Jump to content

Box

Members
  • Posts

    15
  • Joined

  • Last visited

Kudos

  1. Upvote
    Box gave kudos to itman in EGUI Application Modification Alert   
    Since the default rule exists, delete any like custom rule you created.
  2. Upvote
    Box gave kudos to itman in EGUI Application Modification Alert   
    Next time the alert appears, click on the "Approve" tab.
  3. Upvote
    Box gave kudos to Marcos in EGUI Application Modification Alert   
    It's still there among the built-in rules and even Kbleft has those rules enabled:

  4. Upvote
    Box gave kudos to Marcos in EGUI Application Modification Alert   
    We'd need step-by-step instructions how to reproduce the issue. Are you able to reproduce it at any time?
  5. Upvote
    Box gave kudos to itman in EGUI Application Modification Alert   
    Check you existing Eset firewall rule set and verify that a rule exists for C:\Program Files\ESET\ESET Security\equi.exe. If one exists, verify it is set to allow inbound and outbound traffic. Otherwise, manually create a new rule for it. Move this equi.exe rule to the bottom of existing default firewall rules. You can use the default existing ekrn.exe rule as a guide for equi.exe rule creation.
    I believe this should stop the equi.exe alert after a new app rule is created firewall Interactive mode.
  6. Upvote
    Box gave kudos to itman in EGUI Application Modification Alert   
    This would be normal behavior in firewall Interactive mode if an existing app hash value changed and a previous firewall rule existed for it. However, equi.exe is Eset signed so there might be a bug there.
    You're going to keep getting the alert until you respond to keep existing firewall rules which I would select, or to create a new firewall rule for the app.
    You can also manually verify that equi.exe in C:\Program Files\ESET\ESET Security is also Eset signed indicating it is legit.
  7. Upvote
    Box gave kudos to Marcos in EIS ekrn.exe opens a lot of connections to 93.184.220.29 and clog the internet connection.   
    According to https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-eset-product-with-a-third-party-firewall, ESET connects to the IP address to check for certificate revocations.
    Probably you've recently established several SSL connections and the product connected to the server to check the revocation status of SSL certificates.
×
×
  • Create New...