ca etrust uac

I'm using that beta of CA antivirus. When I log in I have to do two UAC approvals to get it loaded. I know how to turn off the whole UAC kit-and-caboodle through Local Security Policy to avoid that. But I'm wondering if there's a way to leave UAC on and just eliminate those approvals for CA ETrust AV.

I'm afraid not really - you can tweak it a little bit but every time that the system needs administrative privaliges, it'll come up.
Here's how to tweak it so if you're an admin, it shouldn't show up: http://www.vistabase.co.uk/welcome.php?subcats/security/whatisuac
-- Zack Whittaker » ZackNET Enterprises: www.zacknet.co.uk » MSBlog on ResDev: www.msblog.org » Vista Knowledge Base: www.vistabase.co.uk » This mailing is provided "as is" with no warranties, and confers no rights. All opinions expressed are those of myself unless stated so, and not of my employer, best friend, Ghandi, my mother or my cat. Glad we cleared that up!
--: Original message follows :-- "Alan Simpson" wrote in message

I'm using that beta of CA antivirus. When I log in I have to do two UAC approvals to get it loaded. I know how to turn off the whole UAC kit-and-caboodle through Local Security Policy to avoid that. But I'm wondering if there's a way to leave UAC on and just eliminate those approvals for CA ETrust AV.

Nope... there's no Whitelist for UAC (yet, if at all).
ON a related note, if you don't press anything for the UAC prompt (i boot the PC, then return about 10 mins later to actually use it) then the prompt automatically disappears and the application never loads. I, for one, would like a default action/whitelist feature in Vista's UAC system -- but any "list" is prone to virus/rootkit/etc attacks.
- naseru
"Alan Simpson" wrote in message

I'm using that beta of CA antivirus. When I log in I have to do two UAC approvals to get it loaded. I know how to turn off the whole UAC kit-and-caboodle through Local Security Policy to avoid that. But I'm wondering if there's a way to leave UAC on and just eliminate those approvals for CA ETrust AV.

turn off uac for administrators.. 1. start / run (window key + r) 2. secpol.msc 3. in the security policy you find UAC settings, one of them is "run all administrators in built in admin approval mode" or somethink similar..use DISABLED option! 4. restart and enjoy;P
-- Please rate this! Best Regards Laszlo Dobos

Surely this defeats the whole point of what they are trying to do with securing default user accounts?!!?
There should as another poster mentioned be something like a whitelist or an application signing so that this elevation of priviledges is done without user intervention - as it is a pain having to do this on every reboot.
Maybe also this is an issue with EZ Antivirus that will be dealt with in due course....has anyone contacted CA?
"Laszlo Dobos" wrote:

turn off uac for administrators.. 1. start / run (window key + r) 2. secpol.msc 3. in the security policy you find UAC settings, one of them is "run all administrators in built in admin approval mode" or somethink similar..use DISABLED option! 4. restart and enjoy;P
-- Please rate this! Best Regards Laszlo Dobos

What is worse is that if you do not OK the prompt i.e. you wander off whilst your PC is booting, etc. then the prompt just disppears after 30 odd seconds and the program does not run......I guess (have not checked yet) that the services are running and that it is just the system tray utils that are not working if the prompt times out, otherwise the implications of unprotected or not updated machines is kinda scary.....
....maybe this is just beta noise that will be resolved anyways...
"billh" wrote:

I agree as if you log in as a standard user you have to put in an admin password. I know this is still a beta but if it is in the finale what will I have to every time my kid wants to use the computer run up and put in my password so that Anti virus will work?
Chrismoo wrote: Surely this defeats the whole point of what they are trying to do with securing default user accounts?!!?
There should as another poster mentioned be something like a whitelist or an application signing so that this elevation of priviledges is done without user intervention - as it is a pain having to do this on every reboot.
Maybe also this is an issue with EZ Antivirus that will be dealt with in due course....has anyone contacted CA?
"Laszlo Dobos" wrote:
turn off uac for administrators.. 1. start / run (window key + r) 2. secpol.msc 3. in the security policy you find UAC settings, one of them is "run all administrators in built in admin approval mode" or somethink similar..use DISABLED option! 4. restart and enjoy;P
-- Please rate this! Best Regards Laszlo Dobos

I agree as if you log in as a standard user you have to put in an admin password. I know this is still a beta but if it is in the finale what will I have to every time my kid wants to use the computer run up and put in my password so that Anti virus will work?
Chrismoo wrote:

