Jump to content

HIPS error in event log


Recommended Posts

Hello again. I finally decided to upgrade to Windows 10 Spring Creators Update 1803 (build 17134.112). My W10 version is Windows 10 Home 64-bit edition. Before doing so I completely uninstalled Eset Nod32 Antivirus 11.1.54.0 from the machine to avoid potential conflicts doing the W10 upgrade. Yesterday I did a clean reinstall of Eset Nod32 Antivirus using the Live-Installer from the official website.

Now I've noticed 2 HIPS related errors in the Nod32 event log.

Translation from Danish to English:

"Communication with the driver failed. HIPS is inactive." and "The module wasn't read/loaded. Changing of HIPS-settings doesn't work correctly."

5b24acea4c957_HIPSforEsetForum3251251515.png.52de5bd812e542e83c45e6e637b070b5.png

Judging by the time stamps of the events, this appears to be about right after I reinstalled Eset Nod32 Antivirus on my system. Can't say I've ever noticed any errors regarding HIPS in the 6+ years I've been using your program, so this is quite concerning to me.

As you can see by the two other screenshots I have attached, Eset claims that HIPS is very much running and everything is green.

5b24adb42fa22_HIPSforEsetForum21431414.thumb.png.0b6b8858ba6bbadc813a00a14ed7bd45.png

5b24adc30e7c0_HIPSforEsetForum263263262626.png.a2bc750a86990142a9935c8da6631b21.png

And here are the current module versions for the sake of it.

So any ideas as to why those 2 HIPS errors have shown up in my Eset Nod32 Antivirus event log? Should I be concerned for my computers safety? I have never seen anything marked in yellow/gold appear in my event log related to HIPS until now.

Please respond and thanks in advance.

Edited by autobotranger
Link to comment
Share on other sites

When I installed Eset Internet Security ver. 11.1.54 on Win 10 1803, I also observed like HIPS error messages. Others in the forum have posted this activity likewise at installation time.

If the log errors did not appear again, assume it was "glitch" in the Eset installer. In any case, your Eset HIPS protection status is not affected by these error messages.

Link to comment
Share on other sites

  • Administrators

The errors were logged only once. Are you experiencing the issue frequently? If you are able to reproduce it, we'd need a complete memory dump from such state as well as ELC logs with a registry dump included.

Link to comment
Share on other sites

27 minutes ago, itman said:

When I installed Eset Internet Security ver. 11.1.54 on Win 10 1803, I also observed like HIPS error messages. Others in the forum have posted this activity likewise at installation time.

If the log errors did not appear again, assume it was "glitch" in the Eset installer. In any case, your Eset HIPS protection status is not affected by these error messages.

Okay, so at least it isn't just on my end then. Forgive me, but what exactly do you mean by "your Eset HIPS protection status is not affected by these error messages."? Does this mean that I in theory can't trust the Green status for my HIPS because of errors and that it may in fact not be working as intended, even though the Eset UI shows everything as "on"?

15 minutes ago, Marcos said:

The errors were logged only once. Are you experiencing the issue frequently? If you are able to reproduce it, we'd need a complete memory dump from such state as well as ESET Log Collector logs with a registry dump included.

So far they have only appeared once, yes. I have powered down my computer many times, since installing Nod32 again, as I always turn off my computer when I'm not at home.

But I'd really like to know if my Nod 32 and HIPS is actually working as intended, so perhaps it would be for the best to simply send you a memory dumb and ESET Log Collector log anyway?

I would just need instructions on what exactly to do.

Link to comment
Share on other sites

3 hours ago, autobotranger said:

I would just need instructions on what exactly to do.

The only way these errors can be reproduced is by uninstalling and reinstalling ver. 11.1.54 which I personally have no intention of doing.

For reference, I did previously reinstall ver. 11.1.54 multiple times and these same error messages appeared each time on Win 10 x(64) 1803.

Link to comment
Share on other sites

  • 2 weeks later...

I've got same issue with eav 11.1.54. After upgrade to build 17704 EAV HIPS stops working. I've tried to uninstall/clean install. Did not solve problem.

Link to comment
Share on other sites

  • Administrators
55 minutes ago, ExaFlop said:

I've got same issue with eav 11.1.54. After upgrade to build 17704 EAV HIPS stops working. I've tried to uninstall/clean install. Did not solve problem.

HIPS, Anti-Stealth and firewall do not currently work with Windows 10 Insider Preview build 17704. We are currently working on making products compatible with this build and changes that Microsoft has made to the system.

Link to comment
Share on other sites

  • 3 weeks later...

I just reinstalled windows 7 64 bits, and after installing EIS I observe these same events in the registry, plus one of the firewall.

I have uninstalled and reinstalled the program 2 times and both times it throws these events.

Install version 10 of ESS and there does not throw these events.

Are events that we can consider "normal"?

Is the team safe in spite of these events?

The firewall error is this:

"The attempt to add the root certificate to all known browsers on the computer failed."

Eventos.jpg

Edited by Hijin25
Link to comment
Share on other sites

  • Administrators

To fix the problem with import of the root certificate, continue as follows:

- disable SSL/TLS filtering
- reboot the machine
- without launching any browser, re-enable SSL/TLS filtering
- after a few seconds, launch a browser and try to open an https website.

As for the HIPS error, the best would be if you could provide us with a complete memory. To generate one, configure the system as per the following KB and trigger a crash when you start the computer and the error is reported: https://support.eset.com/kb380

When done, compress the dump, upload it to a safe location and drop me a private message with a download link. Also please provide logs gathered by ESET Log Collector.

Link to comment
Share on other sites

Thank you very much for your reply.

These events were only recorded during the installation, later restarts of the PC have not been presented to me.

Do you think it necessary that you still do the steps that you indicate?

Edit:

I just installed eset internet through the package of version 11.0.159.9 without registering any of the mentioned events. Then update to version 11.1.54.0 from the same program without incident.

Maybe it could be the case that the package to install version 11.1.54.0 has some problem?

Sin eventos.jpg

Edited by Hijin25
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...