AhadOC 0 Posted February 21, 2021 Share Posted February 21, 2021 I switched to windows 10 insider beta channel from regular release preview channel & now I'm on windows 10 pro pre-release 210216-1530 Since then HIPS twice now in last 2 days randomly pops up saying "hips.. registry access " .. to something in authentication. never had this come up until windows upgraded to pre-lease beta. Whats consecutive switch count registry? hips using smart scan setting in eset if that matters? Wanna provide as much info I can think can help get answers. I did a eset Sysrescue scan last night off a usb with up-to-date eset signature database & scanned.. found nothing. Did a in depth scan Is this nothing to worry about? I'm logging in to windows 10 using outlook account. I'm using the "Pin" option to login instead of password. Any advice would be much appreciated! Link to comment Share on other sites More sharing options...
AhadOC 0 Posted February 21, 2021 Author Share Posted February 21, 2021 (edited) Guessing this is the ones popping up I checked log. A lot of stuff for hips but I believe these are related?? btw to add besides image below.. When i did ESET SYS rescue scan last night off usb.... during the start of scan after few minutes it crashed my computer. Computer kept running but screens shut off. I did a hard reset 3 times in a row and then finally was able to do a full scan with sysrescue live boot Edited February 21, 2021 by AhadOC Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted February 21, 2021 Administrators Share Posted February 21, 2021 Do you have HIPS in automatic mode without any "ask" custom rules? Also make sure to keep debug logging of blocked operations in the advanced HIPS setup disabled. Link to comment Share on other sites More sharing options...
AhadOC 0 Posted February 21, 2021 Author Share Posted February 21, 2021 Smart mode but I took screenshots to make it easier for ya.. thanks for replying! 🙂 also I have Malwarebytes running. ESET only better? Is it true it be best to just use web protection for Malwarebytes and turn ransomware, exploit etc. off on it? I see ESET blocking Malwarebytes related. ill attach log here. smart mode btw not automatic. I don't see any rules/ exclusions & don't believe I ever added/ removed any. Is web protection ok for malwarebyes? It seems to be really good with web browsing part lol. & as I said i ran sysrescue live. Nothing found. oh, and why turn of logging? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted February 21, 2021 Administrators Share Posted February 21, 2021 1, I was not asked for an action when creating/modifying the above reg. value in Smart mode. Therefore I assume you were asked for an action because of a custom ask rule. Please provide logs collected with ESET Log Collector to check your HIPS configuration. 2, You can use MBAM as a second opinion on-demand scanner. Make sure to disable its real-time protection as well as any of its drivers so that none is running. 3, Diagnostic HIPS records are intended only for developers. Link to comment Share on other sites More sharing options...
AhadOC 0 Posted February 21, 2021 Author Share Posted February 21, 2021 (edited) Case #497653 - "hips log" has been created for you. edit: I Pm'ed you it Edited February 21, 2021 by AhadOC Link to comment Share on other sites More sharing options...
itman 1,748 Posted February 21, 2021 Share Posted February 21, 2021 6 hours ago, AhadOC said: Smart mode but I took screenshots to make it easier for ya.. thanks for replying! 🙂 The above HIPS log entries show Windows Defender real-time is running which could be all or part of the issue. Note that when Eset is installed, it turns off both Windows Firewall and Defender. This status should also be shown in Windows Security Center. As far as I am aware of, Eset doesn't officially support Win pre-release versions let alone beta versions. Link to comment Share on other sites More sharing options...
Recommended Posts