Block an Application or .EXE from Running in Windows

As a system administrator, you may have come across users misusing different types of applications on a network computer, which could cause harm to the system. If you are looking for ways to block applications or files, there may be a few options at your disposal.

Steps

Using Group Policy Editor

1. Check your Windows version. If you are using a Professional version of Windows, use the Group Policy Editor to list applications that will be allowed. Similarly, you can apply the same procedure to block applications that are not allowed on the system network. This is a powerful tool with several features including the ability to control or block applications depending on your policies. It is advisable to back up all your data, in case something goes awry.
2. Click on the Start menu.
3. Type the text "gpedit.msc" into the search box. Hit the Enter button to search.
4. Expand User Configuration once you are directed to Group Policy Editor. After this, expand Administrative Templates, then expand System. Under the Settings command, scroll down and double-click on one of two options:
   • If you want to restrict certain applications, click on “Run only specified Windows applications.” Proceed to step 4 if you choose this.
   • If you want to block some applications, click on “Don’t run specified Windows applications.” Proceed to step 5 if you choose this.
5. Enable “Run only specified Windows applications.” Then under Options, click on the Show button next to the list of allowed applications. A Show Contents box will open where you can type the applications that you want to allow users to run.
   • For example, you can type notepad.exe.
   • When you have completed the list, click OK and exit Group Policy Editor.
6. Enable “Don’t run specified Windows applications option.” After enabling this, click on Show>Add.
7. Type in the executable file name you want to block users from running.
   • For example, type iexplore.exe.
   • Once you are done with your list, click "OK" and exit Group Policy Editor.
   • If any user in the network now tries to access an application that is not in the specified list or has been blocked by you, they are likely to receive this message: “This operation has been cancelled due to restrictions in effect in this computer. Please contact your system administrator.”

Using Registry Hack

1. Check your version of Windows. If you are not using a Professional version of Windows, you can block applications from running using the registry hack technique. Please remember that a serious problem can occur if you do it incorrectly, so it is always advisable to back up your data prior to applying a registry hack.
2. Search through the registry and create a couple of keys. You can type Win+R combination on your keyboard to open regedit.exe and then type in the key given below:
   
   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
3. Generate a new 32-bit DWORD called DisallowRun. Do this in the right pane on the screen with the value being set at 1.
4. Create another key and call it DisallowRun. Do this on the left pane, under the Explorer key.
   • In case these keys do not exist, all you will have to do is right-click and create the keys that you want.
5. Create a series of String values, starting with 1. Do this on the right pane, just below the DisallowRun key.
   • Continuing in numerical order (so 1 will be followed by 2 and then 3 and so forth).
   • For example, if you want to block applications like Firefox and iTunes from running, you would need to add the keys like this:
     
     1 Firefox.exe
     2 itunes.exe
6. Restart your computer. The change will be in immediate effect when you try to run the application.
   • You will see a popup that is likely to say “This operation has been cancelled due to restrictions in effect in this computer. Please contact your system administrator.”

Using a Pre-Made Registry Hack

1. Open Notepad and paste in the below text.
   • Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
     “DisallowRun”=dword:00000001
     [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun]
     “1″=”anyapplication.exe”
     “2″=”anotherapplication.exe”
2. Amend the name of the application that you have listed in the file. Save this as AnyFileName.reg.
   • You have to make sure to end the name of the file in .reg so you can use it. Then you can double-click on the file.
   • It may be useful to keep in mind that the registry hack does not work for blocking items that run as services.
   • Most malware and spyware may abuse the built-in Windows rundll32 utility to run their services without utilizing an executable. This technique will not work for these kinds of services and applications.