Guest JustAnotherGuest Posted March 26, 2021 Share Posted March 26, 2021 I have set Eset to warn me when HIPS forbid an action or when a modification apply to boot application. I get this message (it's a translation i'm using the french UI): "boot parameters modification Application : C:\Windows\System32\services.exe Target : HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BITS\Start The operation has not been allowed." I seems BITS should be allow, isn't it? Is it an error from eset? Link to comment
Administrators Marcos 5,242 Posted March 26, 2021 Administrators Share Posted March 26, 2021 Please provide logs collected with ESET Log Collector. If you have any custom HIPS rules, disable them and see if it makes a difference. Link to comment
itman 1,743 Posted March 26, 2021 Share Posted March 26, 2021 3 hours ago, Guest JustAnotherGuest said: Application : C:\Windows\System32\services.exe Target : HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BITS\Start The operation has not been allowed." Malware can modify that registry key. Example of this here: https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/trojan.lnk.powload.ah . Link to comment
Guest JustAnotherGuest Posted March 28, 2021 Share Posted March 28, 2021 What a shame! Eset is either buged or badly translated. The box on the screen says "operation not authorized" while the HIPS log says action : "authorized" ! images : https://www.udrop.com/5aD9/Capture_d’écran_2021-03-28_035605.png https://www.udrop.com/5aDa/Capture_d’écran_2021-03-28_063702.png Link to comment
Guest just another guest Posted March 28, 2021 Share Posted March 28, 2021 PS : I have no custom HIPS rules. And I am on auto mode Link to comment
Guest just Another Guest Posted March 28, 2021 Share Posted March 28, 2021 Eset translation is awfull. I had to install the english version. Even some French sentences that i couldn't understand (although i'm french myself) makes absolute sence in english. I wouldn't advise anyone to install anyother translation than the english application Link to comment
Administrators Marcos 5,242 Posted March 28, 2021 Administrators Share Posted March 28, 2021 Thank you for the heads-up. The localization bug has been reported and will be fixed, if confirmed. Link to comment
Guest just Another Guest Posted March 28, 2021 Share Posted March 28, 2021 There is another bug in French translation instead of saying "scans" they says "detections" while "une détection" is when you found something. "scan" or "analyse" are often used in French. Link to comment
Administrators Marcos 5,242 Posted March 28, 2021 Administrators Share Posted March 28, 2021 Since I don't speak French, I'd recommend reporting it through your local ESET distributor. Translation is done by a professional translation company but issues may occur if exact context is not known. Link to comment
Guest Just Another Guest Posted March 28, 2021 Share Posted March 28, 2021 Thanks for your help. I have an ultimate last question. I noticed in the english version, once a scan is completed in the info box "No detections has been found" Is it my poor english (it may be) or is it a wrong translation as wouldn't this meen that they "didn't find the finding"? Link to comment
Guest just another guest Posted March 28, 2021 Share Posted March 28, 2021 actually it is written "have" not "has" :S ok it's not critical but ... Link to comment
Most Valued Members peteyt 396 Posted March 28, 2021 Most Valued Members Share Posted March 28, 2021 3 hours ago, Guest just another guest said: actually it is written "have" not "has" :S ok it's not critical but ... This means no viruses have been found - no detections have been found Link to comment
Recommended Posts