Outpost Host Protection problem

Hi,

I'm using the just-released Outpost Pro version on a 64-bit Windows Vista machine. I have enabled "warn about starting new or unknown executables," but I get no popups for any files I run. I wonder what else in Host Protection might not be working. I know that in a test, even after blocking all activity, a rogue ended the AntiVir GUI process (though it couldn't terminate the AV process.) Is there anything to try?

One thing I've noticed is that every file seems to be added to exclusions.

 

Hi mvdu,

check under; General-> Improvenet settings and ensure they are as per the screenshot, so that OP is not automatically creating rules for your applicatins.

 

Hi, wat0114 - thanks for the suggestion, but unfortunately, it did not help.

 

After you unchecked those boxes, did you also remove the files that have already been added as "Known components"? In Settings, under Host protection; click View list.

 

In addition to king Grub's suggestion, you will also need to go in the application rules and check the General tabs to ensure that "Allow all activity" is changed to "Use custom rules", then you may have to modify the "Anti-leak control" rules that OP would have automatically created for those apps that are getting too liberal system privileges.

 

Are the above settings the best settings generally speaking, or just for this posters problem?

 

If you want to pass all leaktests, then yes, perhaps, but if you want to balance max security against ease of use, then perhaps not. I use default settings for the most; I'd rather be a few percent less protected against theoretical threats (threats I've never been the target of during many years of internet use) than have to be bothered with pop-ups as soon as something happens in the operative system. Someone else might prioritize 100% security and passing all leak tests instead, and would rather deal with allow/deny-questions every day. Personally, an overly intrusive firewall/HIPS would give me more headaches and botheration than I've had from malware, so I think default is fine for the average user.

 

Those settings give the user full control over creating rules, otherwise OP will auto-create rules on the fly, which will lead to to overly liberal and unnecessary rules for most applications.

 

OK thanks for the heads up King Grub and Wat0114.

 

Hi, all - I did what everyone said, and it alerts for added components, but not starting a program.

 

If all else fails, you could alway do an uninstall and then, after re-installing, don't let it create any rules on its own or create any trusted files this time.