Hi all,
In this article, I will explain the procedure to collect file fingerprint of any file or location within the system and add the same to Symantec Endpoint Protection Manager.
So, Let's get started.
Step 1: Go to Local Drive > Program files(x86) > Symantec > Symantec Endpoint Protection.
You will find Checksum.exe in this folder, that we will use to collect file fingerprint.
Step 2: Press and hold Shift Key and right click in empty location (Follow below screen shot) and select Open Command Window Here
Step 3: It will then open the command window at this location.
Step 4: Now suppose you want to collect file fingerprints of every file from your computer's particular drive (in this case I have selected D drive)
Step 5:
a. In this window type Checksum.exe or simply type "Ch" without quotes and hit Tab, this will automatically select Checksum.exe from this location.
b. Now type the name of the file which will save the file fingerprint data into a text file. In this example I have given a file with name output.txt You can give any name to this file followed by .txt extension for text file.
c. So the command until now is - Checksum.exe output.txt (There is a space between checksum.exe and output.txt)
d. Next is to select the drive name or the file path of which, we need to collect file fingerprint. So type "D:\" with quotes.
e: So the complete command to collect file fingerprint of all files from D drive is -
Checksum.exe output.txt "D:\" (There is a space between checksum.exe and output.txt and "D:\")
f: Hit enter and it will start collecting the file fingerprints from D drive as shown below -
Step 6 : After the process completes the window will get close automatically and the output file will have the list of file fingerprints of files from D drive.
Another example : collect file fingerprint of Google chrome (executable file)
Step 1 : Right click on the Google Chrome icon and select properties, Now click on shortcut tab and copy the target path which is for chrome.exe
Step 2: Type the command as - Checksum.exe output.txt "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
Step 3: Hit enter and it will immediately collect file fingerprint of chrome.exe and store that in output.txt file (see screen shot)
Adding the output fingerprint file into SEPM.
Step 1: Open the Symantec Endpoint Protection Manager and go to Policies > Policy Components > File Fingerprint Lists and click on add a file fingerprint list
It will open Add File Fingerprint Wizard, Click Next
Step 2: Put name and description of the file.
Step 3: Hit next when you get below screen.
Step 4: Browse the path to the output.txt file.
Step 5: Hit Next and the file will get added to the SEPM.
Step 6: Hit Finish and you will see the fingerprint file will get saved in SEPM.
Thanks,