Allow members of the Everyone group to run applications that are located in the Program Files folder This setting allows members of the Everyone group to run applications that are located in (or beneath) the Program Files folder. If you enable this setting, members of the Everyone group will be able to run applications that are located in (or beneath) the Program Files folder. If you disable this setting, members of the Everyone group will not be able to run applications that are located in (or beneath) the Program Files folder. This setting is largely used to control running of apps on sensitive computers (such as domain controllers).

(1) GPO: Computer Configuration\Windows Settings\Security Settings\Application Control Policies\AppLocker\Executable Rules!Allow members of the Everyone group to run applications that are located in the Program Files folder (2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\SrpV2\Exe\921cc481-6e17-4653-8f75-050b80acca20!Value