Hello
I implemented a Crypto locker group policy as suggested in the third tear article. http://www.thirdtier.net/2013/10/cryptolocker-prevention-kit-updates/
The owner of the company does not want to be in this group, or to get the group policy. i tried to exclude him by adding him under delegation and denying him read and apply. this did not work he was unable to run a exe program from a zip. i had the enforce and link options checked. i played around with not having the enforce checked than on his Pc windows 7 x64 run gpupdate.exe /force. he still could not run the exe from the zip. Only after taking away the link running the GP force is he able to run the exe from within the zip. But i think i have just disabled the entire group policy. My goal is to exclude just him from this group policy. And protect the other users.
the server is 2008 R2 they run in a domain environment. his Pc is windows 7x64