Surely this defeats the whole point of what they are trying to do with securing default user accounts?!!?
There should as another poster mentioned be something like a whitelist or an application signing so that this elevation of priviledges is done without user intervention - as it is a pain having to do this on every reboot.
Maybe also this is an issue with EZ Antivirus that will be dealt with in due course....has anyone contacted CA?
"Laszlo Dobos" wrote:
turn off uac for administrators.. 1. start / run (window key + r) 2. secpol.msc 3. in the security policy you find UAC settings, one of them is "run all administrators in built in admin approval mode" or somethink similar..use DISABLED option! 4. restart and enjoy;P
-- Please rate this! Best Regards Laszlo Dobos

I know I'm late to this thread, but if you're watching it, I have some answers for you, since I see nothing was answered 100%.
It is just the tray icons that won't get loaded and if you want to keep UAC running but don't want to see the promts, simply disable CIVRID.exe and CAVTray.exe.
I'm not 100% sure if the auto-update for CAV continues to work without the CAVTray.exe running. Just keep an eye on that (Windows Security Center should let you know if your definitions get out of date anyway).
You do still have full protection though, if you want to see for yourself simply go to http://eicar.com/ and try to download the test file. EZ Antivirus has a FIT! :-) Just like it's supposed to.
Mic
"Chrismoo" wrote in message

What is worse is that if you do not OK the prompt i.e. you wander off whilst your PC is booting, etc. then the prompt just disppears after 30 odd seconds and the program does not run......I guess (have not checked yet) that the services are running and that it is just the system tray utils that are not working if the prompt times out, otherwise the implications of unprotected or not updated machines is kinda scary.....
...maybe this is just beta noise that will be resolved anyways...
"billh" wrote:
I agree as if you log in as a standard user you have to put in an admin password. I know this is still a beta but if it is in the finale what will I have to every time my kid wants to use the computer run up and put in my password so that Anti virus will work?
Chrismoo wrote: Surely this defeats the whole point of what they are trying to do with securing default user accounts?!!?
There should as another poster mentioned be something like a whitelist or an application signing so that this elevation of priviledges is done without user intervention - as it is a pain having to do this on every reboot.
Maybe also this is an issue with EZ Antivirus that will be dealt with in due course....has anyone contacted CA?
"Laszlo Dobos" wrote:
turn off uac for administrators.. 1. start / run (window key + r) 2. secpol.msc 3. in the security policy you find UAC settings, one of them is "run all administrators in built in admin approval mode" or somethink similar..use DISABLED option! 4. restart and enjoy;P
-- Please rate this! Best Regards Laszlo Dobos

You are right as it is the services that are important and run in the background. I too wonder about the updates though(!)
Tons of people seem to be turning off the UAC warnings which completely defeats the object of the new functionality - it also stops Microsoft and app developers knowing about problems with their apps which have privilege escalation when they might be able to fix it.

"Michael Palumbo" wrote:

I know I'm late to this thread, but if you're watching it, I have some answers for you, since I see nothing was answered 100%.
It is just the tray icons that won't get loaded and if you want to keep UAC running but don't want to see the promts, simply disable CIVRID.exe and CAVTray.exe.
I'm not 100% sure if the auto-update for CAV continues to work without the CAVTray.exe running. Just keep an eye on that (Windows Security Center should let you know if your definitions get out of date anyway).
You do still have full protection though, if you want to see for yourself simply go to http://eicar.com/ and try to download the test file. EZ Antivirus has a FIT! :-) Just like it's supposed to.
Mic
"Chrismoo" wrote in message What is worse is that if you do not OK the prompt i.e. you wander off whilst your PC is booting, etc. then the prompt just disppears after 30 odd seconds and the program does not run......I guess (have not checked yet) that the services are running and that it is just the system tray utils that are not working if the prompt times out, otherwise the implications of unprotected or not updated machines is kinda scary.....
...maybe this is just beta noise that will be resolved anyways...
"billh" wrote:
I agree as if you log in as a standard user you have to put in an admin password. I know this is still a beta but if it is in the finale what will I have to every time my kid wants to use the computer run up and put in my password so that Anti virus will work?
Chrismoo wrote: Surely this defeats the whole point of what they are trying to do with securing default user accounts?!!?
There should as another poster mentioned be something like a whitelist or an application signing so that this elevation of priviledges is done without user intervention - as it is a pain having to do this on every reboot.
Maybe also this is an issue with EZ Antivirus that will be dealt with in due course....has anyone contacted CA?
"Laszlo Dobos" wrote:
turn off uac for administrators.. 1. start / run (window key + r) 2. secpol.msc 3. in the security policy you find UAC settings, one of them is "run all administrators in built in admin approval mode" or somethink similar..use DISABLED option! 4. restart and enjoy;P
-- Please rate this! Best Regards Laszlo Dobos

