I would like to help you get this resolved as quickly as possible. I will start with an overview of how the User Registration Solution Pack should be working so that you have a proper reference for it.
in the admin pages for the URSP you should be restricting access to any user that visits a page that has this toward the top of it:
<?php require_once( "../WA_SecurityAssist/Helper_PHP.php" ); ?>
This access restriction is also in place on the logout page, this is done so that if you are not logged in when you attempt to visit the logout page you will be prompted to login and none of the existing session variables will be deleted.
If you are logged in when you get to the logout page then you will pass the access restriction rule that is in place and go to the next set of code on the page. This code clears out the session variables. It is the presence of these session variables and their values that the access rules are based on. If the session variables are cleared then the rules that are checking them should fail to pass and not allow anyone access to the site.
It seems that your experience is differing from this one. If you can confirm yours is not working like this and that you can access all of the files in the admin regardless of weather or not the session variables are set I will open up a ticket for you on this issue so we can work this out further and exchange details in private. I don't think that your local testing server environment would be the cause of this. If things are not working as they should my first guess would be that the access rules that are being used are either not present or have been altered in some way. Please post back and let us know.