“This Program Is Blocked by Group Policy” error, usually is a security restriction in windows PC that prevents certain applications from running due to system policies. This error prevents launching specific programs, including security tools, system utilities, or even essential applications. Well, it usually occurs when Software Restriction Policies (SRP) or AppLocker rules are configured to block applications, but it can also be caused by third-party security software, corrupt Windows registry entries, or leftover policies from a previous domain setup. However this issue can be resolved by modifying group policies, adjusting registry settings, disabling security restrictions, or removing malware that may have enforced the block. Lets explorer how to This Program Is Blocked by Group Policy error on windows PC

This Program Is Blocked by Group Policy error.

The error message “This program is blocked by group policy” usually means that a system administrator has configured settings to prevent the execution or installation of specific software or actions on your computer. However, it can also appear on personal computers due to misconfigured group policies, outdated security settings, or malware infections.

  • Software Restriction Policies – Windows’ built-in group policies may block certain applications from running.
  • Third-Party Security Software – Some antivirus programs or security suites enforce policies that restrict program execution.
  • Registry Misconfigurations – Improper registry entries can prevent programs from launching.
  • Malware or Ransomware – Some viruses modify group policies to block security tools and prevent removal.
  • Leftover Group Policies – If your PC was previously part of a domain or organization, old group policies may still be active.

Perform a Clean Boot to Identify Conflicts

A clean boot helps determine if background applications or services are interfering. If the program runs after a clean boot, enabling services one by one can help identify the culprit.

  • Press Win + R, type msconfig, and press Enter.
  • Go to the Services tab and check Hide all Microsoft services.
  • Click Disable all and go to the Startup tab.
  • Click Open Task Manager, disable startup programs, and close Task Manager.
  • Click OK and restart your PC.

load selective Startup option

Disable the Software Restriction Policy

If the restriction was applied through Local Group Policy, removing it can allow the program to run by eliminating local restrictions that prevent execution.

  • Press Win + R, type gpedit.msc, and press Enter.
  • Navigate to Computer Configuration > Windows Settings > Security Settings > Software Restriction Policies.
  • If you see any policies listed under Additional Rules, right-click them and select Delete.
  • Close the Group Policy Editor and restart your PC.

 

Note: If the Software Restriction Policies section does not exist, it means no policy has been configured at this level, and you should try other solutions.

Check and Disable Third-Party Security Software

Some antivirus programs enforce policies that block applications. Many security suites, such as Norton, McAfee, or Bitdefender, include features that prevent unauthorized applications from running. If your program is being blocked, adjusting your antivirus settings may resolve the issue.

  • Open your antivirus or security software settings.
  • Look for any application control or program restriction features.
  • Temporarily disable them and check if the program runs.
  • If disabling the antivirus fixes the issue, consider adding the program to the exclusion list.

Scan for Malware and Ransomware

Some malware infections modify group policies to prevent security software from running. Running malware scans ensures that no malicious software is enforcing unwanted restrictions.

  • Open Windows Security (Win + I > Update & Security > Windows Security).
  • Click Virus & threat protection and select Full Scan.
  • Use third-party tools like Malwarebytes or HitmanPro to perform an additional malware scan.
  • If threats are detected, remove them and restart your PC.

If malware is detected, removing it should automatically restore access to your programs.

Disable AppLocker Rules (If Enabled)

AppLocker is mainly used in enterprise settings, but some users may have leftover rules affecting program execution. Removing these rules should allow blocked applications to run again.

  • Press Win + R, type gpedit.msc, and press Enter.
  • Navigate to Computer Configuration > Windows Settings > Security Settings > Application Control Policies > AppLocker.
  • Expand the categories (Executable Rules, Windows Installer Rules, etc.) and look for blocked programs.
  • Right-click the rules and select Delete.
  • Restart your PC and check if the issue is resolved.

Restart Group Policy Services

If group policy settings are stuck, restarting the service can help refresh group policy settings and resolve issues where policies are not updating correctly.

