Users are getting virus on their computers.
Server is 2003.
One way I'm preventing this is by setting up a group policy:
Security Level: Disallowed
Description: Don't allow executables to run from %AppData%.
I have setup the gp and the group is link to the GP.
I ran gpupdate, rsop and it shows the gp. I attached the screenshot.
Also attached is the gp management screen.
I have test the gp by executing a standalone exec in C:\user\me\appdata
and I'm still able to open it.
Am I missing something?