roarise 0 Posted February 26, 2015 Share Posted February 26, 2015 Hi, guys, I got some notices on HIPS when my windows 7 ultimate startup. It looks like ESS HIPS block some processes, the HIPS is set as smart mode. logs: 2015/2/26 21:44:08 C:\Windows\System32\svchost.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application,Modify state of another application 2015/2/26 21:44:06 C:\Windows\System32\svchost.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application,Modify state of another application 2015/2/26 21:42:41 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:41 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:39 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:39 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:39 C:\Windows\System32\svchost.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Modify state of another application 2015/2/26 21:42:38 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:36 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:35 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:35 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:35 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:35 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:34 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:32 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:31 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:31 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:31 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\winlogon.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 2015/2/26 21:42:30 C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\winlogon.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 2015/2/26 21:42:30 C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\winlogon.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application so I scan the windows, it is clean. I switch HIPS to learning mode and restart computer , problem still here . what I should do ? can any one help me ? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,704 Posted February 26, 2015 Administrators Share Posted February 26, 2015 Hello, what issue are you having with your operating system or applications as a result of HIPS blocking certain attempts to access protected objects? Also note that logging of blocked operations should only be enabled for troubleshooting purposes. As long as everything works alright, it should stay disabled. Link to comment Share on other sites More sharing options...
SweX 871 Posted February 26, 2015 Share Posted February 26, 2015 (edited) If your system is working like normal/properly those blocks are nothing to worry about, it's normal to see some blocks, and you should not enable logging unless you actually experience problems then you can find the cause by enabling logging like you have. So, unless you experience issues due to the blocks seen in your log, disable logging and use your computer as normal. (FYI, everyone will see some blocks if one enable logging, and it's nothing to worry about unless one experience a problem due to the blocks, logging is for troubleshooting purposes only.) Edited February 26, 2015 by SweX Link to comment Share on other sites More sharing options...
roarise 0 Posted February 27, 2015 Author Share Posted February 27, 2015 Thank Marcos and SweX, my system works fine, I will disable HIPS log. Link to comment Share on other sites More sharing options...
SweX 871 Posted February 27, 2015 Share Posted February 27, 2015 Yes please do that or else the log may grow quickly in size and become rather big, and you're welcome. Link to comment Share on other sites More sharing options...
Recommended Posts