Is User Account Control Really All That Necessary?

Do you want to allow the following program to make changes to this computer? Yes, I bloody well do. Otherwise, I wouldn't have double-clicked on the ****ing thing, would I? Windows says turning it off isn't recommended. **** Windows. What do you guys think?

 

You can turn off UAC for programs you know are safe.
I use ElevatedShortcut.
http://winaero.com/comment.php?comment.news.152

FYI The site has many usefull software, and most of them have tiny setup files.

 

UAC only pops up when an executable is called that is capable of changing system files and settings. As malware can also call such files UAC is just asking you to confirm that you called it. You weaken your system security by turning it off or by modifying its behaviour. Your choice.

 

Thanks. Just downloaded ElevatedShortcut. Quite a problem with it though. It was only able to modify 3 or 4 shortcuts on my desktop. Couldn't detect the rest. Seems I've gonna have to manually create elevated shortcuts for all those.

 

I leave it on, but disable the darkening of the screen, depending on what other security I am using, if any.

 

It just annoys me when it keeps asking me before it opens all my commonly used programs.

 

I'm not really concerned about the darkening myself.

 

If you can't modify a shortcut, create a new shortcut.
And then delete the existing shortcut.

 

lol Yes, that's what I said.

 

There is another way to go. For me, UAC prompts are too ambiguous to be of enough value to warrant use of the feature. For example, a UAC pop up may indicate that a program is attempting to use some feature of Windows or modify the registry or contact the internet, but UAC doesn't say specifically what a program is attempting to do or alter. For this reason, I go with Private Firewall set to show pop ups for all behaviors (PF alerts for 21 different behaviors (and also all net connections)...all of which can be allowed once or always or blocked once or always) and net usage attempts. PF explains with the prompts exactly what a program is attempting to do, providing the same purpose as UAC but giving more information for the decision.

If something runs randomly, I am still going to get a prompt, but I choose to control this type of occurrence with PF rather than UAC. Also, PF is a very smart (handy) way to control internet connections, so I get the double benefit of added information and more accessible internet control over Windows Firewall.

You might try MalwareTips for information on Comodo Firewall or Private Firewall for use in place of UAC. Most there recommend adamantly against turning UAC off, which I would too in most instances. However, I like to experiment, and PF is a good window into the lower level of a PC, which I like. I don't see the point of answering to it and to UAC with its vague description of what is happening.

I do admit that I have had questions about the wisdom of turning off UAC in that the program is written by those who created Windows and, obviously, there is potentially some degree of added protection that could be in UAC that isn't plainly visible. However, it doesn't stop cryptolocker or other system altering malwares once a user has been tricked into running the malware. If it did, I would use UAC for a double layer of protection against this type of attack.

Behavior blocking firewalls are hard to learn, and, if you don't care to get into the deeper issues of security, I would recommend not turning off UAC. I wouldn't even per se recommend it to those who are interested in the deeper things, but it suits me to use PF by itself and continue to pick up nuggets of knowledge about how programs interact with Windows.....until I get burned. When or if this happens, I will restore an image and reevaluate...

Agree with DavidGP. That looks like an interesting app Eldon. Thanks for the link...

 

I went with the ElevatedShortcut app. It's not perfect. It can't detect all shortcuts. And it makes some programs load very slowly, and sometimes crash. But it's better than constantly answering the same question every time I want to open a favourite program.

 

Contact the author. He might have to update the app.
Or, do a manual fix.
http://www.techsupportalert.com/con...shortcut-run-without-uac-prompt-windows-7.htm

 

Thanks. I also find it very annoying how all UAC says is do you want to allow this program to make some kind of change to something somewhere on your computer at some point?

I wasn't able to find anything on MalwareTips about PF vs. UAC. I downloaded it anyway. Will probably need some help setting it though, figuring out which settings to apply.

 

Jesse Newell...

Let me know if you would like some help. The settings dialog is in the "File" menu header top left.

Some tips about PF:

