Windows 7 – manage jump list and require password for run as admin :)
I wanted to log my findings in keeping programs, files etc secure and hidden from just anyone who may stumble on an open work session 
My goal was to allow a browser session to remain open, and to open recent session when executing the program from cold start. I do not want the recent items to list in the Jump List in Start Menu. I do not want just anyone who has access to my PC to execute this session w/o password first. This is my solution.
I am running Windows 7 Home Premium…
Problem: Recent used programs show a sub-list of opened documents and files called Jump List: Disable
This was tricky to find, but once I had the instructions I figured it out.
- The thread that was most useful: Jump List History location?
- For my solution I was trying to disable the jump list for a single program, a web browser; Open windows explorer and paste %AppData%\Microsoft\Windows\Recent\CustomDestinations
- Ensure the program you want to modify in the jump list is NOT RUNNING
- Cut and paste ALL the custom entries into another folder (unless you don’t care to loose wanted jump lists)
- Now %AppData%\Microsoft\Windows\Recent\CustomDestinations should be EMPTY
- Run the said program you wish to disable in jump lists – be sure you don’t run or access files for any other program while you are applying this work-around.
- Refresh the location %AppData%\Microsoft\Windows\Recent\CustomDestinations (use f5)
- Now the files that appear are related to said program.
- Right click and access Properties.
- Select the Security tab
- Select your user profile
- Click the Edit button (to change permissions)
- Tick deny in the boxes for Read & execute as well as Read.
- Click Apply.
- Test your settings
Now your program will not display a jump list.
Problem: Limit access to program by requiring password (no third party apps)
This was tricky as well and with Windows 7 Home Premium you must edit a registry entry.
NOTE: You must right click the program and select properties, compatibility tab and tick the box under Privledge Level for Run this program as an Administrator. This work-around will require ALL request for admin elevation to enter the Admin password.
- The thread that was most useful: Changing how UAC works (the hard way)
- Go to Start, type regedit in your Run/Search bar in the bottom.
- Access the registry entries for HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
- Open ConsentPromptBehaviorAdmin, change this value to 1 (prompt for credentials). 0=elevate w/o prompt, 2=prompt for consent.
- Save the entry.
- Test your settings
Now your program will prompt for a password.
My links that helped resolve:
- http://social.technet.microsoft.com/Forums/en/w7itprogeneral/thread/92b90228-2f08-4558-9c4d-6e66e103a5cf
- http://technet.microsoft.com/en-us/library/cc709691(WS.10).aspx
- http://social.technet.microsoft.com/Forums/en/w7itprosecurity/thread/6d71c2ed-3aff-4824-b5a7-31054615401d
- http://social.technet.microsoft.com/forums/en-US/itprovistanetworking/thread/39ce6649-c081-4560-9c07-707623286572/
- http://sourcedaddy.com/windows-7/changing-how-uac-works-the-hard-way.html