1 Reply Latest reply on Mar 14, 2012 5:36 PM by Kary Tankink

    HIPS 7.0 FireSvc.exe in Activity Logs

      Hello,

       

      I'm new to the ePO community, and this may be a very silly question on my part.  I really don't know how to interpret some of the logs properly, so this may be something extremely simple.

       

      This is appearing on all of our networked computers.  If I look under Activity Log I see where the log is filled with the following:

       

      Time    Event                                                   IP Address/User                    Application                                                     Message

      XXXX    McAfee Host Intrusion Prevention  NT Authority\Local System  McAfee HIP Main Service (FireSvc.exe)    - Attack type: Protect HIPs

       

      Considering that this is filling up the local machine's HIPS Activity Log, I'm wondering if maybe one of the policies is setup incorrectly.  Is it a problem with hooking and FireSvc.exe? 

       

      Thanks for your time.