Solve : Don't You Think It Gets Tired of Seeking Approval??

1.	Solve : Don't You Think It Gets Tired of Seeking Approval??
Answer» I have a program that I have been running successfully for quite a while. Recently it has started asking for permission to run: "User Account Control: Do you want to allow this app from an unknown publisher to make changes to your device?". This happens if I launch the program from its icon or from an associated file. I am the Admin for this machine. I have tried running this program As Administrator, and that has not helped. The software itself has not updated, but I don't know if this changed relative to a Windows Update. (Not certain exactly what update I was on when I first noticed this, but I have been on 10 Pro Version 1709 Build 16299.192; I just received 1709 16299.248 and am still having the issue.) Don't really care why this has changed, but would like to know how to make it stop. Depends on the app. Apparently you have downloaded an app written by somebody who pays little attention to the need for security and did not register their business. Why not tell us the name or description of the App.Where and how did you get it? About half of the 'unknown source' programs are either malicious or harmful in some way. Such code was made by somebody who wants to hurt you. Or does not not care if he hurts you. my solution has always been to set Control PANEL, User Accounts, Change User Account Control SETTINGS, slide to Never Notify. you'll stop all UAC warnings then... BUT BEWARE, you stop ALL warnings, but that's exactly how I want it.It's qBitTorrent, and, like I said, its version has not changed - but its behavior has (which leads me to believe it's Window's reaction that's changed, not the application). I don't want UAC to whitelist EVERYTHING, for the reasons Geek alluded to. Is there no effective way to change UAC for just one particular piece of software?Windows updates have not altered the behaviour of UAC inherently. Settings may have changed, I suppose. UAC prompt appears when: -You launch an application who's embedded manifest indicates that it requires administrator permissions and UAC is enabled -You launch an application which has the "Compatibility" setting of "Run as Administrator" and UAC is enabled -The application itself attempts to elevate. (Usually, the application checks if it has admin, notices it doesn't, then relaunches itself with the "runas" verb which ELEVATES it and in that process windows shows the UAC prompt if UAC is enabled. -"Admin Approval Mode" is set to prompt for unverified executables and the signing certificate used to sign the executable has expired. -The "Admin Approval Mode" Group Policy is in place and UAC is enabled. In this mode the UAC prompts require you to enter a password and I don't think they are skipped by the level of UAC. We can eliminate the last option simply because it is so unlikely- unless you ARE being prompted for a password, that is! The second to last seems plausible but qbittorrent is not signed at all, so there is no certificate to expire. That leaves perhaps you've accidentally set the compatibility settings in the program or perhaps some setting in the program that has been altered has it attempting to self elevate? Perhaps settings related to file associations? Unfortunately there isn't a UAC "whitelist". Possibly fortunate because that would defeat the purpose and provide a relatively easy way for malicious software to elevate itself without displaying the consent dialog. Quote Apparently you have downloaded an app written by somebody who pays little attention to the need for security and did not register their business. "Unknown publisher" means that the application isn't signed. It says 'Unknown publisher' even if there is a publisher, (Which was changed in Win8 iirc) the logic being that since it isn't signed you cannot "know" that it is actually from that publisher. Quote About half of the 'unknown source' programs are either malicious or harmful in some way. Such code was made by somebody who wants to hurt you. Or does not not care if he hurts you. The AUTHENTICODE signing process is intended only to allow you to know that the application you have has not been tampered with since the publisher created it. It does not say or indicate anything about it being safe. Nothing prevents malware from being digitally signed in the same manner. Given it has a annual charge associated with it it is no surprise it's not exactly taken off for Open Source products that don't have financial backing. Notepad++, Audacity, DOSBox, foobar2000, Autohotkey, Inkscape, Handbrake, and innumerable other programs do not have authenticode signatures. Which half of these are malware? Wow, thanks for all the info. I'm stuck in a loop on the math, though - how do I calculate half of "innumerable"!? (Can I guess, though? Is "foobar2000" a bad one?). I'm not getting a password prompt, so your bullet point 5 can definitely be eliminated. I don't know if I understand how I could have accidentally set compatibility settings in the program, but I can't unequivocally deny it, either. What can I check to find out? (Right-click on icon in Taskbar, right-click program name, select "Properties=>Compatibility", the only boxes ticked