I need a way to block any exe from being ran from usb or actually from anything other than the C drive on the computer. Any ideas on how to approach this?
Clint, I think this is going to take the same tact as the recent CryptoBlocker virus and all the remediation steps, just affecting a different directory. The problem with USB is that you might get different drive letters, so you might need a utility (USBDLM) to control that, or have a bunch of policies blocking a long string of possible drives.
Like everything with scripting and Kaseya, Figure out how to do it locally, then figure out how to script it.
I found a good deal of info on this on www.edugeek.net/.../26230-preventing-file-extensions-through-gpo.html I would start there, and make 1 machine work.
Thanks for the link, I came across that once before, in my searching. So will delve deeper in to it now. GPO is not really an option unfortunately in this situation. Too many devices (around 100) and all tablets or laptops. Just a nightmare situation that should have been rolled our differently from the beginning.
If you can control them with Kaseya, you can push out what you need. Take a look at the CryptoLocker Prevention script we published on our ClubMSP site (http://clubmsp.com). If you simply change the locations of some of the registry entries, I think it would solve your problem. You just need to make sure that you limit the drive letters of the USB drive using some utility (I mentioned one I found above). Sounds like a neat project, please share it with us if you get it working.