Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: How to get rid of "Do you want to allow..."?

08 May 2011   #71
chrysalis

windows 8.1 Pro x64
 
 

Quote   Quote: Originally Posted by Lordbob75 View Post
Quote   Quote: Originally Posted by chrysalis View Post
Quote   Quote: Originally Posted by Lordbob75 View Post
3. Allow virus onto whitelist and get screwed.

Unfortunately, having a whitelist just doesn't work.

~Lordbob
nothing like treating your userbase like kids.

why would a sane person add a virus to their whitelist.
So you are telling me that every [sane] person knows exactly what every virus looks like and can tell to not add them?

~Lordbob
If in doubt dont whitelist, I would only whitelist apps I frequently use and know are safe.


My System SpecsSystem Spec
.
08 May 2011   #72
chrysalis

windows 8.1 Pro x64
 
 

Quote   Quote: Originally Posted by MacGyvr View Post
UGH, just let the ones who don't want to use UAC turn it off and get infected. Arguing about it does nothing. They will find out soon enough. Personally, I am suspicious of anyone who is getting overwhelmed by UAC prompts. I *might* get one a day, but I don't even think I get that many. Enjoy all your little hacking tools and unnecessary hardware monitors. If you need to monitor that much about your PC, you probably need a new one. It's kind of like a car. I use it to get from place to place...I don't want to spend more time rebuilding it than I do *using* it.
bit of bizzare comment

I dont know how many a day I get, not many tho. I have a few apps that need admin priv to work properly, so they prompt when I fire them up but because I rarely reboot and restart these apps its not a big deal.

So ironically as it stands I am not that bothered about a whitelist feature as I probably would only use it for 2 or 3 apps however I am a big fan of user choice and not been treated like a baby by companies so I think the whitelist ability should be there.

UAC is useful but saying silly things like if you turn it off you gonna get infected is wrong as well especially given that using a whitelist is nothing like the same as turning it off, the biggest protection vs malware is user vigilence. Its entirely possible to have no a/v no fw, and no UAC and be fine. It just increases your risk of infection. UAC would truly be good if we were using restricted user accounts by default instead of admin accounts. We only halfway there at the moment, hopefully win8 will have limited user accounts the default.
My System SpecsSystem Spec
08 May 2011   #73
Tepid

Win 7 Ultimate 32bit
 
 

Ok, this whole issue about whitelisting is ridiculous.
The best solution is to have software that does not require admin rights to run, period.
It can be done. 99.9995% of software should not require admin rights to run.

The only ones that should are apps like CCleaner and Malware/Virus Scanners and systems tools. That's it.
Your Games and Music and Video apps don't need Admin rights to run, only to install.

Then, get rid of UAC completely and implement straight REAL Standard User Accounts and Run As Admin that requires both UserID and Password. That's it.

Safest you will be next to unplugging.

*********

This includes, accessing certain parts of the system, such as,

Local Disk C:
Anything in the Windows folder
Program Files
etc.
Extended Drives (however, rights could be changed to allow only specific users and not everyone)
USB Devices (due to AutoRun)

The only folders one should have access to without a prompt

Documents
Desktop
Favorites

That's it.

This can be done on a Windows PC today, right now. But, people don't want that much security.
Well, that's your fault when you get infected. No point in *itching about it.
My System SpecsSystem Spec
.

08 May 2011   #74
Brink

64-bit Windows 10 Pro
 
 

Quote   Quote: Originally Posted by chrysalis View Post
If in doubt dont whitelist, I would only whitelist apps I frequently use and know are safe.
The only problem with being able to whitelist any app, is what would happen if a virus/malware replaces that whitelisted app's file with a version of it own. Scary thought.
My System SpecsSystem Spec
09 May 2011   #75
chrysalis

windows 8.1 Pro x64
 
 

Quote   Quote: Originally Posted by Brink View Post
Quote   Quote: Originally Posted by chrysalis View Post
If in doubt dont whitelist, I would only whitelist apps I frequently use and know are safe.
The only problem with being able to whitelist any app, is what would happen if a virus/malware replaces that whitelisted app's file with a version of it own. Scary thought.
it would be caught by the hash check I mentioned and reprompt, the reprompt would then catch my attention and I wouldnt whitelist again without a scan of file.