are "Disable fullscreen optimizations" and "Run as administrator".) Oh, wait. Bullet two - I do have Compatibility setting of Run as Admin set. Let me UNcheck that and test. Be right back. OK, that actually worked. I wonder how/when/why I would have ticked that... I know I have to run Palm Desktop as Admin, and their icons are near each other on my Taskbar, so maybe I fat-fingered it...?) Anyway, that seems to be the trick. So, thanks! And, once again, Geek's Hobbesian view of the techworld didn't bear fruit...Of interest: https://en.wikipedia.org/wiki/QBittorrent That torrent program is cross-platform, has many versions and the source code is open. Also, thee is no effort to prevent it from becoming malware. It does not have anything to verify itself. Nor does it have anything to prevent malware from infecting it. Of course you can scan it with your favorite AV program before you use it. Furthermore, the torrent content itself can have malicious or unwelcome hitchhikers. The torrent protocol is weak with regard to security. The exception is when an effort is made to use a variant of the protocol that includes protection. This has been documented and is one reason why the consensus of many is that you should only use a torrent only with a 'sandbox'. Said sandbox is a small self-sacrificing computer apart from anything important to you. Just trying to help. I find it's sometimes rather easy to adjust settings and then forget they were set some time later. After all it might be difficult to recall what we did for 3 or 4 seconds 5 or 6 months later! And then we go hunting down the cause, and after ripping everything apart we discover it was some innocent setting we had forgotten about or dismissed because we didn't remember setting it. Quote I'm stuck in a loop on the math, though - how do I calculate half of "innumerable"!? (Can I guess, though? Is "foobar2000" a bad one?). Ha, those last segments were largely aimed at comments by Geek-9pm, which, unsurprisingly, had almost nothing to do with your problem. My issue there was with his claim that about half of software that isn't signed is malicious or harmful, which I think is a rather unfounded claim. And I do confess that it was something of a trick question because all of the programs I explicitly listed are perfectly legitimate. Hobbes, Thomas [häbz] DEFINITION (1588–1679), English philosopher. He believed that human action was motivated entirely by selfish concerns, notably fear of death. He is best known for his treatise Leviathan, or the Matter, FORM, and Power of a Commonwealth, Ecclesiastical and Civil (1651).Was alluding more to the concept of "solitary, poor, nasty, brutish, and short" - it seems you sometimes ascribe less-than-noble motives to makers and distributors of soft- and hardware... Not trying to start a flame war, just explaining my "Hobbes" comment.... Ha Ha! Thar is funny! That is funny, but torrenting any files or even having thr presence of qBitTorrent might infect your compyter with malicious items.Simply having the software installed has no chance or capability to infect a system. You have to explicitly download torrents and those torrents have to contain malicious items. Quote from: BC_Programmer on February 15, 2018, 09:00:35 PM Simply having the software installed has no chance or capability to infect a system. You have to explicitly download torrents and those torrents have to contain malicious items. BC, normally I have great respect for your insight, but I think you need to think that over. Your statement needs to be qualified. You ought to say 'having, but never used bi torrent is not harmful.' However, once it has been used, and if not used carefully, there is the slight risk risk of a malicious bit of data getting into the system. This brings up the possibility of a two-fold attack. I do not know what the right buzz-word is, but a bit of malware comes in and starts your torrent program in the background and the torrent then contains a payload much more malevolent. To my knowledge that has not been reported. Here is some documentation about qBitTorrent that might be informative. https://github.com/qbittorrent/qBittorrent/wiki However, one would have to do a lot o reading to see if there is a potentiate with having the program installed but not active. A quick search show that same think just having it on your PC is a potent ion problem. Here is a key phrase that gets a lot of hits: Will a torrent harm me? Here is just one of many: http://ask-leo.com/will_bittorrent_harm_my_computer.html He says: Quote BitTorrent itself is highly unlikely to harm your computer. However what you download using BitTorrent - well, that's a different story. Some caution is called for However, BitTorrent is not the same program, but uses the protocol. BTW, when I torrent, I like Vuze. https://www.vuze.com/ It is among the best. Vuze got super-bloated and too filled with ads a few years back. Back in its azureus (sp?) days I used it, but... (As in most things, wise use mitigates risks. My concern was its sudden asking for approval - not the dangers of the software's objectives - which is why I didn't lead with the type of application it was in the OP.)

Answer»

I have a program that I have been running successfully for quite a while.

