I like it. I did make one change to satisfy my OCD Code: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\*\shell\RunasNormalUser] @="Run as Normal User" [HKEY_CLASSES_ROOT\*\shell\RunasNormalUser\command] @=""C:\\Windows\\system32\\runas.exe" "/user:1" "/savecred" "%1"" Code:
This definitely looks much better for me Moreover, to keep things even and aesthetic: @="Run as normal user" Now I wonder how to tweak it to grab user account image to show left in "Run as normal user"
OK i changed it but i want to distinguish it from Run as administrator which is internal option i guess its possiable to make it with icon but how
@ lite8 & Mr.X, WinMount is what has the ability to edit the context menu. You will have to do some research but I am sure you can hide it. Worth a shot anyways. I recommend doing a backup before attempting just in case something goes wrong. You know how testing goes. lol Check these reg entries with WinMount... HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ShlExtMenu HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\ Edited: Its not on M$ store anymore...more details below.
Or you should be able to do it with group policy as well if only needing on your computer...if for others then you must edit the iso of course. Gpedit.msc and press enter. In the Group Policy window, browse to the User Configuration\Administrative Templates and highlight the System folder. In the System folder, double-click "Prevent access to the command prompt." Change the Setting to Enabled, then click Ok. If you need group policy for lets say win10 home which doesnt come with it, I got it to where you can install it in Win 10 home so end users can have access like in pro and enterprise (I used it when I had Win10 home but went back to Win8.1 because even though M$ says its compatible, HP said different for my configuration). Group Policy lets you turn off all the Telemetry bullsh*t. If you need it pm me. I feel like Santa Clause. lmao!
After more research, M$ and WinMount could not come to an agreement so its not added anymore. It was there for a little while. Guess M$ wanted the whole pie. Either way, its available for free on their website. I corrected myself. Will edit the above post.
any idea how to deny automatically the approval request when application asking for admin rights ? edit: Automatically deny Approval request from standard user [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=dword:00000000
Disabling UAC makes everything run with full access to the entire machine and defeats the entire purpose of what you're trying to achieve. Don't ever change the \exefile\shell\open key or you will very likely have major issues running applications... Create your own key instead. For example: "HKEY_CLASSES_ROOT\exefile\shell\lite8" with its own command subkey. What you can do instead is just use the compat layer override that forces the app to run without elevation. For example, if you wanted to run regedit.exe without administrative access you would do the following: 1. Open cmd.exe (without selecting Run As Administrator) 2. Type the following and press enter SET __COMPAT_LAYER=RunAsInvoker 3. Type regedit.exe and press enter 4. Regedit will open without generating the UAC prompt like it usually does. Regedit generally requires administrative access via a UAC prompt but the override disables this and makes regedit run as the standard user with read-only access to the registry. Here is a registry file I've used for some time: Code: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\exefile\shell\runwithcompat] @="Run as current user" [HKEY_CLASSES_ROOT\exefile\shell\runwithcompat\command] @="cmd.exe /c \"SET __COMPAT_LAYER=RunAsInvoker && \"%1\" %*" Just right-click and select "Run as current user" and you can use this to make any installers, programs, system utilities etc... that require UAC prompts to run as the current user instead.
thx for the reply. ."...without elevation": This condition is quiet easy for malware to pass there no enuf protection to run app without elevation UAC is annoying, its also main reason this idea came Also most of users just click yes without know what they running, or disabling it Pls read the info in the link run as normal user can block up to 96% malware if system is patched
anyway to revert to default ? I didn't expect all my applications to run as user. Only wanted specific application to run as user
yea open regedit as administrator search exefile go to open remove the runas... from the key use this method to just run one app as user Step2 - IE lets change the shortcut of internet explorer to run always as normal user right click on the shortcut and properties change the target to C:\Windows\System32\runas.exe /user:1 /savecred "C:\Program Files\Internet Explorer\iexplore.exe" backup.reg - restore to old settings Code: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*" "IsolatedCommand"="\"%1\" %*"