Windows OS Hub
  • Windows
    • Windows 11
    • Windows Server 2022
    • Windows 10
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
  • PowerShell
  • Linux
  • Home
  • About

Windows OS Hub

  • Windows
    • Windows 11
    • Windows Server 2022
    • Windows 10
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
  • PowerShell
  • Linux

 Windows OS Hub / Windows 10 / UAC: This App Has Been Blocked for Your Protection on Windows 10

January 22, 2025

UAC: This App Has Been Blocked for Your Protection on Windows 10

Many users have noticed that when running or installing some programs in Windows 10, “This app has been blocked for your protection” error pops up and prevents normal running or installing the applications. Interestingly, the problem occurs not only with third-party exe or msi files, but also with standard Microsoft msc snap-ins, launched via mmc.exe. Thus, even a user with local administrator privileges cannot run or install such applications.

This app has been blocked for your protection

An administrator has blocked you from running this app. For more information, contact the administrator.

The error “This publisher has been blocked from running software on your machine” can also appear.

The Windows 10 User Account Control (UAC) blocks running/installing applications with an expired or revoked digital signature. You can verify this in the properties of the executable file on the Digital Signatures tab. Most likely the Code Signing certificate has already expired.

If you are sure that the application is safe and was received from a trusted source, you can bypass this notification and run/install the program. There are some ways to bypass it:

Contents:
  • Running the Application from the Elevated Command Prompt
  • Unblock a File Downloaded from the Internet
  • Removing Digital Signature from a File
  • Disabling UAC
  • Run an App Using the Built-in Windows Administrator Account
  • MMC.exe App Has Been Blocked for Your Protection

Running the Application from the Elevated Command Prompt

You can try to bypass this software restriction block by running the command prompt with the administrator privileges and starting the application there:

Run application from elevant cmd

Alternatively, you can create a bat/cmd file with the application launch string and run the batch file as an administrator.

Unblock a File Downloaded from the Internet

If you downloaded the executable file from the Internet, check if it is blocked by the Windows security system. To do this, open the file properties and set the “Unblock” checkbox.

It is also possible to unblock a file using PowerShell:
Unblock-File install_filename.exe

Removing Digital Signature from a File

You can try to remove the code digital signature of a setup file (for example, using a third-party FileUnsigner tool).

Disabling UAC

As far as it is the UAC system that blocks running an application, it can be temporarily disabled.

Important. The UAC is an important Windows protection feature, which is why UAC can only be turned off temporarily. After the application is installed, go back to the default UAC settings.

You can disable UAC through Group Policies. UAC GPO settings are located under Windows Settings -> Security Settings -> Security Options section. The names of the UAC policies start from User Account Control. Open the option “User Account Control: Run all administrators in Admin Approval Mode” and set it to Disable. gpo disable uac admin approval mode for apps

To update the Group Policy settings, you need to restart your computer.

Note. The Local Group Policies Editor (gpedit.msc) is missing in Windows 10 Home editions. 

It is much more convenient and easier to turn off UAC through the registry. To do it, go to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System in the Registry Editor (regedit.exe) and change EnableLUA value to 0.

disable user account control via EnableLUA registry parameter

Or run this command:
reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f

To turn User Account Control off, the system will require to restart the computer:

You must restart your computer to turn off User Account Control

Try to install the blocked application. In case of success, enable UAC back by setting the EnableLUA value to 1.

Run an App Using the Built-in Windows Administrator Account

If no of the previous methods helped, you can try to run/install the application with the built-in administrator account. There is no UAC for this account. How to enable the built-in Windows 10 administrator account is described here.

MMC.exe App Has Been Blocked for Your Protection

In some cases, Windows 10 may start blocking the launch of built-in Windows tool and programs. For example, mmc.exe program, through which run all Microsoft msc snap-ins (gpedit.msc, compmgmt.msc, services.msc, secpol.msc, devmgmt.msc, etc.).

mmc.exe error then launchin msc console: uac this app has been blocked for your protection

Try to run the Process Explorer and add the Verified Signer column. Most likely, in front of the applications, you will see the caption “No signature was present on the subject Microsoft Corporation”.

windows native exe processes with the caption No signature was present on the subject Microsoft Corporation

First of all, make sure that your Windows contains up-to-date root certificates. Update them if necessary.