Recently it has started asking for permission to run: "User Account Control: Do you want to allow this app from an unknown publisher to make changes to your device?".

This happens if I launch the program from its icon or from an associated file.

I am the Admin for this machine. I have tried running this program As Administrator, and that has not helped.

The software itself has not updated, but I don't know if this changed relative to a Windows Update. (Not certain exactly what update I was on when I first noticed this, but I have been on 10 Pro Version 1709 Build 16299.192; I just received 1709 16299.248 and am still having the issue.)

Don't really care why this has changed, but would like to know how to make it stop.

Depends on the app.

Apparently you have downloaded an app written by somebody who pays little attention to the need for security and did not register their business.

Why not tell us the name or description of the App.Where and how did you get it?

About half of the 'unknown source' programs are either malicious or harmful in some way. Such code was made by somebody who wants to hurt you. Or does not not care if he hurts you.

my solution has always been to set Control PANEL, User Accounts, Change User Account Control SETTINGS, slide to Never Notify.
you'll stop all UAC warnings then... BUT BEWARE, you stop ALL warnings, but that's exactly how I want it.It's qBitTorrent, and, like I said, its version has not changed - but its behavior has (which leads me to believe it's Window's reaction that's changed, not the application). I don't want UAC to whitelist EVERYTHING, for the reasons Geek alluded to. Is there no effective way to change UAC for just one particular piece of software?Windows updates have not altered the behaviour of UAC inherently. Settings may have changed, I suppose.

UAC prompt appears when:

-You launch an application who's embedded manifest indicates that it requires administrator permissions and UAC is enabled

-You launch an application which has the "Compatibility" setting of "Run as Administrator" and UAC is enabled

-The application itself attempts to elevate. (Usually, the application checks if it has admin, notices it doesn't, then relaunches itself with the "runas" verb which ELEVATES it and in that process windows shows the UAC prompt if UAC is enabled.

-"Admin Approval Mode" is set to prompt for unverified executables and the signing certificate used to sign the executable has expired.

-The "Admin Approval Mode" Group Policy is in place and UAC is enabled. In this mode the UAC prompts require you to enter a password and I don't think they are skipped by the level of UAC.

We can eliminate the last option simply because it is so unlikely- unless you ARE being prompted for a password, that is! The second to last seems plausible but qbittorrent is not signed at all, so there is no certificate to expire.

That leaves perhaps you've accidentally set the compatibility settings in the program or perhaps some setting in the program that has been altered has it attempting to self elevate? Perhaps settings related to file associations?

Unfortunately there isn't a UAC "whitelist". Possibly fortunate because that would defeat the purpose and provide a relatively easy way for malicious software to elevate itself without displaying the consent dialog.

Quote

Apparently you have downloaded an app written by somebody who pays little attention to the need for security and did not register their business.

"Unknown publisher" means that the application isn't signed. It says 'Unknown publisher' even if there is a publisher, (Which was changed in Win8 iirc) the logic being that since it isn't signed you cannot "know" that it is actually from that publisher.

Quote

About half of the 'unknown source' programs are either malicious or harmful in some way. Such code was made by somebody who wants to hurt you. Or does not not care if he hurts you.

The AUTHENTICODE signing process is intended only to allow you to know that the application you have has not been tampered with since the publisher created it. It does not say or indicate anything about it being safe. Nothing prevents malware from being digitally signed in the same manner. Given it has a annual charge associated with it it is no surprise it's not exactly taken off for Open Source products that don't have financial backing. Notepad++, Audacity, DOSBox, foobar2000, Autohotkey, Inkscape, Handbrake, and innumerable other programs do not have authenticode signatures. Which half of these are malware?

Wow, thanks for all the info.

I'm stuck in a loop on the math, though - how do I calculate half of "innumerable"!? (Can I guess, though? Is "foobar2000" a bad one?).

I'm not getting a password prompt, so your bullet point 5 can definitely be eliminated.

I don't know if I understand how I could have accidentally set compatibility settings in the program, but I can't unequivocally deny it, either. What can I check to find out? (Right-click on icon in Taskbar, right-click program name, select "Properties=>Compatibility", the only boxes ticked are "Disable fullscreen optimizations" and "Run as administrator".)

Oh, wait. Bullet two - I do have Compatibility setting of Run as Admin set. Let me UNcheck that and test.

