Hi,

What sep feature do you have installed ?

What happend when you disable NTP feature ?

Do you have blocked .exe extension thorugh SEP ?

Hi

What sep feature do you have installed ? => yes, I installed ADC at client

What happend when you disable NTP feature ? => I don't known. can you more explain

Do you have blocked .exe extension thorugh SEP ? => yes, I create a rule block *.exe extension thorugh SEP (you see my picture. first is blocked by SEP

What is your current verson of SEPM?

What is OS Version where this policy not working?

s it possible that you can share the small snapshot of your configured policy?

Try with file name only...or with checksum of file.

Hi,

Check this artical do you have configure this type

https://www-secure.symantec.com/connect/articles/how-block-known-virus-executables-run-userprofile-using-application-and-device-control

Check the below

How to configure Application Control in Symantec Endpoint Protection 11.0 : Configuring Application Control Policies

No it doesnot seems like SEP is blocking it. Can we re check it by disabling the SEP and executing this application?

If you can, post a screen shot of the rule or export the policy and attach so I can test as it is.

"the handle is invalid" does really look like SEP error.

- is this file embedded to Word or only linked?

- from the screenshot it references the path to ...temporary internet files -> content IE5 and mspaint[1].exe - can you confirm this linkage is really correct? or should it be on the root of teh D: drive?

- if you disabled SEP on that machine can you access this file without issues?

- is this a XP machine? are you able to reproduce the issue on win7?

Please see ADC policy config