Also if you have applied a password to VS, then when you try to elevate using "Run As Admin" VS will require a password before allowingWhen you knowingly bypass SRP with "Run as Admin", then VS running in AUTO-PILOT mode closes any "shoot in the foot" errors made by the user because it:
The Reg tweak adds the new element in Explorer context menu (right mouse click) due to:
[HKEY_CLASSES_ROOT\*\shell\Run with SmartScreen\command]
@="C:\\Windows\\RunAsSmartscreen.vbs \"%1\" %*"
So in my case I have portable apps in C directory, should I move them to documents or downloads?Blocking User Space execution and using portable programs don't work well together.
Yyou can only run them as Admin, while you want to run programs with the lowest rights possible.
By adding a folder in user space with execution rights you are putting a hole in your defense.
I installed Portable Firefox in User folder and Ran it as Admin, it works.
If Your portable programs do not update frequently the best way is to whitelist them by hash. Also, many portable applications work well in "Program Files" or "Program Files (x86)" - sometimes You need to change the folder where the application saves its settings etc. , because in above folders the Administrative Rights are needed.I put all my portable app in one folder and then set that folder to Unrestricted in SRP.
It looks good.I keep my portable app on a separate disk (not on C so I can have it when I reinstall Windows.
I know about that TEMP problem (Process Explorer, Zemana AM update...).
Whitelist by Hash don't know how to do that...???
I just try now (see picture) is like this OK?
View attachment 118032