To block any executables from pcAnywhere in the Windows 2003 Domain Controller, complete the steps for the two sections below outlined in the support.microsoft.com/kb/324036 article:

• For an Organizational Unit or a Domain on a Domain Controller or a Workstation that has the Administration Tools Pack installed
• How to create a Registry Path Rule

Note that you must complete the ‘How to create a Path Rule’ section twice. You must add path rules for both 64-bit and 32-bit on every computer.

The path where pcAnywhere is installed on 64-bit computers is C:\Program Files\Symantec\pcAnywhere. The path where pcAnywhere is installed on 32- bit computers is C:\Program Files(x86)\Symantec\pcAnywhere.

These changes affect users who logout and login again after the above steps are completed. When they attempt to run pcAnywhere, they will receive the following message, “This program is blocked by group policy. For more information, contact your system administrator.”