The Blacklist feature can explicitly prevent the execution of applications which by default do not require administrator privileges to install or execute.
For example: Adobe Acrobat Reader, Firefox, Google Chrome, Malwarebytes Anti-Malware,
Microsoft Remote Desktop, TeamViewer, uTorrent, VLC Media Player, or WinRAR.
The steps listed below show how to create a new Blacklist rule.
1. Log onto the console, and in the left-hand pane, click on ‘GPOs with Policy Settings’.
2. In the center pane, expand ‘Group Policy Objects’, and select a Group Policy that this rule will be applied to.
3. Then on the right-hand pane, select the ‘Process Blacklist Rules’ tab.
4. Next, click on the "New Rule" button.
5. This will launch the "Create Blacklist Rule Wizard", select "Create your own rule" or "Select a common rule from the list below".
6. Click on the "Next" button to load the ‘Description’ tab.
This is where a Title and description of the rule may be added.
7. Click on the "Next" button to load the ‘Type’ tab.
This is where the application to be blacklisted will need to be defined by choosing the application type.
8. Click on the "Next" tab to load the ‘Validation Logic’ tab.
This is where Validation logic may be defined for this Blacklist rule.
9. Click on the "Finish" button to complete the creation of the new Blacklist rule.
10. Finally, click on the "Save" button to save the new rule to the selected GPO.