I'm new to the ePO community, and this may be a very silly question on my part. I really don't know how to interpret some of the logs properly, so this may be something extremely simple.
This is appearing on all of our networked computers. If I look under Activity Log I see where the log is filled with the following:
Time Event IP Address/User Application Message
XXXX McAfee Host Intrusion Prevention NT Authority\Local System McAfee HIP Main Service (FireSvc.exe) - Attack type: Protect HIPs
Considering that this is filling up the local machine's HIPS Activity Log, I'm wondering if maybe one of the policies is setup incorrectly. Is it a problem with hooking and FireSvc.exe?
Thanks for your time.
This is an IPS signature violating (Attack type: Protect HIPs), for a signature name called Protect HIPS. This is a custom signature that may need to be tweaked by the person that wrote it at your company, or IPS exceptions need to be made.