I wouldn't let any exe's on any user share anywhere. I block all of that and a host of others that we deemed unneeded with FSRM.
From: David Lum [mailto:david....@nwea.org] Sent: Tuesday, April 09, 2013 1:47 PM To: NT System Admin Issues Subject: Blocking executables for the root of a share Our last two virus incidents involved dropping an *.EXE at the root of our primary shared drive. Would it make sense to treat the root of a share the same as Windows 7 treats %OSDRIVE% and not allow the creation or running of executables in the share's root, or is that reacting too specifically to our latest events? Implementing this blocking is relatively straightforward. GPO can prevent the execution in specific folder, and McAfee can block the creation of said files. David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin