F-secure Policy Manager : Can I block a specific executable based on filename
Im struggling to block a specific executable named Emotiplus_skype.exe
This tiny thing replicates via Skype via all contacts, and installs a browser search engine hijacker. In addition to providing very nice smileys in skype
I am struggling to find how to block it FSPM wise. I have options to include extensions, exclude extensions, exclude files and folders based on path and filenames.... but I can't find any option to block a specific file based on filename (neither in manual, real time, or deepguard scanning options).
Anyone got a clue ?
In the meantime, I sent the file to the lab for analisys, just in case.
Vad Posts: 1,082 Forum Guru
Unfortunately, we don't have such possibility in current versions.
I think SHA1 checksum banning works via Deepguard and the NIF module in FSAVCS. But of course if the file changes often, that won't help for long.
Yours Sincerely: Tamas Feher, Hungary.
Thanks Tamas I've been able to make in untrusted in Deepguard using the sha1 hash. Until the next one !