How to Block Exe files via Application and Device Policy with File Fingerprint

By Fatih Teke | November 16, 2009 4:17AM
Hi everybody. I will tell you how to block exe files via Application and Device Policy rule. I choice block exe files via file fingerprint. Because users can change exe names but cannot change file fingerprint. Best Regards.
5 comments
Fatih Teke says: Thank you for all votes and replys. I hope my videos will help people. Regards. Fatih.
shp says: Good one... 
Security Feed
RSS
juricta commented 1 hour 51 min ago on View Vista machine in SSC forum discussion I am running Corporate edition 10 and there is no file that will install Vista version of AV
Teck commented 2 hours 6 min ago on What is Content Catalog in SEPM forum discussion Hi Sandip, Thats exactly what i mean. The revision dates back to April 2009, please help me update it.
blenahan commented 3 hours 40 sec ago on Endpoint 11.05 install on Windows 7 forum discussion I know I have had issues with some installs.  Is this a migration from another AV client?  ...
Daniel_Allen posted a new forum discussion: "Omitted" column in scan log 3 hours 19 min ago
I'm looking at a scan log for one of my computers.  One column is for "Omitted".  Are these files omitted because they've been scanned during the day by File-System Auto Protect?  I ask because on this particular computer I've temporarily turned off Auto Protect to troubleshoot performance issues.  With auto protect on the omitted files are over a thousand.  With
dreviewx posted a new blog entry: Paid Survey Review 3 hours 24 min ago
Paid Survey Reviews
VBAL posted a new forum discussion: Drill Down Reports 3 hours 35 min ago
Is there any way to see the detailed URL accesed by any user ?? The drill down reports end with info like : google.com as the visited site.  Any configuration allow us to see the full URL ??   something like :
VBAL posted a new forum discussion: Blacklist by Username/Groups 3 hours 36 min ago
Are the blacklists defined for all computers and users ?? Is there any way to allow the downloading of file extensions blocked in the Blacklists entry list for any specific username, group or organizational unit ?? Thanks
VBAL posted a new forum discussion: Content Filtering Evaluation order 3 hours 37 min ago
Using AD usernames and workgroups.... and creating different configuration policies for content filtering.  Is there an evaluation order to allow or block access to categories if an user belong to multiple Organizational Units or workgroups and each group has a different policy ?? Example : 
VBAL posted a new forum discussion: Info about URL Database 3 hours 39 min ago
Greetings, Is the URL database stored in the SWG appliance or is remote ?? What is the frecuency of updates ? What is the typical update size ? Thanks
DMPE posted a new forum discussion: Endpoint 11.05 install on Windows 7 4 hours 30 min ago
Am unable to install Endpoint 11 MR5 on Windows 7 pc.  Windows firewall turned off.  Get Error Event ID 1033.
HEMANPR posted a new forum discussion: Urgent Please - Virus Devinition Crash My Computers 4 hours 57 min ago
Hello Guys I have running Endpoint 11.0.5002.333 on my computers. Today before a new Live Update My machines with Windows XP crach and when Start Windows its continue a restart loop again and again.
sri2384 posted a new forum discussion: What is services loaded and services unloaded under the Log handling portion of Av and As policy ? pls help 5 hours 8 min ago
BadAndy posted a new forum discussion: SEPM is not downloading latest PTP definitions 5 hours 16 min ago
Why is my SEPM server not downloading the latest Proactive Threat Protection definitions and associated files? They have been stuck on 8/20/2008 for some time now and when LU runs on the SEPM console, it shows that they are up to date.
Leo Nikora posted a new blog entry: Sheur2 Trojan Not Fixed Nor Even Found 5 hours 16 min ago
Endpoint Protection 11.0.5002.333 failed to even find (much less fix) the Sheur2 trojan. AVG did find and fix it.
MarkJF posted a new forum discussion: ClientRemote Install Issues 5 hours 37 min ago
I am currently running SAV Corporate Edition and 10.1.8.8000 Symantec System Center. When I select Tools/ClientRemote Install and drill down until I get to my domain name under Select Computer, I am not seeing all of the prospective clients that I should be able to see in my Windows 2003 Active Directory domain. If I can't see them, I can't push SAV to them.
Westveld posted a new forum discussion: Mail Security for Exchange - mostly not filtering spam anymore? 6 hours 12 min ago
Shows total scans, auto-protect scans and Spam scans number increasing, but Premium Anti-spam numbers are all 0. Did all the steps in doc 2007020615531854 - it worked for 20 messages, then stopped filtering spam again.
Briandr73 posted a new idea: Add fields to 'General' tab 6 hours 34 min ago
We have a mixed Novell E-Directory/Microsoft Active Directory environment. We have approx 3,500 computers receiving updates from 2 SEPM servers and 3 GUP's. Our Novell computers are in a single workgroup. The Microsoft computers are in a single domain.
iug posted a new forum discussion: MR5 crashing with W. Vista Business 6 hours 59 min ago
I have a Dell Optiplex 745 with Windows Vista Business, but yesterday I upgrade my SEP from MR4 MP2   to  MR5 (11.0.5002.333), sice then, it had been crashing (blue screen) every five minutes. I've installed the MR4 MP2 again, and everything is ok. Checking the minidup file I found the following: Debugging Details: