Local Security Settings Prevented Admin from Accessing Everything

Posted on 2007-10-12
Last Modified: 2008-08-26
I changed the 'Security Level' in 'Software Restriction Policy' in the 'Local Security Settings' to 'Disallowed', and deleted all the rules under the 'Additional Rules' folder. The result is that nothing can be run, and all system commands are now disabled!

I cannot run anything, including all control panel applications. The error output if i tried to run any system application is as follows:


Windows cannot open this program because it has been prevented by a software restriction policy. For more information, open Event Viewer or contact your system administrator.
and I am running as an administrator.

Is there a way to restore the default settings back from safe mode or anything?
Question by:saud82
    LVL 32

    Expert Comment


    Author Comment

    The problem is that all executalbe file formats are disabled, so I cannot run any exe file. I cannot login to my pc in the first place via the login screen, or Safe Mode. In the normal mode, or safe mode with VGA enabled, It rejects the admin after logging in, and returns the user back to the login screen. In the safe mode, it stucks in the driver/service screen and doesn't run the GUI.

    I can only access my pc via recovery console using windows setup. Is there any way to disable the security policies from the console, e.g disableing the service if it runs as a service? Or probably edit the settings from the command prompt?

    Author Comment

    OK I fixed it!

    1. I used Windows Setup CD, and run the Repair Console.
    2. Logged in as Admin
    3. cd to windows\system32\grouppolicy\Machine
    4. renamed Registry.pol to Registry.sav
    5. rebooted

    This will reset many things in windows, but at least I am in! Thank r-k for your attempt to help.
    LVL 32

    Expert Comment

    OK, I understand. Great that you got it to work. I somewhat misunderstood your original question and thought that you are able to run things in safe mode. Thanks and good luck.
    LVL 1

    Accepted Solution

    PAQed with points refunded (500)

    EE Admin

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Suggested Solutions

    Email attacks are the most efficient and effective way for cyber criminals and hackers to compromise a computer or network. We often find our-self second guessing the authenticity of an email message, for such instances we can follow practical princ…
    Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now