I replied to another post about this issue, but expanded this same answer to state that I JUST installed EZAV and I'll be watching the updates.
I'd already know the answer, but it took me hours to figure out that it was Microsoft's free MPEG2 decoder that was locking up my system every 5 minutes. (I just installed Vista Public Beta 2, I'm not an 'official' beta tester) so I'll post to let everyone know about the updates.
I remember with earlier versions of EZAV when you would choose 'exit' for the tray icon it would warn you that it couldn't update itself if that program wasn't running. You no longer get that warning (nor in XP) so I'm hoping they have built the updater into the service instead of relying on the CAVTray program.
I guess I'll find out in time if Windows screams, "YOUR ANTI-VIRUS IS OUT OF DATE!!!!! DUMB-ASS!!!" ;-)
I agree too about the UAC warning. Sure they can be a PITA, but I'd rather have to click a button to do something system wide (or system altering) than just have anything do what it wants. Sure if you have kids running as standard user and they want to install that new game you have to do it for them, or at least be there to type in the password, but hey, better that than having Junior go to some web page because he wants to see boobs and have it install some Trojan because UAC was turned off . . . you just KNOW he's going to say 'yes' to that ActiveX control it wants to install, "THIS SITE HAS BOOBIES!!!", but with UAC he needs a password and I doubt he's going to ask you to come type it in in that situation. ;-)
It's funny isn't it? People have complained for years about how horrible security is in Windows XP, and MANY of these people complaining are using Linux/BSD and praise the fact that they are asked permission every time something needs system access . . . but when Microsoft does the same thing (okay, it asks more often than Linux) people balk because "it's so inconvenient!"
Cake/eat it too, can't have it both ways people. Want convenience? Go back to Windows XP or turn off the much needed security in Vista. Just make sure you're running AV and about 3 other malware detectors.
Want proper security? Live with the prompts.
Mic
"Chrismoo" wrote in message

You are right as it is the services that are important and run in the background. I too wonder about the updates though(!)
Tons of people seem to be turning off the UAC warnings which completely defeats the object of the new functionality - it also stops Microsoft and app developers knowing about problems with their apps which have privilege escalation when they might be able to fix it.

"Michael Palumbo" wrote:
I know I'm late to this thread, but if you're watching it, I have some answers for you, since I see nothing was answered 100%.
It is just the tray icons that won't get loaded and if you want to keep UAC running but don't want to see the promts, simply disable CIVRID.exe and CAVTray.exe.
I'm not 100% sure if the auto-update for CAV continues to work without the CAVTray.exe running. Just keep an eye on that (Windows Security Center should let you know if your definitions get out of date anyway).
You do still have full protection though, if you want to see for yourself simply go to http://eicar.com/ and try to download the test file. EZ Antivirus has a FIT! :-) Just like it's supposed to.
Mic
"Chrismoo" wrote in message What is worse is that if you do not OK the prompt i.e. you wander off whilst your PC is booting, etc. then the prompt just disppears after 30 odd seconds and the program does not run......I guess (have not checked yet) that the services are running and that it is just the system tray utils that are not working if the prompt times out, otherwise the implications of unprotected or not updated machines is kinda scary.....
...maybe this is just beta noise that will be resolved anyways...
"billh" wrote:
I agree as if you log in as a standard user you have to put in an admin password. I know this is still a beta but if it is in the finale what will I have to every time my kid wants to use the computer run up and put in my password so that Anti virus will work?
Chrismoo wrote: Surely this defeats the whole point of what they are trying to do with securing default user accounts?!!?
There should as another poster mentioned be something like a whitelist or an application signing so that this elevation of priviledges is done without user intervention - as it is a pain having to do this on every reboot.
Maybe also this is an issue with EZ Antivirus that will be dealt with in due course....has anyone contacted CA?
"Laszlo Dobos" wrote:
turn off uac for administrators.. 1. start / run (window key + r) 2. secpol.msc 3. in the security policy you find UAC settings, one of them is "run all administrators in built in admin approval mode" or somethink similar..use DISABLED option! 4. restart and enjoy;P
-- Please rate this! Best Regards Laszlo Dobos

It is funny how people complain :-) The UAC will be tuned and there are fixes for apps on the way from what I read by the way of 'Shims' that patch the redirects for elevated priviledges, etc.
The release candidate and final release will be better I am sure....but it seems no worse than running say Zonealarm, etc.... prompt prompt prompt!!