"UAC has detected file properties changed of whitelisted app please advise on action"

The same scenario can affect the yes/no prompt, its not a risk only for whitelisting. A user who regurly runs an app that has UAC prompts would typically be just mindlesly clicking yes anyway. The real danger of excessive UAC prompts is the end user can start to ignore them and just click on yes for everything, or even disable UAC which was the problem with vista. Not so much with windows 7 as microsoft did whitelist various internal windows binaries.
My System SpecsSystem Spec
09 May 2011   #76
chrysalis

windows 8.1 Pro x64
 
 

Quote   Quote: Originally Posted by Tepid View Post
Ok, this whole issue about whitelisting is ridiculous.
The best solution is to have software that does not require admin rights to run, period.
It can be done. 99.9995% of software should not require admin rights to run.

The only ones that should are apps like CCleaner and Malware/Virus Scanners and systems tools. That's it.
Your Games and Music and Video apps don't need Admin rights to run, only to install.

Then, get rid of UAC completely and implement straight REAL Standard User Accounts and Run As Admin that requires both UserID and Password. That's it.
Its worth noting linux/bsd etc. their form of UAC is effectively sudo, and that can effectively whitelist. If used correctly its quite safe. For the apps we dont all use the same mainstream apps. In my case the apps in question are UAC compatible however I choose to not run them that way one reason been I want their data stored in legacy format in the program dir not in the user folders when run in UAC mode. One of the apps also has addons which dont work right in UAC mode as it uses system calls that requires admin rights. Is custom coded and unlikely to be updated anytime soon if even possible. I dont care too much for whitelist for myself as said before but there will always be apps out there that will prompt for UAC.

I will soon be migrating to a SRP+restricted user setup so this for me will soon not apply for me anyway as I will be fast user switching to admin account for maintenance tasks and running apps from restricted account.
My System SpecsSystem Spec
09 May 2011   #77
brotherboard

Windows 10 Pro 64Bit
 
 

I've noticed on my system when opening Malwarebytes a UAC prompt pops up, yet when opening Super antispyware it just runs without one.
My System SpecsSystem Spec
09 May 2011   #78
Snowdog

Windows 7 x64 Home Premium
 
 

Quote   Quote: Originally Posted by chrysalis View Post
it would be caught by the hash check I mentioned and reprompt, the reprompt would then catch my attention and I wouldnt whitelist again without a scan of file.

"UAC has detected file properties changed of whitelisted app please advise on action"

The same scenario can affect the yes/no prompt, its not a risk only for whitelisting. A user who regurly runs an app that has UAC prompts would typically be just mindlesly clicking yes anyway. The real danger of excessive UAC prompts is the end user can start to ignore them and just click on yes for everything, or even disable UAC which was the problem with vista. Not so much with windows 7 as microsoft did whitelist various internal windows binaries.

Excellent post explaining the subtleties.

That actually highlights why a white-list is even more effective for security. If an app triggers every time I run it, I never read it after the first few times.

If it were malware hijacked, I would just auto click yes...

Now if I could white-list it like I want to, and if it changed, it would UAC again, that would immediately catch my attention, much the same way white-listed applications trigger on my firewall again after a change.
My System SpecsSystem Spec
09 May 2011   #79
James Colbert

 
 

I think the point of UAC is twofold:

1) To protect the non-tech' masses from infecting their own machines.

2) To allow admins to assign standard user accounts to those who don't know what to allow and what to deny, or wouldn't care.

As an admin, it's no annoyance whatsoever to click 'OK' when needed, even if several times a day. The standard users on my network, however, can't just click 'OK'. They must enter a password, which they don't have. If the denied operation is essential to their progress, I'll have to enter the password. If not, I don't even get notified. They just move on. I rarely get notified.