Be right back.

OK, that actually worked. I wonder how/when/why I would have ticked that... I know I have to run Palm Desktop as Admin, and their icons are near each other on my Taskbar, so maybe I fat-fingered it...?)

Anyway, that seems to be the trick.

So, thanks!

And, once again, Geek's Hobbesian view of the techworld didn't bear fruit...Of interest:
https://en.wikipedia.org/wiki/QBittorrent
That torrent program is cross-platform, has many versions and the source code is open. Also, thee is no effort to prevent it from becoming malware. It does not have anything to verify itself. Nor does it have anything to prevent malware from infecting it. Of course you can scan it with your favorite AV program before you use it.

Furthermore, the torrent content itself can have malicious or unwelcome hitchhikers. The torrent protocol is weak with regard to security. The exception is when an effort is made to use a variant of the protocol that includes protection.
This has been documented and is one reason why the consensus of many is that you should only use a torrent only with a 'sandbox'. Said sandbox is a small self-sacrificing computer apart from anything important to you.
Just trying to help. I find it's sometimes rather easy to adjust settings and then forget they were set some time later. After all it might be difficult to recall what we did for 3 or 4 seconds 5 or 6 months later! And then we go hunting down the cause, and after ripping everything apart we discover it was some innocent setting we had forgotten about or dismissed because we didn't remember setting it.

Quote

I'm stuck in a loop on the math, though - how do I calculate half of "innumerable"!? (Can I guess, though? Is "foobar2000" a bad one?).

Ha, those last segments were largely aimed at comments by Geek-9pm, which, unsurprisingly, had almost nothing to do with your problem. My issue there was with his claim that about half of software that isn't signed is malicious or harmful, which I think is a rather unfounded claim. And I do confess that it was something of a trick question because all of the programs I explicitly listed are perfectly legitimate.
Hobbes, Thomas
[häbz]

DEFINITION
(1588–1679), English philosopher. He believed that human action was motivated entirely by selfish concerns, notably fear of death. He is best known for his treatise Leviathan, or the Matter, FORM, and Power of a Commonwealth, Ecclesiastical and Civil (1651).Was alluding more to the concept of "solitary, poor, nasty, brutish, and short" - it seems you sometimes ascribe less-than-noble motives to makers and distributors of soft- and hardware...

Not trying to start a flame war, just explaining my "Hobbes" comment....

Ha Ha! Thar is funny! That is funny, but torrenting any files or even having thr presence of qBitTorrent might infect your compyter with malicious items.Simply having the software installed has no chance or capability to infect a system. You have to explicitly download torrents and those torrents have to contain malicious items. Quote from: BC_Programmer on February 15, 2018, 09:00:35 PM

Simply having the software installed has no chance or capability to infect a system. You have to explicitly download torrents and those torrents have to contain malicious items.

BC, normally I have great respect for your insight, but I think you need to think that over. Your statement needs to be qualified. You ought to say
'having, but never used bi torrent is not harmful.' However, once it has been used, and if not used carefully, there is the slight risk risk of a malicious bit of data getting into the system.
This brings up the possibility of a two-fold attack. I do not know what the right buzz-word is, but a bit of malware comes in and starts your torrent program in the background and the torrent then contains a payload much more malevolent.
To my knowledge that has not been reported.
Here is some documentation about qBitTorrent that might be informative.
https://github.com/qbittorrent/qBittorrent/wiki
However, one would have to do a lot o reading to see if there is a potentiate with having the program installed but not active.

A quick search show that same think just having it on your PC is a potent ion problem.
Here is a key phrase that gets a lot of hits:
Will a torrent harm me?
Here is just one of many:
http://ask-leo.com/will_bittorrent_harm_my_computer.html
He says:
Quote

BitTorrent itself is highly unlikely to harm your computer.
However what you download using BitTorrent - well, that's a different story. Some caution is called for

However, BitTorrent is not the same program, but uses the protocol.
BTW, when I torrent, I like Vuze.
https://www.vuze.com/
It is among the best. Vuze got super-bloated and too filled with ads a few years back. Back in its azureus (sp?) days I used it, but...

(As in most things, wise use mitigates risks. My concern was its sudden asking for approval - not the dangers of the software's objectives - which is why I didn't lead with the type of application it was in the OP.)

Solve : Don't You Think It Gets Tired of Seeking Approval??

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment