "an annoyance" before, could really help prevent a catastrophe later on.
     
    CarolinaFaithful, Jun 15, 2008
    #8
  9. sanderl

    Nonny Guest

    Setup a disciplined backup program and you won't have to worry about
    it.

    I could get the most biblical virus infestation and be back up and
    running in an hour without even having to run a virus scanner.

    I do daily full backups using Acronis True Image, and I backup my data
    every two hours using Second Copy.
     
    Nonny, Jun 15, 2008
    #9
  10. Let's try this on for a more intelligent answer than my gerald309
    other account / no spam - since it was inspired here::

    Warning: Why you should not use a ‘tweaking UAC’ software utility
    June 15, 2008 by bluecollarpc
    Warning: Why you should not use a ‘tweaking UAC’ software utility

    Silent Mode tweak….

    Simple. Number one the software utility is not a Microsoft Windows
    product which is what these “hacker” utilities will be making changes
    to - YOUR Windows Operating System. Just because they can create
    software (anyone can) does not mean it is safe and secure and will not
    corrupt Windows in some manner (and How to undo changes to the
    Registry ?)

    The bottom line is some programmer runs out and buys the Vista manual
    from Microsoft and finds some hidden setting or creates one (just like
    with XP for years) and runs out and opens their “donateware” on some
    free blog which is illegal or even at Yahoo Groups or Microsoft News
    Rooms which is also illegal - see the Federal Trade Commission, these
    areas are not legally commercial - to get hopefully rich at any
    expense of the Users with the all too familiar “As IS”…. (happens
    everyday of the week in the ‘XP Years’ and is migrating to Vista, but
    seems the majority of these type products do a fair and safe
    operation, to be fair - but this type utility is circumventing Vista
    security which you do not want to do and is why anti-malware products
    like antivirus and antispyware have been manufactured to prevent
    malicious malware applications from doing that)…..

    Consider the following rather then these type hacker “tweaks” ….

    You may want to consider this article information (below) before
    ‘hacking’ the Windows system …. a Windows Vista empowered computer
    is too pretty to “deface”:

    Techworld.com - Vista’s UAC spots rootkits, tests find
    http://www.techworld.com/security/news/index.cfm?newsid=101583

    Do you know what a rootkit is ? (Certainly one of the most dangerous
    malware threats aside from a ‘blended threat’ attack). Do you know
    what notifications you are turning off ? Are they malware alerts you
    should attend for a stable and secure system ?

    An easy way to wade through this is simply if you have ever had a
    personal firewall installed that is quality and a tad “aggressive” and
    you get the several alerts. You go through them one by one and off to
    the search engine to see if the process is part of Windows or trusted
    software to give permission to.

    What you may turn off with some hacker tweak is an actual alert to
    malware much as the same as turning off firewall protection to a port
    malware is communicating through - or allowing malware by clicking
    “OK” to allow it internet access and defeating the purpose of the
    security software (antivirus, antispyware, firewall).

    I would investigate with extreme prejudice before proceeding in
    changes not recommended in today’s crimeware environment - see the
    following:

    MORE:
    Is Limited User Account enough? Not really…
    http://www.prevx.com/blog/83/Is-Limited-User-Account-enough-Not-really.html


    BCPCGroup ~ The BlueCollarPC.Net Website Security Group
    ———————————————————–
    MEMBERS AREA:
    http://www.bluecollarpc.net/joingroup.html
    Mail domain bluecollarpc.net
    Live List Owner:
    Service List Owner:
    Post to Group (Members Only):
    Help address
    Subscription address:
    Unsubscription address:
    #Sender Policy Framework (SPF, http://spf.pobox.com) Protected
    #ALL Posts Moderated and List Protected with Antivirus Service.
    Some List Features enabled:
    *Guard archive (message digests). Archive access requests from
    unrecognized SENDERs will be rejected.
    *Subscription requires confirmation by reply to a message sent to the
    subscription address.
    *Unsubscribe requires confirmation by a reply to a message sent to the
    subscription

    Posted in BCPCNet WebLog
     
    Gerald309BCPCNet, Jun 15, 2008
    #10
  11. sanderl

    SG Guest


    Glad to see you re-enabled it and you won't be sorry.

    Read over this write-up by MS-MVP Ronnie Vernon. The only fault I see in it
    is I didn't write it :>)

    QUOTE:
    It it only annoying until you run into something unexpected. Right after
    Vista was first released, we went through all of the debates about users
    getting to the point where clicking on the prompt became an 'automatic'
    response.

    One user told us about a utility that he downloaded and installed and he got
    the expected 'security warning' about the file not having a digital
    signature. He clicked to run the file anyway and the utility installed. He
    then got a message to 'click here' to configure your personal settings. He
    then received this prompt.

    http://i196.photobucket.com/albums/aa86/rvmv/UACPrompt2.jpg

    Without UAC, he never would have been aware of the second file being
    installed, since he had already permitted the program to run. Needless to
    say, he decided that he would leave UAC on.

    Only in specific instances, such as an installation file that does not have
    a digital signature attached. The security warning does nothing to protect
    against 'drive-by' downloads that run automatically. Most of the smaller
    software developers will not bother with a digital signature, simply because
    it is time consuming and expensive for them.
    It's not about you deciding to run a program, it's about 'isolation', it's
    about 'integrity levels', it's about what background actions the program
    will take when you do run it. Have you ever wondered why an application,
    that does nothing more than make images look better, needs full and
    unrestricted access to every part of your computer?
    This is the whole point of UAC. The only way that a malicious program can be
    installed is if the user gets complacent and stops paying attention to what
    they are doing.

    When Vista is first installed, a user will typically see a ton of UAC
    prompts as they install all of their software programs and utilities, but
    these will gradually become more rare. Windows has to overcome almost twenty
    years of being a 'push button' operating system before it will attain any
    semblance of a 'secure' operating system. The education of users as well as
    developers will take some time. UAC and other security 'hardening'
    procedures are not going to 'go away'.

    When the majority of developers see the benefits, and start following the
    Microsoft developer guidelines for coding their programs and applications to
    run in a 'least user privilege' environment, UAC will become a prompt that
    is rarely seen. The vast majority of windows software should not even need
    to initiate a UAC prompt.

    Take a few minutes to read the following article. It will give you a better
    understanding, and show you the underlying reasons and goals of UAC.

    The Long-Term Impact of User Account Control:
    http://technet.microsoft.com/en-us/magazine/cc137811.aspx


    --

    Ronnie Vernon
    Microsoft MVP
    Windows Desktop Experience


    END QUOTE:

    --
    All the best,
    SG

    Is your computer system ready for Vista?
    https://winqual.microsoft.com/hcl/
    Want to keep up with the latest news from MS?
    http://news.google.com/nwshp?tab=wn&ned=us&topic=t
    Just type in Microsoft
     
    SG, Jun 17, 2008
    #12
  12. sanderl

    Robinb Guest

    tweakUAC is good and bad
    the bad is if you have it off some programs will not install corrrectly. I
    found that out the hard way
    If you are installing a new program you need to remember to put it back on
    robin
     
    Robinb, Jun 17, 2008
    #13
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.