Need to disallowed to run some Windows applications on the users machines.
解决办法
Create a Group Policy Element using the shell-commandprompt-regedittools.admx template.
After select the ADMX click Settings and navigate to: Administrative Templates | System | Don't run specified Windows applications and click Edit.
On the next window use the drop down menu for the Policy state and select Enabled.
On the List of disallowed applications box, enter the application name. For example: notepad.exe and click over the Plus (+) button. Click the Red X to remove an application from the list if needed.
Continue adding any other application(s) to the list and click Confirm when done.
Set the Validation Logic and the Validation Logic Rules as needed.
