Thank you for your reply.
I just wanted to update this thread for others, after waiting a while to post the results.
Earlier I received the following mail from Itarion Support:
Hello,
Thank you for contacting ITarian. Actually Registry process is a legitimate Microsoft Process:
Recent versions of Microsoft’s Windows 10 operating system, for instance build 17063, come with a new process that is just called Registry.
The Registry process is used to hold Software and User Registry hive data (HKEY_LOCAL_MACHINE\SOFTWARE and HKEY_CURRENT_USER) to utilize memory management capabilities and, in the future will reduce the memory usage of the Registry in the future .
See https://answers.microsoft.com/en-us/windows/forum/…
For some reasons HIPS does not recognize Registry as Safe application and therefore shows an alert, because you do not use HIPS auto-action in profile settings.
As workaround the you can create HIPS rule for Registry application and apply “Allowed Application” ruleset
Thanks and Regards,
Nicholas
Itarian Support
I created HIPS rules and haven’t heard the clients in a week.
So hopefully the warning has been solved with this ruleset.
See my opening post, I find it very strange that I’m the only one seeing this problem because it looks like devices with updated Windows 10 and the latest CCS can trigger this problem.
What do Itarian Support mean with: ‘‘because you do not use HIPS auto-action in profile settings.’’?
My profile is based on the default ‘Hardened Windows Profile for ITSM 6.10’ like I was suggested a few years ago.
I couldn’t find any ‘HIPS Auto -action’. What is it and is that now enabled by default?