Application Modification Detection Question?

Discussion in 'ESET Smart Security' started by thegreatoutlaw, Aug 1, 2010.

Thread Status:
Not open for further replies.
  1. thegreatoutlaw

    thegreatoutlaw Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    75
    I updated WoW and loaded it up, and at the login screen it minimized and NOD32 popped up with Application Modification Detection and I clicked Deny on accident LOL... stupid i know. Is there a way I can roll back on that, like a rule list or something I can remove the deny from, or will it just ask it again?
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    Maybe this
    "..
    open the Advanced Setup window and click Personal firewall Application modification detection. Then, click Add... to add the list of applications that are allowed to update without being checked.
    .."
     
  3. thegreatoutlaw

    thegreatoutlaw Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    75
    Thanks for the quick reply! Yes i went to that and thats fine but I didn't see like a list of things I've denied already or allowed. So basically clicking Deny on that box isn't permanent? And its okay that I clicked it on accident?
     
  4. thegreatoutlaw

    thegreatoutlaw Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    75
    Anyone? Sorry... its buggin the hell outta me lol... I just expected like a rule list a firewall would have that would tell me what I've denied or allowed and I can alter as I wish... so Application Modification Detection does not have a list that saves any rules?
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    A blocking rule must have been created in the firewall rule list if you clicked Deny.
     
  6. thegreatoutlaw

    thegreatoutlaw Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    75
    I dont see one, because isnt that list different then the Application Modification Detection?
     
  7. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  8. AJStevens

    AJStevens Registered Member

    Joined:
    Aug 27, 2008
    Posts:
    97
    Location:
    Surrey, UK
    Application Modification Detection is a check that the program hasn't changed since you created the firewall rule, otherwise you've created a rule for a legit program, which later gets overwritten by mailware and is able to get through the firewall.

    If you clicked "Deny", then I would expect it to modify your existing rule for that program from "Allow" to "Deny", or create a "Deny" rule above it.

    The AMD list is an exclusion list, eg those you don't want this check on. Personally I would only enter programs in here that update daily (a MMORPG perhaps) or remote access programs that get updated (otherwise you may lose remote access until you're infront of it and can allow the modified program), as I like to get the popups and know what changes are going on. Sometimes you have to permit windows programs after an update or service pack as well.
     
Thread Status:
Not open for further replies.