Guest sanderl Posted June 14, 2008 Posted June 14, 2008 Is it plausible to disable parts of UAC? this because I hate the parts -blocked startupprograms (in dutch geblokkeerde opstartprogramma's) -'are you sure you want to proceed'-messages (weet u zeker dat u hiermee door wilt gaan) , but the other parts are very usefull. so is it plausible to disable these parts? the only thing I know is how to disable the whole UAC. Quote
Guest Charlie42 Posted June 14, 2008 Posted June 14, 2008 "sanderl" <sanderl@discussions.microsoft.com> wrote: <span style="color:blue"> > Is it plausible to disable parts of UAC?</span> Sorry, but no. Read more in this article, first chapter: http://www.microsoft.com/downloads/details...&DisplayLang=en Charlie42 Quote
Guest Nonny Posted June 14, 2008 Posted June 14, 2008 On Sat, 14 Jun 2008 06:43:00 -0700, sanderl <sanderl@discussions.microsoft.com> wrote: <span style="color:blue"> >Is it plausible to disable parts of UAC?</span> You can set it so that you don't get the constant questions/messages Google "TweakUAC.exe". Download it and run it (one time run does it). <span style="color:blue"> >this because I hate the parts >-blocked startupprograms (in dutch geblokkeerde opstartprogramma's) >-'are you sure you want to proceed'-messages (weet u zeker dat u hiermee >door wilt gaan) >, but the other parts are very usefull. > >so is it plausible to disable these parts? > >the only thing I know is how to disable the whole UAC.</span> Quote
Guest CarolinaFaithful Posted June 15, 2008 Posted June 15, 2008 Silent mode will still block some programs at startup. However, using TweakUAC and putting it in silent mode is definitely preferred to disabling UAC altogether. -- CarolinaFaithful Your knowledge is appreciated. One can never learn too much. Quote
Guest Nonny Posted June 15, 2008 Posted June 15, 2008 On Sat, 14 Jun 2008 21:24:56 -0500, CarolinaFaithful <guest@unknown-email.com> wrote: <span style="color:blue"> >Silent mode will still block some programs at startup. However, using >TweakUAC and putting it in silent mode is definitely preferred to >disabling UAC altogether.</span> I found that a couple of my oft-used programs got screwed up while using UAC in silent mode... dumped UAC completely and won't go back. Quote
Guest Wil Posted June 15, 2008 Posted June 15, 2008 On Jun 15, 12:24 pm, CarolinaFaithful <gu...@unknown-email.com> wrote:<span style="color:blue"> > Silent mode will still block some programs at startup. However, using > TweakUAC and putting it in silent mode is definitely preferred to > disabling UAC altogether. > > -- > CarolinaFaithful > > Your knowledge is appreciated. One can never learn too much.</span> Silent mode is worse then disabling UAC all together because it gives you a false sense of security. All an application has to do is have a manifest that says grant full rights and it has admin rights to your system. If you need your application to run as admin on startup you should code it (or bug the coder who coded it wrong) so the admin components run as a service. Quote
Guest Gerald309 Posted June 15, 2008 Posted June 15, 2008 You may want to consider this article information (below) before 'hacking' the Windows system .... a Windows Vista empowered computer is too pretty to "deface": Techworld.com - Vista's UAC spots rootkits, tests find http://www.techworld.com/security/news/ind...m?newsid=101583 Do you know what a rootkit is ? (Certainly one of the most dangerous malware threats aside from a 'blended threat' attack). Do you know what notifications you are turning off ? Are they malware alerts you should attend for a stable and secure system ? An easy way to wade through this is simply if you have ever had a personal firewall installed that is quality and a tad "agressive" and you get the several alerts. You go through them one by one and off to the search engine to see if the process is part of Windows or trusted software to give permission to. What you may turn off with some hacker tweak is an actual alert to malware much as the same as turning off firewall protection to a port malware is communicating through - or allowing malware by clicking "OK" to allow it internet access and defeating the purpose of the security software (antivirus, antispyware, firewall). I would investigate with extreme prejudice before proceeding as you ask or are answered in today's crimeware enviroment. MORE: Is Limited User Account enough? Not really... http://www.prevx.com/blog/83/Is-Limited-Us...unt-enough-Not- really.html On Jun 14, 9:43Â am, sanderl <sand...@discussions.microsoft.com> wrote:<span style="color:blue"> > Is it plausible to disable parts of UAC? > this because I hate the parts > -blocked startupprograms (in dutch geblokkeerde opstartprogramma's) > -'are you sure you want to proceed'-messages (weet u zeker dat u hiermee > door wilt gaan) > , but the other parts are very usefull. > > so is it plausible to disable these parts? > > the only thing I know is how to disable the whole UAC.</span> Quote
