Simple setup Run with Windows 7 limit program

The network management Xiaowang just went to work, and he summoned the leader. Xiao Wang was asking if he had done anything wrong. At the office, Manager Liu said to him, "Xiao Wang, I don't want a program to run. Xiao Wang:" Manager Liu, this is easy to do, you can achieve this function on Windows7, I will give you a demo? & nbsp; Manager Liu: "Oh, Windows7 has this feature, then you can show it to me, then again, I have always opposed the deployment of Windows7, and later through the highly recommended by your department, reluctantly agreed, recently Everyone is quite satisfied with this Windows7. I feel very good, so I still have to listen to the advice of your professionals. & rdquo; Xiao Wang: & ldquo; Manager Liu is satisfied with you, come to me to show you how to prohibit a program to run, we will take QQ as an example. Windows 7 has added an AppLocker feature (application control policy) that allows users to easily create a restriction policy for a program. For example, if you want to ban QQ running, you can do this: Click “Start”→ in the "Search programs and files" box, type secpol.msc→ press Enter → open local security policy → find the application Control strategy → AppLocker & rarr; right blank area right-click menu → create new rules & rarr; enter the new rules wizard.

“Permissions" Steps: Actions set to “Reject", users can select “Everyone" or specify an account.

“Conditions Steps: The most insured is to limit the conditions of the "publisher", that is to say, the current large software related programs are signed by the software publisher. With this rule, you can restrict all programs that have the signature, which avoids the "path" rule's modified path to run, or the "file hash" rule can be run by another version of the rule. . For the convenience of presentation, here we choose “publisher”.

"Publisher"Settings: "Browse"  Find the main program file of QQ, the information about the program will appear automatically after selection, in the slide button we select “publisher”.

& ldquo;Exceptions & rdquo; Settings: After the previous step, all programs with Tencent official signature will not run, such as QQ, QQ music, QQ video, QQ games, etc. Tencent series software, even include The installer, if you need to allow a program to run separately, you can add it as an exception here.

“Name”Settings: The final step is to set the rule name. You can help this rule get an easy-to-recognize name.

If you are currently creating the first rule, then there will be a default rule creation prompt when you are done, you need to click “ is ”, allow the creation of default rules, so as not to The rules you set make the system file program restricted.

After successfully creating a rule, the operation will be blocked when attempting to run any program with Tencent's official signature. This rule works regardless of how the user changes the file path and version.

After Xiao Wang’s explanation, Manager Liu quickly mastered the use of AppLocker. He admired Xiao Wang’s saying, “It’s good, I want this effect. It seems that Windows 7 is really Very good. & rdquo; Editor's Note: If the AppLocker rule is invalid, click “Start”→ in the "Search programs and files" box, type services.msc→ press Enter → open “service”, find Find the Application Identity item, set its startup type to “Auto”, then press “Start” to make the rule take effect.