Advice Request CFW with this 'Partially Limited' bug with UAC ON ?

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.
F

floalma

Level 4
Thread author
Verified
Apr 5, 2015
182
Sorry, I don't think I have understood quite well. Not good, my english. Thank you.

1.With CS settings and UAC off, if I run under a Standard Account any program with Admin level required, it will be denied automatically by Win10.
So, in this case, I only will get one pop up, the one from CF, right ?

2.n the same situation, how can I run a program with Admin level if it's denied by Win10 ?

cruelsister said:
Sorry- Using CF in a Standard user account won't change anything in so far as account status is concerned. It is just that the UAC Elevation prompt is duplicated by CF.
Click to expand...
 
  • Like
Reactions: Nestor, oldschool, vtqhtr413 and 1 other person
F

floalma

Level 4
Thread author
Verified
Apr 5, 2015
182
Two different ways with different results:

With Standard Account:

1.With UAC off and for those programs who need admin privileges, I still have the UAC Elevation prompt.
2.In the registry, if I change EnableLUA to '0', I disable in all the different accounts (Admin, Standard).
In this case, no UAC Elevation prompt to run. But, for security programs if you right click to 'run as Admin', you will get a pop up that said you 'don't have enough privilege'. For the others programs that you want manually to run as Admin like Firefox, Chrome, it will run with the Standard privileges and not with Admin privilege (no pop up in this example).


PS: I don't have GPO in my Win10. (that's why i changed in the registry EnableLUA to 0).


BryanB said:
@floalma , would the soft execute if you selected to Run as administrator?
Click to expand...
 
Last edited:
  • Like
Reactions: Nestor and vtqhtr413
F

floalma

Level 4
Thread author
Verified
Apr 5, 2015
182
@cruelsister
Standard Account (Win10)
1.With UAC at 'Never Notify' (from Control Panel) as you said, nevertheless, I still have UAC Elevation prompt.
2.With EnableLUA to '0', no more pop up Admin for credentials.
Which way to fix so that Comodo runs everything as 'Restricted' and not as 'Partial Limited' ? Second one ?
 
Last edited:
  • Like
Reactions: Nestor
Nestor

Nestor

Level 9
Verified
Well-known
Apr 21, 2018
397
floalma said:
@cruelsister
Standard Account (Win10)
1.With UAC at 'Never Notify' (from Control Panel) as you said, nevertheless, I still have UAC Elevation prompt.
2.With EnableLUA to '0', no more pop up Admin for credentials.
Which way to fix so that Comodo runs everything as 'Restricted' and not as 'Partial Limited' ? Second one ?
Click to expand...
I don't think partialy limited is the end of the world.Still do the job very well!:):)
 
  • Like
Reactions: floalma
F

floalma

Level 4
Thread author
Verified
Apr 5, 2015
182
I haven't yet installed it on Win10. I installed it on Vista a few little years ago and I got some bugs with the FF addons. I contacted Comodo Staff, but they couldn't fixed this old issue. Now, I'd like to install on Win10 without any troubles.
 
  • Like
Reactions: Nestor
cruelsister

cruelsister

Level 43
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
floalma said:
With UAC at 'Never Notify' (from Control Panel) as you said, nevertheless, I still have UAC Elevation prompt.
Click to expand...

Did you reboot after changing settings?

floalma said:
Which way to fix so that Comodo runs everything as 'Restricted'
Click to expand...

See my CF videos for a step by step. You probably won't get and Elevation prompts at this setting as CF will kill the file prior to the request.

But for those UAC fans that like to test- Set UAC to the max and try a signed (by ANYONE) malware file or a typical wannacry.
 