Guest CarolinaFaithful Posted June 15, 2008 Posted June 15, 2008 Thank you Wil and Gerald309, for correcting me. The Techworld.com article finally convinced me to re-enable my UAC. What I thought was "an annoyance" before, could really help prevent a catastrophe later on. -- CarolinaFaithful Your knowledge is appreciated. One can never learn too much. Quote
Guest Nonny Posted June 15, 2008 Posted June 15, 2008 On Sun, 15 Jun 2008 11:25:34 -0500, CarolinaFaithful <guest@unknown-email.com> wrote: <span style="color:blue"> >Thank you Wil and Gerald309, for correcting me. The Techworld.com >article finally convinced me to re-enable my UAC. What I thought was >"an annoyance" before, could really help prevent a catastrophe later on.</span> Setup a disciplined backup program and you won't have to worry about it. I could get the most biblical virus infestation and be back up and running in an hour without even having to run a virus scanner. I do daily full backups using Acronis True Image, and I backup my data every two hours using Second Copy. Quote
Guest Gerald309BCPCNet Posted June 15, 2008 Posted June 15, 2008 Let's try this on for a more intelligent answer than my gerald309 other account / no spam - since it was inspired here:: Warning: Why you should not use a ‘tweaking UAC’ software utility June 15, 2008 by bluecollarpc Warning: Why you should not use a ‘tweaking UAC’ software utility Silent Mode tweak…. Simple. Number one the software utility is not a Microsoft Windows product which is what these “hacker†utilities will be making changes to - YOUR Windows Operating System. Just because they can create software (anyone can) does not mean it is safe and secure and will not corrupt Windows in some manner (and How to undo changes to the Registry ?) The bottom line is some programmer runs out and buys the Vista manual from Microsoft and finds some hidden setting or creates one (just like with XP for years) and runs out and opens their “donateware†on some free blog which is illegal or even at Yahoo Groups or Microsoft News Rooms which is also illegal - see the Federal Trade Commission, these areas are not legally commercial - to get hopefully rich at any expense of the Users with the all too familiar “As ISâ€â€¦. (happens everyday of the week in the ‘XP Years’ and is migrating to Vista, but seems the majority of these type products do a fair and safe operation, to be fair - but this type utility is circumventing Vista security which you do not want to do and is why anti-malware products like antivirus and antispyware have been manufactured to prevent malicious malware applications from doing that)….. Consider the following rather then these type hacker “tweaks†…. You may want to consider this article information (below) before ‘hacking’ the Windows system …. a Windows Vista empowered computer is too pretty to “defaceâ€: Techworld.com - Vista’s UAC spots rootkits, tests find http://www.techworld.com/security/news/ind...m?newsid=101583 Do you know what a rootkit is ? (Certainly one of the most dangerous malware threats aside from a ‘blended threat’ attack). Do you know what notifications you are turning off ? Are they malware alerts you should attend for a stable and secure system ? An easy way to wade through this is simply if you have ever had a personal firewall installed that is quality and a tad “aggressive†and you get the several alerts. You go through them one by one and off to the search engine to see if the process is part of Windows or trusted software to give permission to. What you may turn off with some hacker tweak is an actual alert to malware much as the same as turning off firewall protection to a port malware is communicating through - or allowing malware by clicking “OK†to allow it internet access and defeating the purpose of the security software (antivirus, antispyware, firewall). I would investigate with extreme prejudice before proceeding in changes not recommended in today’s crimeware environment - see the following: MORE: Is Limited User Account enough? Not really… http://www.prevx.com/blog/83/Is-Limited-Us...Not-really.html BCPCGroup ~ The BlueCollarPC.Net Website Security Group ———————————————————– MEMBERS AREA: http://www.bluecollarpc.net/joingroup.html Mail domain bluecollarpc.net Live List Owner: bcpcgroup-listowners@bluecollarpc.net Service List Owner: bcpcgroup-owner@bluecollarpc.net Post to Group (Members Only): bcpcgroup@bluecollarpc.net Help address bcpcgroup-help@bluecollarpc.net Subscription address: bcpcgroup-subscribe@bluecollarpc.net Unsubscription address: bcpcgroup-unsubscribe@bluecollarpc.net #Sender Policy Framework (SPF, http://spf.pobox.com) Protected #ALL Posts Moderated and List Protected with Antivirus Service. Some List Features enabled: Guard archive (message digests). Archive access requests from unrecognized SENDERs will be rejected. Subscription requires confirmation by reply to a message sent to the subscription address. Unsubscribe requires confirmation by a reply to a message sent to the subscription Posted in BCPCNet WebLog On Jun 14, 9:43 am, sanderl <sand...