Another possible problem is errors in Cryptographic Services. Make sure the CryptSvc service is running and configured to start automatically.

configure cryptsvc service to startup automatically

You can recreate the Cryptographic Service EDB database file with the following PowerShell commands:

Stop-Service cryptsvc
Rename-Item -Path "C:\Windows\System32\catroot2" -NewName catroot2.old
Restart-Computer

If all the described methods didn’t help, try to check and restore the integrity of Windows system files with the commands:

Sfc.exe /scannow
Dism.exe /Online /Cleanup-Image /Restorehealth

4 comments
7
Facebook Twitter Google + Pinterest
Windows 10Windows Server 2016
previous post
How to Unlock a File Locked by Any Process or SYSTEM?
next post
Hosting Multiple Websites in IIS with Same Port and IP Address

Related Reading

How to Repair Windows Boot Manager, BCD and...

March 11, 2024

PowerShell: Get Folder Size on Windows

April 2, 2024

Fix: The Computer Restarted Unexpectedly or Encountered an...

May 16, 2024

Fixing “Winload.efi is Missing or Contains Errors” in...

March 16, 2024

How to Download Offline Installer (APPX/MSIX) for Microsoft...

March 12, 2024

Windows Doesn’t Automatically Assign Drive Letters

March 15, 2024

How to Clean Up System Volume Information Folder...

March 17, 2024

Protecting Remote Desktop (RDP) Host from Brute Force...

February 5, 2024

4 comments

Sagar December 2, 2015 - 5:20 am

This problem occurs most of the time in windows 10. 

Reply
mukesh June 29, 2016 - 12:49 pm

I had same problem, created .cmd file with the commands, so whenever i have to run the exe i just run the .cmd file as administrator, 😉 problem solved

Reply
Tiger April 17, 2023 - 11:31 am

thank you!

Reply
jackPot8 August 11, 2016 - 11:24 pm

There is an easy solution try to install it as TrustedInstaller , download the file 
http://www.sordum.org/9416/powerrun-v1-0-run-as-trustedinstaller/
and run it , close the Application and edit the .ini file like this:
TargetApp=cmd.exe
run it again and it will run the cmd as TrustedInstaller privileges now install your software over Cmd

Reply

Leave a Comment Cancel Reply

join us telegram channel https://t.me/woshub
Join WindowsHub Telegram channel to get the latest updates!

Recent Posts

  • Map a Network Drive over SSH (SSHFS) in Windows

    May 13, 2025
  • Configure NTP Time Source for Active Directory Domain

    May 6, 2025
  • Cannot Install Network Adapter Drivers on Windows Server

    April 29, 2025
  • Change BIOS from Legacy to UEFI without Reinstalling Windows

    April 21, 2025
  • How to Prefer IPv4 over IPv6 in Windows Networks

    April 9, 2025
  • Load Drivers from WinPE or Recovery CMD

    March 26, 2025
  • How to Block Common (Weak) Passwords in Active Directory

    March 25, 2025
  • Fix: The referenced assembly could not be found error (0x80073701) on Windows

    March 17, 2025
  • Exclude a Specific User or Computer from Group Policy

    March 12, 2025
  • AD Domain Join: Computer Account Re-use Blocked

    March 11, 2025

Follow us

  • Facebook
  • Twitter
  • Telegram
Popular Posts
  • How to Repair EFI/GPT Bootloader on Windows 10 or 11
  • How to Restore Deleted EFI System Partition in Windows
  • Network Computers are not Showing Up in Windows 10/11
  • Install and Manage Windows Updates with PowerShell (PSWindowsUpdate)
  • How to Download Offline Installer (APPX/MSIX) for Microsoft Store App
  • Updating List of Trusted Root Certificates in Windows
  • Fix: Windows Cannot Connect to a Shared Printer
Footer Logo

@2014 - 2024 - Windows OS Hub. All about operating systems for sysadmins


Back To Top