itman 1,741 Posted December 5, 2018 Share Posted December 5, 2018 I have had the below screen shot alert occur the last few times an Eset in-product upgrade occurred. I have the firewall set to Automatic. I thought Application Modification detection only occurred when the firewall was set to Interactive mode. Also this is the only app update alert I every receive. The Eset GUI default firewall is enabled allowing all equi.exe outbound traffic. Is this some type of internal security check to detect any unauthorized equi.exe modification? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,234 Posted December 5, 2018 Administrators Share Posted December 5, 2018 This would happen if you had a permissive firewall rule created for egui.exe and modification of signed applications was not allowed automatically: Link to comment Share on other sites More sharing options...
itman 1,741 Posted December 5, 2018 Author Share Posted December 5, 2018 5 minutes ago, Marcos said: This would happen if you had a permissive firewall rule created for egui.exe The only firewall rule for equi.exe is the default rule. See the below screen shot. Should that rule be disabled? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,234 Posted December 5, 2018 Administrators Share Posted December 5, 2018 Do you have the option shown in my screen shot enabled or disabled? Link to comment Share on other sites More sharing options...
itman 1,741 Posted December 5, 2018 Author Share Posted December 5, 2018 (edited) 1 hour ago, Marcos said: Do you have the option shown in my screen shot enabled or disabled? Disabled. I thought it wouldn't matter what that setting was since my prior use of Application Modification showed it was only applicable with the firewall in Interactive mode. Again the only alert I have ever received was for equi.exe. What is strange is the alert doesn't manifest until a few hours after an Eset upgrade. And the alert only occurs once after I respond with keep existing firewall rules. For example, Eset upgraded to 12.0.31 at 9:00 AM today and the alert appeared late in the afternoon. Also there has been no change to equi.exe last modification date after the above noted upgrade time. Edited December 6, 2018 by itman Link to comment Share on other sites More sharing options...
Recommended Posts