@discussions.microsoft.com> wrote:<span style="color:blue"> > Is it plausible to disable parts of UAC? > this because I hate the parts > -blocked startupprograms (in dutch geblokkeerde opstartprogramma's) > -'are you sure you want to proceed'-messages (weet u zeker dat u hiermee > door wilt gaan) > , but the other parts are very usefull. > > so is it plausible to disable these parts? > > the only thing I know is how to disable the whole UAC.</span> Quote
Guest Gerald309BCPCNet Posted June 15, 2008 Posted June 15, 2008 SOURCE ::::::: http://bluecollarpc.wordpress.com/2008/06/...ftware-utility/ On Jun 15, 5:17 pm, Gerald309BCPCNet <gerald...@bluecollarpc.net> wrote:<span style="color:blue"> > Let's try this on for a more intelligent answer than my gerald309 > other account / no spam - since it was inspired here:: > > Warning: Why you should not use a ‘tweaking UAC’ software utility > June 15, 2008 by bluecollarpc > Warning: Why you should not use a ‘tweaking UAC’ software utility > > Silent Mode tweak…. > > Simple. Number one the software utility is not a Microsoft Windows > product which is what these “hacker†utilities will be making changes > to - YOUR Windows Operating System. Just because they can create > software (anyone can) does not mean it is safe and secure and will not > corrupt Windows in some manner (and How to undo changes to the > Registry ?) > > The bottom line is some programmer runs out and buys the Vista manual > from Microsoft and finds some hidden setting or creates one (just like > with XP for years) and runs out and opens their “donateware†on some > free blog which is illegal or even at Yahoo Groups or Microsoft News > Rooms which is also illegal - see the Federal Trade Commission, these > areas are not legally commercial - to get hopefully rich at any > expense of the Users with the all too familiar “As ISâ€â€¦. (happens > everyday of the week in the ‘XP Years’ and is migrating to Vista, but > seems the majority of these type products do a fair and safe > operation, to be fair - but this type utility is circumventing Vista > security which you do not want to do and is why anti-malware products > like antivirus and antispyware have been manufactured to prevent > malicious malware applications from doing that)….. > > Consider the following rather then these type hacker “tweaks†…. > > You may want to consider this article information (below) before > ‘hacking’ the Windows system …. a Windows Vista empowered computer > is too pretty to “defaceâ€: > > Techworld.com - Vista’s UAC spots rootkits, tests findhttp://www.techworld.com/security/news/index.cfm?newsid=101583 > > Do you know what a rootkit is ? (Certainly one of the most dangerous > malware threats aside from a ‘blended threat’ attack). Do you know > what notifications you are turning off ? Are they malware alerts you > should attend for a stable and secure system ? > > An easy way to wade through this is simply if you have ever had a > personal firewall installed that is quality and a tad “aggressive†and > you get the several alerts. You go through them one by one and off to > the search engine to see if the process is part of Windows or trusted > software to give permission to. > > What you may turn off with some hacker tweak is an actual alert to > malware much as the same as turning off firewall protection to a port > malware is communicating through - or allowing malware by clicking > “OK†to allow it internet access and defeating the purpose of the > security software (antivirus, antispyware, firewall). > > I would investigate with extreme prejudice before proceeding in > changes not recommended  in today’s crimeware environment - see the > following: > > MORE: > Is Limited User Account enough? Not really…http://www.prevx.com/blog/83/Is-Limited-Us...nough-Not-reall... > > BCPCGroup ~ The BlueCollarPC.Net Website Security Group > ———————————————————– > MEMBERS AREA:http://www.bluecollarpc.net/joingroup.html > Mail domain bluecollarpc.net > Live List Owner: bcpcgroup-listown...@bluecollarpc.net > Service List Owner: bcpcgroup-ow...