That, for me, is where the real usefulness of UAC shows itself. I'm not worried about my actions compromising my network, but certainly I have concerns with users who either don't have the tech know-how to know or care, or the integrity to care if the system/network is infected or hosed.

James
My System SpecsSystem Spec
09 May 2011   #80
chrysalis

windows 8.1 Pro x64
 
 

Quote   Quote: Originally Posted by Snowdog View Post
Quote   Quote: Originally Posted by chrysalis View Post
it would be caught by the hash check I mentioned and reprompt, the reprompt would then catch my attention and I wouldnt whitelist again without a scan of file.

"UAC has detected file properties changed of whitelisted app please advise on action"

The same scenario can affect the yes/no prompt, its not a risk only for whitelisting. A user who regurly runs an app that has UAC prompts would typically be just mindlesly clicking yes anyway. The real danger of excessive UAC prompts is the end user can start to ignore them and just click on yes for everything, or even disable UAC which was the problem with vista. Not so much with windows 7 as microsoft did whitelist various internal windows binaries.

Excellent post explaining the subtleties.

That actually highlights why a white-list is even more effective for security. If an app triggers every time I run it, I never read it after the first few times.

If it were malware hijacked, I would just auto click yes...

Now if I could white-list it like I want to, and if it changed, it would UAC again, that would immediately catch my attention, much the same way white-listed applications trigger on my firewall again after a change.
Of course those saying whitelist would be very bad seem to have forgotten that microsoft did improve windows 7 UAC by whitelisting internal system files, thats all they did, it was very simple. So windows 7 already has UAC whitelist it just isnt configurable.
My System SpecsSystem Spec
Reply

 How to get rid of "Do you want to allow..."?




Thread Tools




Similar help and support threads
Thread Forum
"access denied" when using "assoc" and "ftype" from cmdline?
I tried to associate the file extension .txt to a new editor program with the well known cmdline programs ASSOC and FTYPE. No, assigning them through WinExplorer menu does not work. But this is another problem which should not discussed here. When I type now one of the following...
General Discussion
Kyboard deos not respond to the keys: "e", "d", "c" and "3"
Example sentence: vrytim I prss ths kys, nothing happns. Now I'm writing with my on-sreen keyboard. I'm clueless when it comes to computer stuff. How do I fix this? Is this a software problem, or a hardware problem?Help is much appreciated!
Hardware & Devices
Changing the "minimize" "maximize" and "close" buttons of a theme
Ok so I'm using a custom visual style made by another user however I don't really like the buttons used that I mentioned above. The creator states it is acceptable to change the theme to however you like as long as you don't redistribute it anywhere. Ok so I opened up the .msstyles file (using...
Customization
BSOD every few hours: mostly "STOP: 0x00000F4", "c00021a" & "c0000135"
Hi everyone! Yesterday my HP laptop (Windows 7) started getting BSOD with various types of errors (mostly "STOP: 0x00000F4", "STOP: 0x0000007A", "c00021a" and one "missing %hs, c0000135"). Most of the time it restarts without any issues and works fine right after the BSOD and then an hour or two...
BSOD Help and Support
Need to add "TASKBARS" (MSese for "Launchpads", "Docks" NOT "Toolbars"
My office just upgraded, and I can no longer use Windows XP. On this system, I was able to add a separate taskbar to facilitate quick access to commonly-browsed folder locations on our vast network, and another one expedited the launching of useful programs and lists. Each task on each taskbar...
General Discussion
Remaking "My Music", "My Pictures", "My Videos" folders
hi, OK, this is a weird one. I wanted to move the "My Music", "My Pictures", "My Videos" folders to another HDD. I moved the "My Documents" Folder to this HDD without a problem but the others I accidentally set the whole HDD as the folder (if that makes sense). So now the music, videos and...
Customization


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 19:40.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App