  • Like
Reactions: simmerskool, Hector1, floalma and 2 others
Nestor

Nestor

Level 9
Verified
Well-known
Apr 21, 2018
397
floalma said:
I haven't yet installed it on Win10. I installed it on Vista a few little years ago and I got some bugs with the FF addons. I contacted Comodo Staff, but they couldn't fixed this old issue. Now, I'd like to install on Win10 without any troubles.
Click to expand...
ok,i also like conttainment in restricted mode,but with partialy restricted or even without CS settings i hardly ever saw a test with CIS to be infected.Just my opinion.:)
 
cruelsister

cruelsister

Level 43
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
Nestor- Same here. My background is both in major Breach Analysis as well as having a criminal record for being a Blackhat (I can code). Although I've been called a FanGirl of Comodo that's only because I do monthly manual system analysis in order to see if anything is amiss as well as direct testing of nasties that I coded and ran against CF. So far I've found one RAT breach (2 years ago) that was fixed- and fixed well. But if I ever saw a major issue I would drop CF quicker than I do boyfriends.

However most do not really do any analysis of their systems. The saddest comments that I always see are the ones like: "I've been using Product X for years and never been infected!!!!" Really? Or is it that Product X still can't detect the malware that has been running rampant on that system for years?

There is a reason why the Conficker worm is still a major malware issue even though it has been out since 2008. An alert from Microsoft from April 2018 here: https://support.microsoft.com/en-us/help/962007/virus-alert-about-the-win32-conficker-worm

Most people would rather believe that if their primary AV and typical secondary scanners (MB, HMP) show nothing amiss that everything is fine. Must be nice to live in Wolkenkuckucksheim. Personally I've never had the pleasure...
 
  • Like
Reactions: Tiny, simmerskool, kylprq and 6 others
Nestor

Nestor

Level 9
Verified
Well-known
Apr 21, 2018
397
cruelsister said:
Nestor- Same here. My background is both in major Breach Analysis as well as having a criminal record for being a Blackhat (I can code). Although I've been called a FanGirl of Comodo that's only because I do monthly manual system analysis in order to see if anything is amiss as well as direct testing of nasties that I coded and ran against CF. So far I've found one RAT breach (2 years ago) that was fixed- and fixed well. But if I ever saw a major issue I would drop CF quicker than I do boyfriends.

However most do not really do any analysis of their systems. The saddest comments that I always see are the ones like: "I've been using Product X for years and never been infected!!!!" Really? Or is it that Product X still can't detect the malware that has been running rampant on that system for years?

There is a reason why the Conficker worm is still a major malware issue even though it has been out since 2008. An alert from Microsoft from April 2018 here: https://support.microsoft.com/en-us/help/962007/virus-alert-about-the-win32-conficker-worm

Most people would rather believe that if their primary AV and typical secondary scanners (MB, HMP) show nothing amiss that everything is fine. Must be nice to live in Wolkenkuckucksheim. Personally I've never had the pleasure...
Click to expand...
True,agree to all.I don't have the minimum of your experience, i just ttry to learn and experiment with security suites,though i am not consider myself Comodo fanboy, in fact i am not fanboy to anything in my life but i must say,it is the only product i am excited. at that time.:):)
 
F

floalma

Level 4
Thread author
Verified
Apr 5, 2015
182
@cruelsister
Yes, I rebooted after changing settings. For this reason, I asked this.
With 'Never Notify', still get UAC prompts.


I already seen your latest CF videos and old ones.

cruelsister said:
Did you reboot after changing settings?



See my CF videos for a step by step. You probably won't get and Elevation prompts at this setting as CF will kill the file prior to the request.

But for those UAC fans that like to test- Set UAC to the max and try a signed (by ANYONE) malware file or a typical wannacry.
Click to expand...
 
Last edited:
Status
Not open for further replies.

Similar threads

rashmi
    • Like
    • +Reputation
Serious Discussion Comodo Containment "Restricted" Restriction Level
Replies
24
Views
1,817
Comodo
rashmi
rashmi
Fel Grossi
    • Like
    • +Reputation
  • Sticky
New Update Comodo Internet Security 2024 v12.3.1.8104 beta (Oct 2023)
Replies
16
Views
1,307
Comodo
ErzCrz
ErzCrz
enaph
    • Wow
    • Like
Security News 700,000 WordPress Sites Vulnerable to Takeover, No Fix Available
Replies
0
Views
341
Security News
enaph
enaph

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top