How to block programs from running (Windows 7)

Solution 1:

Solution

Here's a template you can use:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\whatever.exe]
"Debugger"="systray.exe"

To revert back you just need to remove the registry key:

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\whatever.exe]

Note Administrator rights (or enough rights to access the related registry key) are required in order to apply the changes.

How it works

The Image File Execution Options registry key was designed, among other things, to automatically launch a debugger when an application starts. While the debugger would start the application and attach, you can specify just any executable which will be run instead, thus overriding the original one.

What about systray.exe? It's a little stub program which was first introduced with Windows 95, and used to handle the system notification icons. It's not really used any more in the newer Windows versions, and it was mostly kept for backward compatibility reasons. It has no user interface, and doesn't do anything noticeable besides refreshing the notification area when started.

Remarks

  • Changes are applied immediately, and work regardless of the Windows 7 edition installed.

  • If you want to display a standard error message instead, replace systray.exe with %1 (any non-existing executable will do as well). Displaying a custom message would require creating either a custom program or script, and launch that.

Known limitations

  • Since the method is based on the program name, one could workaround it by renaming the executable to something. That can easily be avoided by making sure users the program is located in a directory which they don't have full control of (e.g. C:\Progam Files).

  • One could copy the whole program folder elsewhere (e.g. on the desktop) and then rename the executable. Some programs might not run that way, but others could. To avoid this, make sure users have no write permissions in their profile folders unless otherwise required.

References

  • How to add, modify, or delete registry subkeys and values by using a .reg file
  • How to turn off the Windows Update feature in Windows XP