I am sorry but not clear about the question.
Which file you would like to query from the ePO server? Please reproduce the query.
Sorry for that, am trying to find out if a software has been installed in my network machines, i wanted to know if there's a way to look for that software, in this case an exe file installed in the c:\program file\X folder\X.exe using the ePO against all managed systems.
I am not sure if we can achieve this.
List of McAfee products will be listed in the machine's property.
Some of third party products can be managed from the ePO server through SIA but not sure if we can get the installation directory (c:\program file\X folder\X.exe). Some one, please correct me.
I know once i had a malware problem, and we did an artemis kind of rule that identify and exe file when was read write, that's why i was thinking it might help me find the exe file but instead of a rule a query that could find it.
The System Information Reporter product that integrates with ePO would likely allow you to do this, but it's available for Platinum customers only.
If you're a Platinum customer, ask your support contact about it.
If you know the EXE name then you could add it as a user defined file under the 'Unwanted Programs' policy under VSE 8.8.
It will then throw up a detection warning when ever the program is run.
HOWEVER: This will kick in VSE and it will attempt to delete the file. So not nessesarily the desired results.
We use a piece of asset software called 'Alloy Navigator' it allows you scan the entire network and extract machine specs and all the software installed on each computer.
Or there's a unofficial add on to WSUS that allows you to check and report on installed software. http://www.localupdatepublisher.com/
Just create a user defined rule in access protection rules with the file name in, set it to report instead of block.
look at client threat events, you now have a list of machines with that file on.