It's the other way around @Umbra, You made a mistake. (ConsentPromptBehaviorAdmin) adds UAC password prompt and (ValidateAdminCodeSignatures) blocks unsigned processes/programs. Just tested it. 
Please provide comments and solutions that are helpful to the author of this topic.
- Jun 9, 2013
- 6,720
- Sep 22, 2014
- 1,767
Updated the "system tweaks" section by adding @ParaXY 's tweaks
- Oct 1, 2016
- 310
- Apr 1, 2017
- 1,782
- Sep 22, 2014
- 1,767
Is it possible to make some kinda whitelist or something similar with this reg tweak?
I have some portable app who are unsigned and can't run with this tweak (accept change that tweak everytime).
- Dec 23, 2014
- 8,510
No whitelisting possibility. You can run unsigned application using several ways:
- via scheduled task trick (works only on admin account and run the program elevated);
- using the bat files to deactivate/activate this feature via the Registry;
- writing a simple loader script in powerhell or Windows Script Host.
- running first, the signed file manager as administrator (Total Commander), and using it to run portable applications (they will be run elevated without UAC prompt).
Last edited:
- Jul 6, 2017
- 2,392
Very good, Some adjustments already I make them. for a long time but this guide is very good, Thank you.
- Apr 1, 2017
- 1,782
- Dec 23, 2014
- 8,510
They are easily accessible, for example :
Download Group Policy Settings Reference for Windows and Windows Server from Official Microsoft Download Center
https://msdnshared.blob.core.windows.net/media/2017/08/Windows-10-RS2-Security-Baseline-FINAL.zip
But, not many policies are usable for home computers. The most usable are (will be) included in Hard_Configurator.
Edit 1
Edited the link. Open the zip file and look into Documentation folder. Before applying any policy, gogle some info about it.
Edit 2
Manual reg tweaks are recommended only for experienced users, you can easily break your system. Personally, I use Shadow Defender, when testing reg tweaks.
Download Group Policy Settings Reference for Windows and Windows Server from Official Microsoft Download Center
https://msdnshared.blob.core.windows.net/media/2017/08/Windows-10-RS2-Security-Baseline-FINAL.zip
But, not many policies are usable for home computers. The most usable are (will be) included in Hard_Configurator.
Edit 1
Edited the link. Open the zip file and look into Documentation folder. Before applying any policy, gogle some info about it.
Edit 2
Manual reg tweaks are recommended only for experienced users, you can easily break your system. Personally, I use Shadow Defender, when testing reg tweaks.
Last edited:
- Apr 1, 2017
- 1,782
- Dec 23, 2014
- 8,510
- Apr 1, 2017
- 1,782
- Dec 23, 2014
- 8,510
Added the second useful link, to my previous post.I see thank you
- Sep 22, 2014
- 1,767
Can you make that .bat file for me, please?
EDIT:
Can I make a quick reg files for change, like this?
Enable.reg:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ValidateAdminCodeSignatures"=dword:00000001
Disable.reg:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ValidateAdminCodeSignatures"=dword:00000000
Last edited:
- Dec 23, 2014
- 8,510
Similar threads
- Charlie Bell
- Microsoft Defender