It's a 32-bit service made by our own company. Has been running for months with no issues. Just funny that ESET suddenly created what to me seems like obvious false positive warnings only seconds after an ESET update. The same issue occurs after update of the Detection Engine (version 20664) and Rapid Response module (version 15560) . It seems to happen only for one service and on one PC, so not much data to base any claims on. ESET seems to create warnings when a service log entry is written to C:\ProgramData\<company>\<application>\<log>\<textfile.log.txt>
Events log shows multiple entries: Time - Module: HIPS - Event: "An application (<service name>) tried to modify files on your computer in a suspicious way. This attempt was blocked." User - SYSTEM. However, our service's log file is updated with information.
No entries in other logs. Nothing in the HIPS-log either, even though the "Events" log says the event took place in the HIPS module.
Warning message says "Ransomeware shield" followed by the text in the events log entry: "An application.... tried to modify...etc."
Other services write similar log files to similar folders without issues.
When uninstalling our 32-bit service and reinstalling with a new 64-bit service, the issue disappears.
Little data to work on, and could be due to a weakness in our service. I guess this case can be closed. Sorry for the inconvenience.
