![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 70%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFE%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 33%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDV%3C/text%3E%3C/svg%3E)
Hi Finlo Everhart,
Since the live environment is immutable, you must perform an offline remediation using the Windows Recovery Environment (WinRE). After booting into WinRE and launching the Command Prompt, you must identify your system drive, which may shift from C: to another letter like D: in this mode. You will then launch the Registry Editor and use the Load Hive option to mount the software registry database located at \Windows\System32\config\SOFTWARE.
Once the hive is mounted under a temporary name, navigate to the Policies\Microsoft\Windows\SrpV2 and Safer keys. Also, navigate to \Windows\System32\GroupPolicy on your system drive and delete the Machine and User folders. These folders hold the cached instructions from your last Group Policy sync, and removing them prevents the system from immediately re-locking itself upon the next boot.
Before restarting, ensure you select the temporary hive name in the Registry Editor and use the Unload Hive command to commit your changes and prevent database corruption. Upon reboot, the workstation will initialize without the restrictive hooks, restoring your ability to run executables and allowing you to log in and deploy a corrected security policy.
Hope this answer brings you some useful info.
Domic V.