Eset GUI Update Alert

[itman 1,659]

I have had the below screen shot alert occur the last few times an Eset in-product upgrade occurred. I have the firewall set to Automatic. I thought Application Modification detection only occurred when the firewall was set to Interactive mode. Also this is the only app update alert I every receive. The Eset GUI default firewall is enabled allowing all equi.exe outbound traffic.

Is this some type of internal security check to detect any unauthorized equi.exe modification? 

  

[Marcos 5,070]

This would happen if you had a permissive firewall rule created for egui.exe and modification of signed applications was not allowed automatically:

[itman 1,659]

5 minutes ago, Marcos said:

This would happen if you had a permissive firewall rule created for egui.exe

The only firewall rule for equi.exe is the default rule. See the below screen shot. Should that rule be disabled?

[Marcos 5,070]

Do you have the option shown in my screen shot enabled or disabled?

[itman 1,659]

1 hour ago, Marcos said:

Do you have the option shown in my screen shot enabled or disabled?

Disabled.

I thought it wouldn't matter what that setting was since my prior use of Application Modification showed it was only applicable with the firewall in Interactive mode. Again the only alert I have ever received was for equi.exe. What is strange is the alert doesn't manifest until a few hours after an Eset upgrade. And the alert only occurs once after I respond with keep existing firewall rules. For example, Eset upgraded to 12.0.31 at 9:00 AM today and the alert appeared late in the afternoon. Also there has been no change to equi.exe last modification date after the above noted upgrade time.

 

Edited December 6, 2018 by itman