I have a very interesting query that would maybe eliminate this CryptoLocker virus once and for all.
I need a script that i can run on a few servers (different domains) that automatically creates a GPO called "Software Restriction policies", adds a path rule in the policy to block applications running in "%LocalAppData\*\*.exe" , then applies that to any OU in AD resembling "Workstations", "Desktop" or "Laptop"
When this whole thing is done manually per server, it works like a charm. The issue is we are trying to save man hours...
Thought that since i'm paying a monthly fee for Experts Exchange and rarely use it :) , i could post it here.