Jump to content

Application modified on permissive rule


pps
 Share

Recommended Posts

Hello,

We use Firewall in  interactive mode and path based rules per application.

Each time the ccmeval.exe updates (new tool in System Center 2012), all clients get the warning: Application modified: an application (CcmEval.exe) on your computer has been modified and now is trying to communicate with the network (screenshot attached).

This is quite disturbing to the users because they need to provide password in all users for this change to take effect (once per week).

1.Is something wrong with the specific exe file?

2.Is there any way to stop getting this pop ups in the workstations?

Thanks,

Peter

application_modified.jpg

Link to comment
Share on other sites

  • Administrators

You have a permissive fw rule for ccmeval.exe created and detection of application modification is turned on. You can disable detection of application modification completely or exclude the app from monitoring if you want to keep the permissive firewall rule.

image.png

Link to comment
Share on other sites

Hello Marcos,

 

The above solution works like charm.

Is there any  way to get a notification in the ERA Console whenever the Application modified pop up appers to any of the eset endpoint workstations?

Thanks,

Peter

 

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...