[DigeratiPrime]

Most people new to Vista want to disable the UAC, User Account Control, prompts completely. Others will want to configure it to behave differently.

This guide will show you:

• An easy way to turn it on or off.
  
• How to configure the advanced settings.

1. An easy way to turn it on or off.
Open the Run window. Either Start>Run or press winkey+r
Goto the 'Tools' tab, Select Disable UAC, press Launch, Reboot.





2. If you want to configure the advanced settings:
Open Local Group Policy as Administrator, by creating a shortcut to 'gpedit.msc', then right click on it and select 'Run as Administrator'.
Expand 'Computer Configuration', 'Windows Settings', 'Security Settings', 'Local Policies', 'Security Options'. Scroll to the bottom.

[noguru]

Downside of method 2 is that it's not available for Vista Home users (basic and premium), these versions don't have a gpedit.msc. This leaves only option 1, to disable UAC. Not recommended I think. But there is a third option, Smart UAC:

http://www.replaceuac.com/

This is a UAC replacement, it works exactly the same as the original but offers more options including remembering your preferences. So now you only have to allow an application only once instead of every time again and again and...
It also has the option to scan for malware but this can be disabled in case you already have other software for that. It's free too. So use this, don't turn UAC off.

[Railman5]

i too was constantly annoyed by the incessent interuptions of User Account Control so i downloaded and installed the http://www.replaceuac.com/ utility recommended by noguru.

however i have uninstalled this as it was interfeering more than M$ UAC!!

[bledd]

use this instead

http://www.tweak-uac.com/download/

keeps the protection, but 'allows' most tasks in silent mode, safer than disabling

[Railman5]

Thanks Bledd

I'll give that a try

[DigeratiPrime]

I just watched the demo video on the Replace UAC website and I am somewhat alarmed. It shows two different imitation UAC popups (at 0:50 and 1:10) with Aero disabled to appear like it is coming from the secure desktop, without requesting elevation!


As for TweakUAC I think all that app does is set two GPOs shown in the Post #1 screenshot:
"Run all administrators in Admin Approval Mode" Enabled
"Behavior of the elevation prompt for administrators in Admin Approval Mode" Elevate without prompting


Also as for "keeps the protection" I am skeptical of the explanation on that page:

Quote

There is only one single "moment of truth" when it comes to malware getting unlimited access to your system, and it occurs when you attempt to run a program you have downloaded from an unknown web site

The screenshot shows a security warning because the installer does not have a Digital Signature; you will get a very similiar warning even with a Digital Signature. Most importantly you dont get that warning at all if it is not an installer, just download a binary, extract it if necessary and run it. Knowing whether or not that unsigned app wants to run in User or Admin mode then becomes very important.

I see a few ways that wont protect you:
You copy files from an external drive or network folder to your pc.
Your web browser is exploited and elevates without your consent to hijack your pc.

My biggest gripe with UAC is this bug: http://www.msfn.org/board/Hide-Administrat...ho-t120369.html

[shahed26]

Easiest way, is to just copy paste this code in notepad, and save with "reg" extension and merge.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000000

This post has been edited by shahed26: 26 September 2008 - 08:48 PM

[MikeyHunt]

There's a quick way you can enable or disable this annoying UAC 'feature' from the command line:

Disable UAC

C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f

Enable UAC

C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 1 /f

After you enable or disable UAC, you will have to reboot your computer for the changes to take effect.

This post has been edited by MikeyHunt: 05 May 2009 - 10:04 PM