<div>
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
</div>


This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

<div>
<div class="content wysiwyg-content">
Hi<br />
<br />
I have a very interesting query that would maybe eliminate this CryptoLocker virus once and for all.<br />
<br />
I need a script that i can run on a few servers (different domains) that automatically creates a GPO called &quot;Software Restriction policies&quot;, adds a path rule in the policy to block applications running in &quot;%LocalAppData\*\*.exe&quot; , then applies that to any OU in AD resembling &quot;Workstations&quot;, &quot;Desktop&quot; or &quot;Laptop&quot;<br />
<br />
When this whole thing is done manually per server, it works like a charm. The issue is we are trying to save man hours...<br />
Thought that since i'm paying a monthly fee for Experts Exchange &nbsp;and rarely use it :) , i could post it here.
</div>
</div>


Hi

I have a very interesting query that would maybe eliminate this CryptoLocker virus once and for all.

I need a script that i can run on a few servers (different domains) that automatically creates a GPO called "Software Restriction policies", adds a path rule in the policy to block applications running in "%LocalAppData\*\*.exe" , then applies that to any OU in AD resembling "Workstations", "Desktop" or "Laptop"

When this whole thing is done manually per server, it works like a charm. The issue is we are trying to save man hours...
Thought that since i'm paying a monthly fee for Experts Exchange  and rarely use it :) , i could post it here.

PowerShell GPO Software Restriction Policy Script to apply to OU like &quot;Workstation&quot; or &quot;Desktop&quot; or &quot;Laptop&quot;

Windows PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language built on the .NET Framework. PowerShell provides full access to the Component Object Model (COM) and Windows Management Instrumentation (WMI), enabling administrators to perform administrative tasks on both local and remote Windows systems as well as WS-Management and Common Information Model (CIM) enabling management of remote Linux systems and network devices.

Powershell

VBScript (Visual Basic Scripting Edition) is an interpreted scripting language developed by Microsoft that is modeled on Visual Basic, but with some important differences. VBScript is commonly used for automating administrative and other tasks in Windows operating systems (by means of the Windows Script Host) and for server-side scripting in ASP web applications. It is also used for client-side scripting in Internet Explorer, specifically in intranet web applications.

VB Script

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

PowerShell GPO Software Restriction Policy Script to apply to OU like &quot;Workstation&quot; or &quot;Desktop&quot; or &quot;Laptop&quot;

PowerShell GPO Software Restriction Policy Script to apply to OU like "Workstation" or "Desktop" or "Laptop"