Question about safelists & hips


When set to “high” I get loads of hips alerts for every .dll etc that loads into a program. Which means looking at everyone, and allowing (or not). Clicking “remember” means that this happens only once per program start.

As an x-user of SSM & Prosecurity, I quite like having control of .dll 's etc

Is there a better way of constructing a .dll safelist? I’ve looked at the safelist creation utility, and in there there is an option to add files & folders as safe for hips control. This seems like the best method, so assuming my PC is clean, I could scan the windows & program file folders, adding all the contents as safe.

What is not clear to me is that if I add a folder as safe e.g. program files, does this mean that all items currently in that folder (& sub-folders?) are marked as safe at the point of the scan, or does it mean that anything in that folder will always be considered as safe, including new files added at a later date?

Also, does this scan pick up dll’s etc that are monitored under the “high” hips option?


PS. Everything running OK so far! :■■■■

Well, I gave it a go… I scanned my program files & windows folders, setting CAVS to put everything it finds in my safelist. Now, when runnning on “high”, I do not get questions about .dll files. So it looks like the scan has picked everything up.

Looking at the list, it has picked out all the individual files, so I guess that the directory itself has not been labelled as safe? But I’d like this confirmed!!!


Telling it to include a folder is really telling it to include all files found within that folder, not the folder itself. A folder can’t do anything other than contain files. It’s the files we’re worried about, not the container they’re held in.

Ewen :slight_smile:

OK. great. I was just wondering if it was an “ignore” this folder type thing that is normally an option in AV programs.

Thanks. :■■■■