  • Press Win + R, type services.msc, and press Enter.
  • Scroll down and find Group Policy Client.
  • Right-click it and select Restart.
  • Restart your PC and try running the blocked program again.

Modify the Windows Registry

The Windows Registry stores group policy settings, and if any restriction was applied incorrectly, modifying it can remove policies blocking certain programs. However, be cautious when editing the registry—deleting the wrong keys can cause system instability. Always back up the registry before making changes.

Press Win + R, type regedit, and press Enter to open windows registry,

Nevigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers

  • Look for a key named “0” and delete it.
  • Restart your PC and try running the blocked program again.

In addition navigate to the following directory:

HKEY_CURRENT_USER > Software > Policies

In the left pane, locate and right-click on the Microsoft sub-key under the Policies registry key, click on Delete in the context menu and click on Yes in the resulting popup to confirm the action.

In the left pane of the Registry Editor, navigate to the following directory:

HKEY_CURRENT_USER > Software > Microsoft Windows > CurrentVersion

In the left pane, locate and right-click on the Group Policy Objects sub-key under the CurrentVersion registry key, click on Delete in the context menu and click on Yes in the resulting popup to confirm the action.

In the left pane of the Registry Editor, navigate to the following directory:

HKEY_CURRENT_USER > Software > Microsoft Windows > CurrentVersion

Delete policy keys

In the left pane, locate and right-click on the Policies sub-key under the CurrentVersion registry key, click on Delete in the context menu and click on Yes in the resulting popup to confirm the action. That’s All Now Close the Registry Editor, and Restart the computer.

Disable Symantec Endpoint Protection

Also, Some Users Report Disable Symantec Endpoint protection help them to fix the application blocked by group policy issue. Symantec Endpoint Protection is an Application and Device Control function where there is a setting to Block All Programs from running from removable media. Now Symantec edits the registry in order to block programs which explains why users see a generic Windows error rather than from Symantec itself.

Launch the Symantec Endpoint Protection Manager -> navigate to Application and Device
Control -> on left-hand menu click on Application Control. Here Make sure to uncheck “Block programs from running from removable drives.“ Save changes and close Symantec Endpoint Protection Manager. Now Reboot your PC  and check the issue resolved.

Create a New User Account

If all Above methods failed to fix the issue, Then Create A new User account, With Fresh Users profile check the issue get resolved or not. To Create a new user account open Settings -> Accounts -> Family & other people tab -> click Add someone else to this PC under Other people.

Now Click I don’t have this person’s sign-in information at the bottom and select Add a user without a Microsoft account at the bottom.

Add Someone on this PC

Type the username and password for the new account, click Next and finish. Then after Sign in with this new user account check there is no more This Program Is Blocked by Group Policy Error while running applications. That means the problem with old users Account settings or the user profile get corrupted. Anyway transfer your files to new account and delete the old account in order to complete the transition to this new account.

Remove the Domain Group Policy From Machine

You Are Reading this means still your problem not resolved. If your machine is on a Domain network and you are getting This Program Is Blocked by Group Policy, Then we are going to remove the Domain Group policy form the machine. To Do this open Windows Registry Editor by press win + R, Type Regedit and hit enter. Then navigate to the following key.

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft

Here select Microsoft folder, right-click on it and select Delete.

Next Similarly, navigate to the following :

Computer\HKEY_CURRENT_USER\Software\Policies\Microsoft

Right-click on Microsoft folder and select Delete.

After That navigate to bellow keys and delete Group Policy and Policies keys.

Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy

Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies

Remove the Domain Group Policy From Machine

That’s All Now close Registry Editor and reboot your PC to take effect the save changes. After That check, i hope there is no more Program or Application Block Error.

3
Robeg
Robeg
I am Robeg founder of this blog. My qualification. completed Bachelor of Arts (BA) and Microsoft Certified Professional (MCP). With a strong background in computer applications love write articles on Microsoft Windows (11, 10, etc.) Cybersecurity, WordPress and more.

RELATED ARTICLESMORE FROM AUTHOR