pps 4 Posted January 23, 2018 Share Posted January 23, 2018 Hello, We use Firewall in interactive mode and path based rules per application. Each time the ccmeval.exe updates (new tool in System Center 2012), all clients get the warning: Application modified: an application (CcmEval.exe) on your computer has been modified and now is trying to communicate with the network (screenshot attached). This is quite disturbing to the users because they need to provide password in all users for this change to take effect (once per week). 1.Is something wrong with the specific exe file? 2.Is there any way to stop getting this pop ups in the workstations? Thanks, Peter Link to comment Share on other sites More sharing options...
Administrators Marcos 5,259 Posted January 23, 2018 Administrators Share Posted January 23, 2018 You have a permissive fw rule for ccmeval.exe created and detection of application modification is turned on. You can disable detection of application modification completely or exclude the app from monitoring if you want to keep the permissive firewall rule. Link to comment Share on other sites More sharing options...
pps 4 Posted January 25, 2018 Author Share Posted January 25, 2018 Hello Marcos, The above solution works like charm. Is there any way to get a notification in the ERA Console whenever the Application modified pop up appers to any of the eset endpoint workstations? Thanks, Peter Link to comment Share on other sites More sharing options...
Recommended Posts