1. Applications is all about internet connections. If it's not allowed there it's blocked. Double left click on a process to see its rules.
2. In the Applications tab, if you right click on a process, you will see "Advanced Application Settings". That will take you to a menu with 2 tabs...Parents and Processes. Parents are processes that may try to contact the internet through another process. You can block a Parent process from accessing the internet by clicking on the process name, until the green check turns into a red x. Processes is a list of all processes on the PC, and you can shut down each one's net connectivity in the same way. This is a simple way to eliminate internet connectivity for a process. If you don't use IE, for example, you can just block it in those tabs and it won't be able to connect.
3. Process Monitor is all about behavior rules other than internet. Left double click on any process to see its 21 behavior rules. From there, you can set to ask. allow, or deny any of the behaviors. You don't need to adjust them here, though, as these are all represented by individual pop ups. It is nice to be able to go easily into this area and quickly change a setting(s) if required. Behaviors to focus on are Read Keyboard State, Adjust Privilege, Simulate Input, Copy screen content, and Monitor clipboard content. If I allow these, I make sure to allow but NOT remember the choice.
4. You can at any time eliminate any process from either the Applications area or the Process Monitor area. That only means that PF will detect it again when you next start the program/process and then will prompt you about the process. All the 21 rules for processes are set by default to "ask", so you will be able to make your choices again from the pop ups, and PF will remember them if you check "Remember" just as before you deleted the process from the PF list. All of this is true of the internet connections in Applications, too. You can at any time start over with a process or just safely clean up the dialog some if you see some you don't use or are from programs you have deleted. You won't be accidently allowing anything.
5. In Firewall Log, if you right click on any of the block entries, you will see a dialog for "Advanced Reports". With this you can see what processes have been detected or what has been blocked over set lengths of time. Kind of a cool feature.
6. In the "File" header of the dropdown, you will see Export and Import. If you get to a point where you feel really good about the settings and net and behavior rules, you can export these settings to a backup drive and then reimport them any time later. You can also export to another PC if you have identical set ups. Even if you have added programs/processes since saving the export of all of your rules, PF will function 100% based on the rules in the import with only the exception that it will recognize the processes added since the export as new ones when they are started. This will produce a new set of prompts for them.
7. I never "Remember" settings for installers. What's the point? You use the installer once and then get rid of it,
8. One time allows and one time blocks (when you don't know what something is) help keep the number of processes to a minimum in the dialogs and also decrease the chance that a Windows service or some other process will be plainly "Allowed" to perform an undesirable action. The fewer processes you have in the PF Applications and Process Monitor areas, the less chance you have of making a blanket mistake. By this I mean, allowing something and "Remember"(ing) the choice, only to have the program later use that now allowed behavior in a way you don't like.

PF is really a good tool. That said, it takes time to understand what the pop ups are saying and then what exactly you are looking for when it comes to dangerous processes. The great thing about the pop ups is that you will get 3 or 4 or even 5 or opportunities to shut down a rogue or dangerous process. In that light, the main thing to look for is a process attempting to do something that you don't intend for it to do...

 

I don't think I'll do either quite honestly. The programs that crash aren't the ones I use that often. Those ones work fine. And all the steps from that link would just be too much work.

 

A few points...

That's because you have 2 Desktop locations.
C:\Users\Public\Desktop
C:\Users\Name\Desktop

Contacting the author to report a problem, is helping the author. It's the least we can do to say 'Thank you' for free software.

Maybe. But not if you have a handfull of shortcuts you would like to modify.
And it's a learning experience.

BTW Which elevated shortcuts are causing programs to crash when you click them?

 

Sorry for taking SOOOOOOOOOOOOOOOOOOOOOOOO long to get back on this. I've had a lot of other stuff on my plate. Thanks for the incredibly detailed write-up. I've read through all of it but I think I maybe should have installed PF first so I could look at it while I was reading. I would have understood a lot more then. I don't think I'll install PF yet until I know you're around to give me a hand as I set it up because it seems that there are SOOOOOOOOOOOOOOOOOOOOO many options, I'd just get lost very quickly on my own.

 

Hm. OK. You didn't say that the first time you replied to that post. I had no idea I had TWO desktops before.

There's really nothing to contact him about anymore now.

None. I got a couple of crashes the first time I used elevated shortcuts but now none. So I think it was just the programs that happened to crash at that time, nothing to do with the shortcuts. Those programs work fine now through elevated shortcuts, no problems.

 

You didn't ask...
Good to know the issue has been solved.

 

Yes I am still around Jesse. Let me know if you need help. I use PF, but actually you can get a more hands off firewall than PF. Comodo is too buggy for me, but there are some pay softwares out there that are good. Wish I could help with those. Actually, I think PF has an advantage over those with the internet control being so available and simple (once you get used to it). Many of the others will be better at stopping destructive malware like ransomware, because they often have detection for those types of programs, while PF relies on you blocking this type of activity mostly.

Just let me know if you would like help. Anyway, using PF for a month or two on the settings I use is helpful in gaining an insight into what are the potential weaknesses of firewall programs. PF is sort of unique with that side benefit, since others do a good bit of the thinking for you...

 

That doesn't make any sense. You replied to the same post twice. I didn't ask anything the second time you replied to it that I hadn't asked the first time you replied to it. I'm talking about the same post.

Is User Account Control Really All That Necessary?

Is User Account Control Really All That Necessary?

 

Cheers. I think I'm literally gonna needs hands on help though AS I'm setting it up. I can't handle complicated programs on my own at all. Would it be a good idea to just install it with its default settings until I can manage to get a hold of you and you can talk me through changing them?