"Michael Palumbo" wrote:

I replied to another post about this issue, but expanded this same answer to state that I JUST installed EZAV and I'll be watching the updates.
I'd already know the answer, but it took me hours to figure out that it was Microsoft's free MPEG2 decoder that was locking up my system every 5 minutes. (I just installed Vista Public Beta 2, I'm not an 'official' beta tester) so I'll post to let everyone know about the updates.
I remember with earlier versions of EZAV when you would choose 'exit' for the tray icon it would warn you that it couldn't update itself if that program wasn't running. You no longer get that warning (nor in XP) so I'm hoping they have built the updater into the service instead of relying on the CAVTray program.
I guess I'll find out in time if Windows screams, "YOUR ANTI-VIRUS IS OUT OF DATE!!!!! DUMB-ASS!!!" ;-)
I agree too about the UAC warning. Sure they can be a PITA, but I'd rather have to click a button to do something system wide (or system altering) than just have anything do what it wants. Sure if you have kids running as standard user and they want to install that new game you have to do it for them, or at least be there to type in the password, but hey, better that than having Junior go to some web page because he wants to see boobs and have it install some Trojan because UAC was turned off . . . you just KNOW he's going to say 'yes' to that ActiveX control it wants to install, "THIS SITE HAS BOOBIES!!!", but with UAC he needs a password and I doubt he's going to ask you to come type it in in that situation. ;-)
It's funny isn't it? People have complained for years about how horrible security is in Windows XP, and MANY of these people complaining are using Linux/BSD and praise the fact that they are asked permission every time something needs system access . . . but when Microsoft does the same thing (okay, it asks more often than Linux) people balk because "it's so inconvenient!"
Cake/eat it too, can't have it both ways people. Want convenience? Go back to Windows XP or turn off the much needed security in Vista. Just make sure you're running AV and about 3 other malware detectors.
Want proper security? Live with the prompts.
Mic
"Chrismoo" wrote in message You are right as it is the services that are important and run in the background. I too wonder about the updates though(!)
Tons of people seem to be turning off the UAC warnings which completely defeats the object of the new functionality - it also stops Microsoft and app developers knowing about problems with their apps which have privilege escalation when they might be able to fix it.

"Michael Palumbo" wrote:
I know I'm late to this thread, but if you're watching it, I have some answers for you, since I see nothing was answered 100%.
It is just the tray icons that won't get loaded and if you want to keep UAC running but don't want to see the promts, simply disable CIVRID.exe and CAVTray.exe.
I'm not 100% sure if the auto-update for CAV continues to work without the CAVTray.exe running. Just keep an eye on that (Windows Security Center should let you know if your definitions get out of date anyway).
You do still have full protection though, if you want to see for yourself simply go to http://eicar.com/ and try to download the test file. EZ Antivirus has a FIT! :-) Just like it's supposed to.
Mic
"Chrismoo" wrote in message What is worse is that if you do not OK the prompt i.e. you wander off whilst your PC is booting, etc. then the prompt just disppears after 30 odd seconds and the program does not run......I guess (have not checked yet) that the services are running and that it is just the system tray utils that are not working if the prompt times out, otherwise the implications of unprotected or not updated machines is kinda scary.....
...maybe this is just beta noise that will be resolved anyways...
"billh" wrote:
I agree as if you log in as a standard user you have to put in an admin password. I know this is still a beta but if it is in the finale what will I have to every time my kid wants to use the computer run up and put in my password so that Anti virus will work?
Chrismoo wrote: Surely this defeats the whole point of what they are trying to do with securing default user accounts?!!?
There should as another poster mentioned be something like a whitelist or an application signing so that this elevation of priviledges is done without user intervention - as it is a pain having to do this on every reboot.
Maybe also this is an issue with EZ Antivirus that will be dealt with in due course....has anyone contacted CA?
"Laszlo Dobos" wrote:
turn off uac for administrators.. 1. start / run (window key + r) 2. secpol.msc 3. in the security policy you find UAC settings, one of them is "run all administrators in built in admin approval mode" or somethink similar..use DISABLED option! 4. restart and enjoy;P
-- Please rate this! Best Regards Laszlo Dobos