UAC Mode can be bypassed!

[(BlackBox) Hacker]

Nice reply, you are 100% correct. Anyways if people would believe in there Security Suits to protect them? Other AV Vendors wouldn't make much money cleaning none infected PC's! If people don't want help and have no expert Qualifications in ICT then why should geeks help them? Only the ones who wish to be helped get saved! The main problems Today is that the average user don't even want to know the inner workings of a Computers System, but just to use the thing without any problems as long as it works without any popups that's great for them!

You've made strong points here Neno. Yet (and I know this makes absolutely no sense at all) sometimes it's fun to sit on the couch (figuratively, so to speak) with a whole bunch of intelligent, albeit nerdy, friends while watching a horribly scary film together while everyone screams about which of the clueless victims they think the monster's going to kill next!

 

[(BlackBox) Hacker]

I have also just installed a Cracked version of Spy Shelter, because my UAC is not protecting my Computer with the free version of Avira Antivirus and yes yet again, I say Windows Firewall Console 12 my software product! I have also Hacked Linux Mints UAC Screen with a nice little reverse shell and full root access!

With Spy Shelter running I don't even need the extra Security Features on Windows Firewall Console, on this version I have added buttons instead. But I have also made the Aero glass look as well very cool.

This might not be directly related, yet I thought it good to share seeing something similar! While online using Google Chrome contained in Sandboxie free (sandbox) UAC warned "Do you want to allow another program on your (Windows 7) system to download Norton privacy protection extention". I clicked "No", but afterwards the sandbox would not delete. I was neither able to restart nor could I shut down, so I did the next best thing; and hibernated my wife's computer while I slept on it. Today I'd opened Chrome again, this time outside of the sandbox. I found the Norton Privacy Protection extension along with all my others, so alarmed was I that I immediately deleted it. Some programs including Malwarebytes Anti-malware did not respond, so hopefully I've done the right thing by forcing shut-down, then restarting the system in safe mode. Now everything 'seems' to be normal again. ..I hope. Now it's time for a MBAM scan.

 

[Littlebits]

I have also just installed a Cracked version of Spy Shelter, because my UAC is not protecting my Computer with the free version of Avira Antivirus and yes yet again, I say Windows Firewall Console 12 my software product! I have also Hacked Linux Mints UAC Screen with a nice little reverse shell and full root access!

With Spy Shelter running I don't even need the extra Security Features on Windows Firewall Console, on this version I have added buttons instead. But I have also made the Aero glass look as well very cool.

If UAC and Avira is not protecting your system then maybe you need to have a talk with the user behind the mouse clicks.
I have used UAC ever since it first came out on Vista along with free AV's and I have not had one single infection, so the user on your system must not be doing something right.

Thanks.

 

[illumination]

These tests on your own system, do not prove anything, you speak highly of comodo , maybe you should take a look down through their forum, where Users claim they have "Killed Comodo Firewall" on their own system by killing the process. Why yes, this may happen, as you are the "Admin" of your system, and as such, it will allow the admin to do things, that an outsider can not do.

Point in case, take your tests to a limited "guest" account and see if they are as successful, better yet, remote another system on your network and run these same tests without being at the helm of that other system. and see if you can bypass it..

As littlebits pointed out, it is the User behind the mouse which will determine if the security features on a users system will function properly or not.

 

[nissimezra]

Using the term "bypassed" is rather misleading as one can conjure up some super malware that is coded for this purpose. Rather one should be aware that UAC will just alert to anything (legitimate program or malware) that will request elevated privileges. If a program or malware file doesn't need to do this to operate UAC will nor react. Simple as that. And considering the majority of malware do not need elevated privilege to infect a system...

Also, UAC at whatever level and any type of Anti-exe application are hardly synonymous.

Thats why I don't think it worth the bugging for advance users
For medium intermediate users its good to have
for beginners good to have
for dummy users who don't know anything its just confusing them.

 

[(BlackBox) Hacker]

Yep I was the hacker in my own System and UAC don't work lol! If you think that UAC helps? Please use it by all means! And I don't use Comodo Firewall just the Comodo Antivirus last time. I've given up trying to open your minds that UAC has poor protection on your system!

If UAC and Avira is not protecting your system then maybe you need to have a talk with the user behind the mouse clicks.
I have used UAC ever since it first came out on Vista along with free AV's and I have not had one single infection, so the user on your system must not be doing something right.

Thanks.

 

[(BlackBox) Hacker]

All security suits need admin rights to run just like Malware, if you run Comodo with limited user rights? The Software should not work properly say in that Guest account, this also means you are bypassing your own Security not the other way around. I strongly recommend using standard user account to restrict rights and still have active Comodo security software running without any problems, but when you buy any computer. Is it the Computers default user rights as restricted Administrator lol?

I have just found security flaws in Spy Shelter as well as confirming the UAC Mode flaws, but if you Terminate the process and delete the files? You should be 100% clean of Spyware using the Spy Shelter Software! These security tests are very useful, now I also know how to kill the Reverse TCP Connection and Shell without using a Two Way Firewall? But I also have my Windows Firewall Console 12 which enables the Two Way Firewall in Windows Firewall as well!

These tests on your own system, do not prove anything, you speak highly of comodo , maybe you should take a look down through their forum, where Users claim they have "Killed Comodo Firewall" on their own system by killing the process. Why yes, this may happen, as you are the "Admin" of your system, and as such, it will allow the admin to do things, that an outsider can not do.

Point in case, take your tests to a limited "guest" account and see if they are as successful, better yet, remote another system on your network and run these same tests without being at the helm of that other system. and see if you can bypass it..

As littlebits pointed out, it is the User behind the mouse which will determine if the security features on a users system will function properly or not.

 

[illumination]

All security suits need admin rights to run just like Malware, if you run Comodo with limited user rights? The program should not work properly say in that Guest account.

A security suite will run just fine, even being in a guest account, you just will not have access to change any settings in it. That is the whole point to limited accounts, and also the point we have been trying to make.

These tests will not fair well without the Admin privileges, hence why they do work with you being the admin and running them..

 

[(BlackBox) Hacker]

They also started making Antivirus Software since the MS DOS days, because the user has more rights on the Operating Systems and since Windows XP, before UAC was released on Windows Vista! The Guest account you can mainly use without any Antivirus even installed hahahaha, It's just like trying to use Linux without root access very funny!

There's is not point in restricting trusted Software, if you want to use all of the user accounts on a Windows Platform? Please consider not using any AV's on a Guest Account and giving the trusted vendors bad names with false reports of security. If you like using all of the user accounts on an Operating System? Use Linux Mint it has the option to use lower user accounts and root at same time with Antivirus Software.

A security suite will run just fine, even being in a guest account, you just will not have access to change any settings in it. That is the whole point to limited accounts, and also the point we have been trying to make.

These tests will not fair well without the Admin privileges, hence why they do work with you being the admin and running them..

 

[illumination]

They also started making Antivirus Software since the MS DOS days, because the user has more rights on the Operating Systems and since Windows XP, before UAC was released on Windows Vista! The Guest account you can mainly use without any Antivirus even installed hahahaha, It's just like trying to use Linux without root access very funny!

There's is not point in restricting trusted Software, if you want to use all of the user accounts on a Windows Platform? Please consider not using any AV's on a Guest Account and giving the trusted vendors bad names with false reports of security. If you like using all user accounts safely Linux Mint has the option to use lower user accounts and root with Antivirus Software.

Talking to you, is like clapping with one hand.

 

[(BlackBox) Hacker]

You don't know anything about Security this is only my opinion? Why don't you just trust what you believe in? You have already made up your own mind, I only use what I test, I never listen to what other people say there's no point! Please you don't have to prove nothing to anybody not even me.

Example: You are saying you need Antivirus with a Guest Account? This does not make any sence! Also you can get hacked not using Admin rights?

But I have also Spyware that requires no user rights, does this mean I should not even use a Computer Online? But normally Spyware needs Admin Rights including other Viruses such as File Infectors!

Talking to you, is like clapping with one hand.

 

[nissimezra]

You don't know anything about Security this is only my opinion? Why don't you just trust what you believe in? You have already made up your own mind, I only use what I test, I never listen to what other people say there's no point! Please you don't have to prove nothing to anybody not even me.

Example: You are saying you need Antivirus with a Guest Account? This does not make any sence! Also you can get hacked not using Admin rights?

so what you are saying that if using guest account to uninstall the AV?

I do believe that its possible for viruses to copy them self to limited user account or partitions.

why not using AV anyway?

cheers

 

[(BlackBox) Hacker]

Yes that is 100% right, because on Windows 7 you have no Hard Drive write access with guess account just like a Sandbox, but viruses can still copy to USB only! This is what Antivirus companies will not say, If they would say that you did not need there paid Software? They wouldn't make no money from customers lol!

This is why people leave Windows and join the Linux Community and use the Lower User Account on that platform as default! But all you have to do to stop malware is to use limited user accounts, but the only problem is if you get an infected file? It will be no threat, but stuck on the PC instead lost!

Most people like to use the Administrator Account when they buy a PC, what most people do is pay for the Software products such a Comodo or Avast as such! When the Antivirus finds or detect the threat, the AV's can restrict the file the same way as a Limited user account, but on the Administrator account instead! I've seen bitdefender rename the infected file, but all antiviruses will delete the infected files.

so what you are saying that if using guest account to uninstall the AV?

I do believe that its possible for viruses to copy them self to limited user account or partitions.

why not using AV anyway?

cheers

 

[illumination]

so what you are saying that if using guest account to uninstall the AV?

I do believe that its possible for viruses to copy them self to limited user account or partitions.

why not using AV anyway?

cheers

How can you two, look at this conversation, and pull out those parts you perceive?

Those were examples of "WHY" his tools/testing worked on his own machine under Admin rights and the difference of not having Admin rights..

So when you ask "what you are saying", you need to really look at what i am saying..

 

[nissimezra]

Yes that is 100% right, because on Windows 7 you have no Hard Drive write access with guess account just like a Sandbox, but viruses can still copy to USB only! This is what Antivirus companies will not say, If they would say that you did not need there paid Software? They wouldn't make no money from customers lol!

This is why people leave Windows and join the Linux Community and use the Lower User Account on that platform as default! But all you have to do to stop malware is to use limited user accounts, but the only problem is if you get an infected file? It will be no threat, but stuck on the PC instead lost!

Most people like to use the Administrator Account when they buy a PC, what most people do is pay for the Software products such a Comodo or Avast as such! When the Antivirus finds or detect the threat, the AV's can restrict the file the same way as a Limited user account, but on the Administrator account instead! I've seen bitdefender rename the infected file, but all antiviruses will delete the infected files.

thx for answer.

I never tried this or test it, i will one day.
are you sure it can't copy itself to partitions?

as for admin account not everyone use it, in fact most of the users don't know it exist, the builtin admin account is disable by default and to enable it you need to be an advanced user

the account that most of the people use and what you ment is an account with admin rights not admin

cheers

 

[Ink]

@(BlackBox) Hacker Could you give VoodooShield a try? The concept behind it is good. http://www.voodooshield.com/
New Beta version: http://malwaretips.com/threads/voodooshield-2-beta.26912/

Let us know what you make of it. Cheers.

 

[nissimezra]

@(BlackBox) Hacker Could you give VoodooShield a try? The concept behind it is good. http://www.voodooshield.com/
New Beta version: http://malwaretips.com/threads/voodooshield-2-beta.26912/

Let us know what you make of it. Cheers.

and timefreez

up until now with all my test nothing left on the system after reboot or even force shutdown\
all tests were with one partition OS

 

[Ink]

Most rollback software should prevent changes, but I recommended VoodooShield solely because it's based on a similar methods used UAC.

 

[Deleted member 178]

@(BlackBox) Hacker Could you give VoodooShield a try? The concept behind it is good. http://www.voodooshield.com/
New Beta version: http://malwaretips.com/threads/voodooshield-2-beta.26912/

i will wait the final release lol ; lot of works have to be done on it

 

[(BlackBox) Hacker]

Well I have had loads of Computer from PC World, all of them are only restricted because of the UAC Mode is enable in Windows 8 Pro and 7, this will make it a basic account for sure! For full rights you usually type a command to enable admin or find the main mmc in System32 folder. Also you could use the existing restricted default admin account and disable UAC on Windows 8 and get the full admin account, but Microsoft have also made it so you can use the Metro Screen to run each application as Administrator!

thx for answer.

I never tried this or test it, i will one day.
are you sure it can't copy itself to partitions?

as for admin account not everyone use it, in fact most of the users don't know it exist, the builtin admin account is disable by default and to enable it you need to be an advanced user

the account that most of the people use and what you ment is an account with admin rights not admin

cheers