@bluecollarpc.net > Post to Group (Members Only): bcpcgr...@bluecollarpc.net > Help address bcpcgroup-h...@bluecollarpc.net > Subscription address: bcpcgroup-subscr...@bluecollarpc.net > Unsubscription address: bcpcgroup-unsubscr...@bluecollarpc.net > #Sender Policy Framework (SPF,http://spf.pobox.com) Protected > #ALL Posts Moderated and List Protected with Antivirus Service. > Some List Features enabled: > Guard archive (message digests). Archive access requests from > unrecognized SENDERs will be rejected. > Subscription requires confirmation by reply to a message sent to the > subscription address. > Unsubscribe requires confirmation by a reply to a message sent to the > subscription > > Posted in BCPCNet WebLog > > On Jun 14, 9:43 am, sanderl <sand...@discussions.microsoft.com> wrote: > > ><span style="color:green"> > > Is it plausible to disable parts of UAC? > > this because I hate the parts > > -blocked startupprograms (in dutch geblokkeerde opstartprogramma's) > > -'are you sure you want to proceed'-messages (weet u zeker dat u hiermee > > door wilt gaan) > > , but the other parts are very usefull.</span> ><span style="color:green"> > > so is it plausible to disable these parts?</span> ><span style="color:green"> > > the only thing I know is how to disable the whole UAC.- Hide quoted text -</span> > > - Show quoted text -</span> Quote
Guest SG Posted June 17, 2008 Posted June 17, 2008 "CarolinaFaithful" <guest@unknown-email.com> wrote in message news:bc73a37caca3f803112a974a913348a6@nntp-gateway.com...<span style="color:blue"> > > Thank you Wil and Gerald309, for correcting me. The Techworld.com > article finally convinced me to re-enable my UAC. What I thought was > "an annoyance" before, could really help prevent a catastrophe later on. > > > -- > CarolinaFaithful > > Your knowledge is appreciated. One can never learn too much.</span> Glad to see you re-enabled it and you won't be sorry. Read over this write-up by MS-MVP Ronnie Vernon. The only fault I see in it is I didn't write it :>) QUOTE: "Bob" <bob@nowhere.net> wrote in message news:8MOdnY5hI8aWaHvanZ2dnUVZ_gKdnZ2d@comcast.com...<span style="color:blue"> > Ronnie > Even with the prompt enabled it still requires the user to be > knowledgeable of the application UAC is prompting about. Once elevation is > allowed UAC does not protect the user. Clicking allow becomes nothing more > than an annoying additional click which in many cases becomes automatic.</span> It it only annoying until you run into something unexpected. Right after Vista was first released, we went through all of the debates about users getting to the point where clicking on the prompt became an 'automatic' response. One user told us about a utility that he downloaded and installed and he got the expected 'security warning' about the file not having a digital signature. He clicked to run the file anyway and the utility installed. He then got a message to 'click here' to configure your personal settings. He then received this prompt. http://i196.photobucket.com/albums/aa86/rvmv/UACPrompt2.jpg Without UAC, he never would have been aware of the second file being installed, since he had already permitted the program to run. Needless to say, he decided that he would leave UAC on. <span style="color:blue"> > Additionally, the most common way a PC becomes infected is by downloading > something from the net and even with the UAC prompts disabled you still > receive a security warning when you attempt a download.</span> Only in specific instances, such as an installation file that does not have a digital signature attached. The security warning does nothing to protect against 'drive-by' downloads that run automatically. Most of the smaller software developers will not bother with a digital signature, simply because it is time consuming and expensive for them. <span style="color:blue"> > > Personally, when I decide to run something I don't have a need to be asked > to confirm it. If I didn't want to run it I would not have clicked on it > in the first place.</span> It's not about you deciding to run a program, it's about 'isolation', it's about 'integrity levels', it's about what background actions the program will take when you do run it. Have you ever wondered why an application, that does nothing more than make images look better, needs full and unrestricted access to every part of your computer? <span style="color:blue"> > > The bottom line is UAC does no more than protect the user from himself, > and even that still requires the user to be knowledgeable.