GRANT SELECT ON [Schema Name].[Table Name] to [Principal Name]

I guess you tried this but the user has access to objects through other groups/roles. What you are trying to do cannot be done by design. I suggest doing an active directory and permission audit to see exactly what users and groups have what permissions and then working with Network support to clean this up. Nested groups can make this more difficult, but power shell and/or other scripting can help.

If you are a domain admin you can just look all this up, but if not then scripts can help. For example the following VBS script will tell you what members are in a group assuming there are groups with access to your database:

Set Arg = WScript.Arguments

set oGroup = GetObject("WinNT://datacore_kc/"+Arg(0)+",group")

for each oMem in oGroup.Members

str = str + oMem.name + chr(9) + oMem.Class + chr(10)

next

msgbox(str)