Hello, I'm having what may be a non-issue with HIPS however I'd appreciate some guidance.
I'm seeing multiple entries of the following (xml exported from hips event log) : nvdisplay.container.exe targeting csrss.exe
I'd like to understand if this is a false positive and
if so how do we allow nvdisplay.container.exe when it is constantly changing it's folder location
if not then can we clear up as to why? maybe nvdisplay.container.exe is just throwing a handle into something it shouldn't be here?
So far it's been a non-issue because no noticeable ill-effects from this event have lead me to looking for a root cause.. Just purely me looking through the recent logs and noticed a lot of these entries.
Thank you