Windows OS Hub
  • Windows
    • Windows 11
    • Windows 10
    • Windows Server 2025
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
    • Proxmox
  • PowerShell
  • Linux
  • Home
  • About

Windows OS Hub

  • Windows
    • Windows 11
    • Windows 10
    • Windows Server 2025
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
    • Proxmox
  • PowerShell
  • Linux

 Windows OS Hub / Windows 11 / This App Has Been Blocked for Your Protection in Windows

July 21, 2025

This App Has Been Blocked for Your Protection in Windows

When launching certain programs downloaded from the Internet, Windows may display an error message stating: This app has been blocked for your protection. When such an error occurs, the user, even if they have local administrator privileges, will be unable to install or run the application. This problem may occur with third-party EXE and MSI files, and in some cases, with built-in Windows *.msc snap-ins launched via MMC.exe.

User Account Control
This app has been blocked for your protection
An administrator has blocked you from running this app. For more information, contact the administrator.

Publisher: Unknown

UAC warning: this app blocked for your protection

This error may also look like this:

This publisher has been blocked from running software on your machine.

Contents:
  • Why Windows May Block an App from Running
  • Run the App from the Elevated Command Prompt
  • Removing Digital Signature from an Executable File
  • Permanently Disable UAC to Bypass Restrictions
  • Unblock a File Downloaded from the Internet
  • MMC.EXE: This App Has Been Blocked for Your Protection

Why Windows May Block an App from Running

User Account Control (UAC) in Windows prevents the execution of files with expired, revoked, invalid, or corrupted digital signatures, as well as those signed by certificates added to the Untrusted Certificates store

Information about the digital signature of an executable file can be viewed in the file properties on the Digital Signatures tab. Most likely, you will see that the Code Signing certificate has already expired, which means that the file will be blocked from running.

view exe file digital signature

You can also use the SigCheck utility to check a file’s digital signature information (the tool is available for download on the Microsoft website).

sigcheck.exe c:\users\sysops\Desktop\anvir.exe

In our case, the tool indicated that the certificate used to sign the file was found in the “Untrusted Certificates” store (the certificate can be added in this store by the administrator via GPO or by the user themselves).

sigcheck - get executable signature cert info

If you’re confident that the program is safe and was obtained from a trusted source, you can bypass the UAC security warning and proceed to run or install it. However, we still strongly recommend checking the executable file using the built-in Microsoft Defender’s antivirus with updated definitions and/or uploading the file to VirusTotal for scanning.

Run the App from the Elevated Command Prompt

The simplest way to run a blocked app is to run it from an elevated command prompt (running as an administrator. In this case, you don’t have to edit any Windows security settings.

  1. Open the CMD or PowerShell console in “Run as administrator” mode.
  2. In the File Explorer GUI, right-click on the executable file and select Copy as path.copy file to exe as path
  3. Right-click in the command prompt window to paste the file path into it and press Enter to run the file.
  4. This app launch method lets you bypass the UAC check of the file’s digital signature.cmd: run app as admin with bypass UAC sign check

If you need to run this application frequently, you can create a BAT or CMD script containing the program launch command and run it with administrator privileges.

Removing Digital Signature from an Executable File

A damaged or revoked digital signature from an executable (or setup) file can be removed using the third-party FileUnsigner tool.

  1. Download and run the File Unsigner tool (requires installation of .NET Framework 3.5)
  2. Open a command prompt. When you run the tool, specify the path to the file from which you want to remove the signature: FileUnsigner.exe "C:\Users\sysops\Desktop\anvir.exe"<
  3. If the digital signature is successfully removed from the file, the message “Successfully Unsigned” will appear. FileUnsigner.exe: remove exe file signature
  4. After this, you will be able to run the app without blocking it from launch by UAC (SmartScreen warnings may still appear).

Permanently Disable UAC to Bypass Restrictions

As far as it is the UAC blocks running an application, it can be temporarily disabled.

Important. The UAC system plays a crucial role in Windows security, so disabling it should only be a temporary measure. After installing the blocked program, return the UAC settings to the default. However, it’s better not to use this method at all. It’s more secure.

You can disable UAC using the local Group Policy Editor (gpedit.msc). The UAC GPO settings can be found in the Windows Settings -> Security Settings -> Security Options section.

Open the “User Account Control: Run all administrators in Admin Approval Mode” option and set it to Disable.

gpo disable uac admin approval mode for apps

Restart your computer update the Group Policy settings.

It is much more convenient and easier to disable UAC through the registry. To do it, open the Registry Editor (regedit.exe), navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System, and change the value of EnableLUA to 0.

disable user account control via EnableLUA registry parameter

Or run this command:
reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f

Windows will prompt you to restart the computer to turn User Account Control off.

You must restart your computer to turn off User Account Control

Try to install/run the blocked application. In case of success, turn UAC back on by setting the EnableLUA parameter value to 1.

Up to Windows 10 build 1709, it was possible to run a blocked program from a session of the built-in Windows administrator account because it was not affected by UAC policies. This method does not work in newer versions of Windows because the built-in administrator now also receives UAC prompts.

Unblock a File Downloaded from the Internet

If you downloaded an executable file from the Internet (or other untrusted source), check if it is blocked by the Windows Security subsystem. To do this, open the file’s properties and select the “Unblock” checkbox.

Or unblock an executable file using PowerShell:
Unblock-File install_filename.exe

MMC.EXE: This App Has Been Blocked for Your Protection

In some cases, Windows may start blocking the launch of built-in tools and programs. For example, you will be unable to run the MMC.exe program, which used to launch all Microsoft Management Console (MMC) consoles, such as gpedit.msc, compmgmt.msc, services.msc, secpol.msc, devmgmt.msc, etc.

mmc.exe error then launchin msc console: uac this app has been blocked for your protection

Try to run the Process Explorer and add the Verified Signer column. Most likely, you will see the words “No signature was present on the subject Microsoft Corporation” next to the most system process.

windows native exe processes with the caption No signature was present on the subject Microsoft Corporation

First, make sure your Windows contains up-to-date root certificates. Update the root certificates if necessary.

Another possible cause is errors in the operation of the Cryptographic Services. Verify that the CryptSvc service is running and is set to start automatically.

configure cryptsvc service to startup automatically

The Cryptographic Service database may be corrupted, but you can safely rebuild it using the following PowerShell commands:

Stop-Service cryptsvc
Rename-Item -Path "C:\Windows\System32\catroot2" -NewName catroot2.old
Restart-Computer

If none of the described methods helped, try using the following commands to check and restore the system files in the Windows image:

Sfc.exe /scannow
Dism.exe /Online /Cleanup-Image /Restorehealth

4 comments
7
Facebook Twitter Google + Pinterest
Windows 10Windows 11Windows Server 2022
previous post
How to Unlock a File Locked by Any Process or SYSTEM?
next post
Hosting Multiple Websites in IIS with Same Port and IP Address

Related Reading

How to Repair Windows Boot Manager, BCD and...

March 11, 2024

PowerShell: Get Folder Size on Windows

April 2, 2024

Fix: The Computer Restarted Unexpectedly or Encountered an...

May 16, 2024

How to Download Offline Installer (APPX/MSIX) for Microsoft...

March 12, 2024

Windows Doesn’t Automatically Assign Drive Letters

March 15, 2024

How to Clean Up System Volume Information Folder...

March 17, 2024

Managing Administrative Shares (Admin$, IPC$, C$) on Windows

March 15, 2024

Install and Manage Windows Updates with PowerShell (PSWindowsUpdate)

March 17, 2024

4 comments

Sagar December 2, 2015 - 5:20 am

This problem occurs most of the time in windows 10. 

Reply
mukesh June 29, 2016 - 12:49 pm

I had same problem, created .cmd file with the commands, so whenever i have to run the exe i just run the .cmd file as administrator, 😉 problem solved

Reply
Tiger April 17, 2023 - 11:31 am

thank you!

Reply
jackPot8 August 11, 2016 - 11:24 pm

There is an easy solution try to install it as TrustedInstaller , download the file 
http://www.sordum.org/9416/powerrun-v1-0-run-as-trustedinstaller/
and run it , close the Application and edit the .ini file like this:
TargetApp=cmd.exe
run it again and it will run the cmd as TrustedInstaller privileges now install your software over Cmd

Reply

Leave a Comment Cancel Reply

join us telegram channel https://t.me/woshub
Join WindowsHub Telegram channel to get the latest updates!

Recent Posts

  • Find a Process Causing High Disk Usage on Windows

    July 15, 2025
  • Fix: Microsoft Defender Not Updating Automatically in Windows

    July 8, 2025
  • Create a Windows Server VM on Proxmox (Step-by-Step)

    July 7, 2025
  • How to Detect Which User Installed or Removed a Program on Windows

    June 23, 2025
  • Encrypt Any Client-Server App Traffic on Windows with Stunnel

    June 12, 2025
  • Failed to Open the Group Policy Object on a Computer

    June 2, 2025
  • Remote Desktop Printing with RD Easy Print Redirection

    June 2, 2025
  • Disable the Lock Screen Widgets in Windows 11

    May 26, 2025
  • Configuring Windows Protected Print Mode (WPP)

    May 19, 2025
  • Map a Network Drive over SSH (SSHFS) in Windows

    May 13, 2025

Follow us

  • Facebook
  • Twitter
  • Telegram
Popular Posts
  • How to Repair EFI/GPT Bootloader on Windows 10 or 11
  • How to Restore Deleted EFI System Partition in Windows
  • Network Computers are not Showing Up in Windows 10/11
  • Install and Manage Windows Updates with PowerShell (PSWindowsUpdate)
  • How to Download Offline Installer (APPX/MSIX) for Microsoft Store App
  • Updating List of Trusted Root Certificates in Windows
  • Fix: Windows Cannot Connect to a Shared Printer
Footer Logo

@2014 - 2024 - Windows OS Hub. All about operating systems for sysadmins


Back To Top