This szenario is the most effective one but be careful it will delete all your previously created AppLocker rules!
First you need to stop the enforcement of AppLocker
Policies by unchecking the “Configured” option:
Then reboot the Computer.
After the reboot open up Local Securtiy Policy again. Navigate to AppLocker, right-click and “Clear Policy”. Then again reboot the machine.
Afterwards we will use the Set-AppLockerPolicy cmdlet with the -XMLPolicy parameter to clear what is still remaining. Open a Notepad and paste the below:
<AppLockerPolicy Version="1"> <RuleCollection Type="Exe" EnforcementMode="NotConfigured" /> <RuleCollection Type="Msi" EnforcementMode="NotConfigured" /> <RuleCollection Type="Script" EnforcementMode="NotConfigured" /> <RuleCollection Type="Dll" EnforcementMode="NotConfigured" /> </AppLockerPolicy>
Save the file as “clear.xml” in a directory (for example C:\temp).
Then open PowerShell with elevated rights and navigate to C:\temp
Import the AppLocker PoSh module with the below command:
import-module AppLocker
And execute the Set-App Locker Policy command to clean everything up.
Set-AppLockerPolicy -XMLPolicy .\clear.xml
Reboot the machine.
Afterwards let’s say in 90% of the scenarios the machine will work as before AppLocker was enabled. In some very though circumstances where this didn’t resolve the issue I had to clean up the AppLocker directory manually.
Navigate to the directory:
%windir%\System32\AppLocker\
Delete everything (AppCahce.dat will not be deleted as it is in use):
Rerun the above PowerShell cleanup and reboot the machine.