Quick and dirty VBscript to audit and delete Media Transfer Protocol device drivers from Windows registry. Combine this with `schtask /ru ""` to schedule a task local or remotely. This would be used in conjunction with a written policy (which is punishable). Device white-listing mechanisms are always the best.

mtp

Const HKEY_LOCAL_MACHINE = &H80000002
Dim oReg : Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
Dim oShell : Set oShell = CreateObject("WScript.Shell")
Dim sPath, aSub, sKey, aSubToo, sKeyToo, dwValue

sPath = "SYSTEM\CurrentControlSet\Enum\USB"
oReg.EnumKey HKEY_LOCAL_MACHINE, sPath, aSub

'in one level
For Each sKey In aSub
  'in two levels
    oReg.EnumKey HKEY_LOCAL_MACHINE, sPath & "\" & sKey, aSubToo
    For Each sKeyToo In aSubToo
        'oReg.GetDWORDValue HKEY_LOCAL_MACHINE, sPath & "\" & sKey & "\" & sKeyToo & "\Device Parameters", "DefaultDvdRegion", dwValue
			strKeyPath = SPath & "\" & sKey & "\" & sKeyToo
			return = oreg.GetMultiStringValue(HKEY_LOCAL_MACHINE, strKeyPath, "CompatibleIDs", arrValues)
			if (return = 0) and (Err.Number = 0) then
				for each strValue in arrValues
					if instr(strValue,"MTP") then
						wscript.echo oshell.ExpandEnvironmentStrings( "%computername%" )
						'wscript.echo strKeyPath
						'wscript.echo strValue
						return = oReg.DeleteKey(HKEY_LOCAL_MACHINE, strKeyPath)
						If (Return = 0) And (Err.Number = 0) Then    
							'Wscript.Echo "DeleteKey: " & strKeyPath
						Else
							Wscript.Echo "DeleteKey failed. Error = " & Err.Number & " winerror.h HRESULT code = " & return
						End If
					end if
				next
			else
				'wscript.echo "GetMultiStringValue failed. Error = " & err.number
			end if
Next
    Next