Jump to content

thor3

Members
  • Posts

    4
  • Joined

  • Last visited

Everything posted by thor3

  1. I'm finding this to be frustrating and disappointing. I don't want EAV to be integrated into any email client and don't need email protection from EAV at all anyway, as for me that is taken care of on the server. I should have the ability to disable email protection in EAV as well as hide any alert that appears telling me that email protection or integration is not enabled. By not being allowed to hide this alert I'm actually put at greater risk, because a red alert icon will always appear in my system tray and I won't be able to distinguish if EAV throws a new alert for a different reason. To keep this from happening, you're forcing me to choose to integrate EAV email protection with an email client I don't use, just to keep the red icon from appearing. The way it should work instead is that if I choose to disable email client integration or email protection I should then be able to hide any resulting alert if I so choose.
  2. Hi moderator - I think you're missing the point: ManiusNG is choosing to disable HIPS because that's what he wants to do, and he accepts any risks due to that choice. And, in his case, his risks are mitigated anyway because he's using another application to provide HIPS. With no context it makes sense for EAV to throw an alert when HIPS is disabled, but not enabling a user to disable or hide that alert actually *increases* risk because if a user chooses to keep HIPS disabled, as ManiusNG points out, a red alert icon will always appear in the system tray, making it so that a user will not be easily made aware if EAV is throwing an alert for a different reason. So, the way this should work is that a user should be able to disable such an alert if they choose to disable HIPS.
  3. Thanks for the reply. I'll give Learning Mode a try and see what happens. At the very least it could keep me from having to manually create rules for multiple programs, and might address my concerns of HIPS interfering with applications without my knowledge. The disk cloning app I use is called Casper, by Future Systems Solutions (works great, BTW). With the HIPS allow rule I created Casper reports it completes a clone successfully, but it concerns me that the HIPS logs show that for some operations only some access was allowed when I expected all access to be allowed.
  4. I'm having some issues with the HIPS component of NOD32 (both v6 & v7): when enabled, it keeps a disk cloning application I use for backup from completing successfully and causes MS Office 2013 applications (in particular Outlook, OneNote, Word) to repeatedly crash, numerous times a day. I know these problems are caused by HIPS, as when it is disabled the cloning application completes successfully and the MS Office apps don't crash. I did create a HIPS rule to allow the cloning app to conduct all operations, and it does complete successfully with this rule, but the HIPS logs show "some access allowed" for many of the operations when I expected all access to be allowed. I also see in the HIPS logs that many operations for other programs and OS components are blocked or partially blocked, which concerns me as there isn't malware on my machine and I'm assuming these operations should be allowed (as they would be if it weren't for HIPS). My ultimate concern is that HIPS is interfering with applications silently, i.e. they're failing and I'm not aware of it. A few questions: - Is it really that unwise to use NOD32 with HIPS disabled? - I've read mixed thoughts on using Learning Mode: could doing so allay my fears? As it is now, I'm unsure it would, as even with an explicit rule for my cloning app, not all access is allowed. Any thoughts or advice would be greatly appreciated!
×
×
  • Create New...