EQSecure 3.41 and MD5 verification

Hello to all,

I'm sorry if it was asked before. I've read a lots of thread about EQSecure but still not sure about it:

On the warning window / Other Options I have the option to check "Prompt again when application is modified". But if I choose it and go to the Application rules / Other Settings tab the option "Verify program file with md5" is still not checked. Is this a bug or the 2 things are different?

Also I don't understand why the option "Verify program file with md5" is not checked by default for all the programs. It has to be done manually, which is very annoying. All other HIPS I've used (ProcessGuard, AppDefend, ProSecurity) have this function enabled by default.


Another question: If, for example, I run cmd.exe, EQS will prompt me to ask if I want to allow it. If I allow it and I run, for example, the command "ipconfig", EQS will not prompt me and the execution is allowed without my approval. With AppDefend and ProSecurity I had a pop-up to allow ipconfig.exe to run. Is this normal? Same things with rundll32.exe. If I go the the control Panel and open something there I only get one pop-up. With other HIPS I get one pop-up for each items I open in the control panel (so each timme rundll32.exe execute with new dommand line).

 

As far as i understand, given i don't allow access to air-waves connections to these so called checks like Prevx and others like TF rely on, it would make much better sense to me if they M$ allowed for a download to a protected local database (applies to all other apps of this nature IMO), for the security program to perform their matches that files are legit.

Other then that, i do my own MD5 & SHA-1 verifications with the long-lived freeware INTERGRITY CHECKER or FINGERPRINT. They take IMO less time to conduct a verification then an on-line match and are far less vulnerable to servers being compromised.

EASTER