</span> This is the whole point of UAC. The only way that a malicious program can be installed is if the user gets complacent and stops paying attention to what they are doing. When Vista is first installed, a user will typically see a ton of UAC prompts as they install all of their software programs and utilities, but these will gradually become more rare. Windows has to overcome almost twenty years of being a 'push button' operating system before it will attain any semblance of a 'secure' operating system. The education of users as well as developers will take some time. UAC and other security 'hardening' procedures are not going to 'go away'. When the majority of developers see the benefits, and start following the Microsoft developer guidelines for coding their programs and applications to run in a 'least user privilege' environment, UAC will become a prompt that is rarely seen. The vast majority of windows software should not even need to initiate a UAC prompt. Take a few minutes to read the following article. It will give you a better understanding, and show you the underlying reasons and goals of UAC. The Long-Term Impact of User Account Control: http://technet.microsoft.com/en-us/magazine/cc137811.aspx -- Ronnie Vernon Microsoft MVP Windows Desktop Experience <span style="color:blue"> > > "Ronnie Vernon MVP" <rv@invalid.org> wrote in > messagenews:3F04A9A8-EC21-412D-9ED2-3386B2E653BB@microsoft.com...<span style="color:green"> >> "Bob" <bob@nowhere.net> wrote in message >> news:VISdnaGl9rkOUnjanZ2dnUVZ_g-dnZ2d@comcast.com...<span style="color:darkred"> >>> >>> All of that nonsense can be eliminated by running UAC in "quiet" mode.</span> >> >> This is a fallacy! If UAC cannot notify the user that a program is trying >> to gain global access to the system, then it is effectively 'disabled'. >> This so called 'quite mode' setting just changes a UAC registry setting >> to 'automatically elevate everything without prompting'. This means that >> when you click to open a file, it is 'assumed' that you already know that >> the file will have unrestricted access to your computer. >> >> The main thing that UAC does is to detect when a program or application >> tries to access restricted parts of the system or registry that requires >> administrator privileges. When a program does this, UAC will prompt the >> user for administrative elevation. Without this prompt, UAC cannot warn >> the user, which means that it is effectively disabled. >> >> Some people will tell you that using "quiet mode" will still let IE run >> in protected mode, but this just isn't true. Without the UAC prompt, a >> malicious file that runs from a website can run, without restrictions, >> and silently. >> >> Another issue is that with UAC prompt disabled, some legitimate >> procedures will just silently fail to work properly, with no >> notification, if you are logged on with a Standard User account, since >> the application cannot notify you that administrative privileges are >> required. >> >> Even the developer of the TweakUAC utility includes this statement about >> his product. >> "if you are an experienced user and have some understanding of how to >> manage your Windows settings properly, you can safely use the quiet mode >> of UAC." In my opinion, if you are an experienced user, the last thing >> you would want to do is turn off the UAC notification. >> >> If you 'are' an experienced user, then you would already know how to >> temporarily bypass the UAC prompt to perform just about any procedure in >> Vista, such as running programs from an elevated command prompt, or using >> an elevated instance of windows explorer. >> >> The last problem I have with this so-called 'quiet mode' is that it >> dissuades developers from programming their applications to run in a >> least user privilege environment. >> -- >> >> Ronnie Vernon >> Microsoft MVP >> Windows Desktop Experience</span></span> END QUOTE: -- All the best, SG Is your computer system ready for Vista? https://winqual.microsoft.com/hcl/ Want to keep up with the latest news from MS? http://news.google.com/nwshp?tab=wn&ned=us&topic=t Just type in Microsoft Quote
Guest Robinb Posted June 17, 2008 Posted June 17, 2008 tweakUAC is good and bad the bad is if you have it off some programs will not install corrrectly. I found that out the hard way If you are installing a new program you need to remember to put it back on robin "CarolinaFaithful" <guest@unknown-email.com> wrote in message news:31b49b9849a3dbc936e1f5b35128eb72@nntp-gateway.com...<span style="color:blue"> > > Silent mode will still block some programs at startup. However, using > TweakUAC and putting it in silent mode is definitely preferred to > disabling UAC altogether. > > > -- > CarolinaFaithful > > Your knowledge is appreciated. One can never learn too much. </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.