To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

F-secure Policy Manager : Can I block a specific executable based on filename

niepce W/ Alumni Posts: 20 Security Scout

Hello all,


Im struggling to block a specific executable named Emotiplus_skype.exe

This tiny thing replicates via Skype via all contacts, and installs a browser search engine hijacker. In addition to providing very nice smileys in skype :)


I am struggling to find how to block it FSPM wise. I have options to include extensions, exclude extensions, exclude files and folders based on path and filenames.... but I can't find any option to block a specific file based on filename (neither in manual, real time, or deepguard scanning options).


Anyone got a clue ?


In the meantime, I sent the file to the lab for analisys, just in case.


  • etomcat
    etomcat W/ Alumni Posts: 1,172 Firewall Master



    I think SHA1 checksum banning works via Deepguard and the NIF module in FSAVCS. But of course if the file changes often, that won't help for long.


    Yours Sincerely: Tamas Feher, Hungary.

  • niepce
    niepce W/ Alumni Posts: 20 Security Scout
    Thanks Tamas I've been able to make in untrusted in Deepguard using the sha1 hash. Until the next one !
This discussion has been closed.