Hi Rober,
This can be achieved with Application Control Policies. Be sure to test new policies before deploying to your organization. AC policies are very powerful but you should
Click on the Clients tile icon on the navigation menu
In the Clients page, under Tasks, click Add Group
Enter a meaning ful name
Move a test cliet in this group
Now you have client you can play with
Click on the Policies tile icon on the navigation menu
Choose Applicatio and Device Control
Select the Default Policy
Click Copy Policy in the Tasks
Click Past a Policy
Now you have policy you can play with
Select the new policy
Click Edit Policy
Click Application Control
Select the Checkbox next to "Block Applications" to enable this rule
- Click Edit
- Select Block These Applications
Click Add to add the applications you want to block.
If the application name is something generic like setup.exe you can click on the Options button and enter the MD5 checksum in the File Fingerprint box.
Assign the policy to your Test Group.
When Everything works as expected you can replace the old policy with the new policy on using the Replace Policy Task. As these lists tend to grow it is a good idea to use version numbers in your policy name "Application and Device Control Policy v1.1"
Carsten