Many users have noticed that when running or installing some programs in Windows 10, “This app has been blocked for your protection” error pops up and prevents normal running or installing the applications. Interestingly, the problem occurs not only with third-party exe or msi files, but also with standard Microsoft msc snap-ins, launched via mmc.exe. Thus, even a user with local administrator privileges cannot run or install such applications.
This app has been blocked for your protection An administrator has blocked you from running this app. For more information, contact the administrator.
The error “This publisher has been blocked from running software on your machine” can also appear.
The Windows 10 User Account Control (UAC) blocks running/installing applications with an expired or revoked digital signature. You can verify this in the properties of the executable file on the Digital Signatures tab. Most likely the Code Signing certificate has already expired.
If you are sure that the application is safe and was received from a trusted source, you can bypass this notification and run/install the program. There are some ways to bypass it:
Running the Application from the Elevated Command Prompt
You can try to bypass this software restriction block by running the command prompt with the administrator privileges and starting the application there:
Alternatively, you can create a bat/cmd file with the application launch string and run the batch file as an administrator.
Unblock a File Downloaded from the Internet
If you downloaded the executable file from the Internet, check if it is blocked by the Windows security system. To do this, open the file properties and set the “Unblock” checkbox.
It is also possible to unblock a file using PowerShell:
Unblock-File install_filename.exe
Removing Digital Signature from a File
You can try to remove the code digital signature of a setup file (for example, using a third-party FileUnsigner tool).
Disabling UAC
As far as it is the UAC system that blocks running an application, it can be temporarily disabled.
You can disable UAC through Group Policies. UAC GPO settings are located under Windows Settings -> Security Settings -> Security Options section. The names of the UAC policies start from User Account Control. Open the option “User Account Control: Run all administrators in Admin Approval Mode” and set it to Disable. 
To update the Group Policy settings, you need to restart your computer.
It is much more convenient and easier to turn off UAC through the registry. To do it, go to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System in the Registry Editor (regedit.exe) and change EnableLUA value to 0.
Or run this command:
reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
To turn User Account Control off, the system will require to restart the computer:
Try to install the blocked application. In case of success, enable UAC back by setting the EnableLUA value to 1.
Run an App Using the Built-in Windows Administrator Account
If no of the previous methods helped, you can try to run/install the application with the built-in administrator account. There is no UAC for this account. How to enable the built-in Windows 10 administrator account is described here.
MMC.exe App Has Been Blocked for Your Protection
In some cases, Windows 10 may start blocking the launch of built-in Windows tool and programs. For example, mmc.exe program, through which run all Microsoft msc snap-ins (gpedit.msc, compmgmt.msc, services.msc, secpol.msc, devmgmt.msc, etc.).
Try to run the Process Explorer and add the Verified Signer column. Most likely, in front of the applications, you will see the caption “No signature was present on the subject Microsoft Corporation”.
First of all, make sure that your Windows contains up-to-date root certificates. Update them if necessary.
Another possible problem is errors in Cryptographic Services. Make sure the CryptSvc service is running and configured to start automatically.
You can recreate the Cryptographic Service EDB database file with the following PowerShell commands:
Stop-Service cryptsvc
Rename-Item -Path "C:\Windows\System32\catroot2" -NewName catroot2.old
Restart-Computer
If all the described methods didn’t help, try to check and restore the integrity of Windows system files with the commands:
Sfc.exe /scannow
Dism.exe /Online /Cleanup-Image /Restorehealth
4 comments
This problem occurs most of the time in windows 10.
I had same problem, created .cmd file with the commands, so whenever i have to run the exe i just run the .cmd file as administrator, 😉 problem solved
thank you!
There is an easy solution try to install it as TrustedInstaller , download the file
http://www.sordum.org/9416/powerrun-v1-0-run-as-trustedinstaller/
and run it , close the Application and edit the .ini file like this:
TargetApp=cmd.exe
run it again and it will run the cmd as TrustedInstaller privileges now install your software over Cmd