Crystian 0 Posted September 25, 2019 Share Posted September 25, 2019 (edited) I have xbox pass with several games downloaded, as example: "Gears of war 5", and when I launch it, prompts constantly about create new rule (and save a lots identical rules) The path is so strange, look a this: \\?\Volume{04150100-99d9-ae47-b1da-3f7d184a946d}\GearGame\Binaries\WinStore\Gears5.exe. I am not sure why, maybe it's a protection or sandbox for the game, I don't know, but I think it is related with the asks. And I can't play the game because there is not connection (timeout I guess) Thanks Edited September 25, 2019 by Crystian Link to comment Share on other sites More sharing options...
Administrators Marcos 4,838 Posted September 25, 2019 Administrators Share Posted September 25, 2019 Obviously you have switched the firewall to interactive mode. By default, all outbound communication is allowed without asking. If the path to the application changes, you can only create a rule for the remote IP address and remote port. Link to comment Share on other sites More sharing options...
Crystian 0 Posted September 26, 2019 Author Share Posted September 26, 2019 yes, I want to do in interactive mode. The path doesn't change, it's the same but it is a "virtual path", so, I think eset is not prepared for this kind of path, does it make sense? Link to comment Share on other sites More sharing options...
Crystian 0 Posted October 2, 2019 Author Share Posted October 2, 2019 might this be part of the new version (13)? Link to comment Share on other sites More sharing options...
davidpitt 4 Posted October 6, 2019 Share Posted October 6, 2019 (edited) I have the same problem, very annoying to have to disable the firewall or set it to auto to play this. Can we not just create a firewall rule for something like "*\Gears5.exe" ? Thanks Edited October 6, 2019 by davidpitt Link to comment Share on other sites More sharing options...
Crystian 0 Posted October 6, 2019 Author Share Posted October 6, 2019 (edited) I tried with "Gears5.exe" only, and does not work, but, as workaround you can put temporary rule and it does not ask you again... so strange... Edited October 6, 2019 by Crystian Link to comment Share on other sites More sharing options...
itman 1,594 Posted October 6, 2019 Share Posted October 6, 2019 1 hour ago, davidpitt said: Can we not just create a firewall rule for something like "*\Gears5.exe" ? This subject has come up many times in the past. The Eset firewall doesn't support wildcard notation for executables. If one insists on using Interactive mode, one will be getting an alert whenever the app .exe changes path name; real or virtual. Link to comment Share on other sites More sharing options...
Crystian 0 Posted October 6, 2019 Author Share Posted October 6, 2019 32 minutes ago, itman said: This subject has come up many times in the past. The Eset firewall doesn't support wildcard notation for executables. If one insists on using Interactive mode, one will be getting an alert whenever the app .exe changes path name; real or virtual. Yeap, but, in this case the virtual path does not change, it's the same, but the rule does not recognize I thing by it is a virtual one Link to comment Share on other sites More sharing options...
itman 1,594 Posted October 6, 2019 Share Posted October 6, 2019 28 minutes ago, Crystian said: Yeap, but, in this case the virtual path does not change, it's the same, but the rule does not recognize I thing by it is a virtual one To begin with, files the begin with "\\?\ are not virtual files. This is how Windows reference files locate in the C:\Windows\WinSxS directory. You can try specifying that path but it will still be an effort in futility since the file names for Win Store apps and the like are constantly changing. And its not just Win Store apps that have constantly changing names. Win system apps including Windows Defender do likewise. One reason Eset included the specification in Network Protection to allow Win firewall inbound apps was to accommodate this activity. And many of the above apps do auto updating of the Win firewall to accommodate this. I have previously mentioned about Eset also using the Win firewall outbound rules likewise to accommodate this activity. It appears that this is something that the Eset firewall in its present Interactive mode isn't capable of handling. Link to comment Share on other sites More sharing options...
davidpitt 4 Posted October 7, 2019 Share Posted October 7, 2019 This all sounds to me like ESET just needs to update their product to play nice with Windows Store or \\?\ paths?? Or to add the option of allowing wildcard paths for processes. We've migrated all of our business AV solutions from ESET to Sentinel One... that allows wildcard paths... just saying Link to comment Share on other sites More sharing options...
itman 1,594 Posted October 7, 2019 Share Posted October 7, 2019 5 hours ago, davidpitt said: Or to add the option of allowing wildcard paths for processes. We've migrated all of our business AV solutions from ESET to Sentinel One... that allows wildcard paths... just saying I would say "hell would freeze over" first before Eset ever adds full wildcard support to either the firewall or HIPS. It has been a feature requested for years by multiple Eset users and "panned" by Eset with statements like "it will most likely be added in an upcoming future release," etc.. Link to comment Share on other sites More sharing options...
Recommended Posts