Eset Endpoint Security WMI pop-ups

[WBA 0]

Hello,

 

Since a few days all my ESET Endpoint Security V5 Users are receiving this type off Pop-ups

Since they use policy based Rules, and most off them have no admin rights this thing keeps popping UP.

Both Windows 7 & Windows 10 clients are affected.

Disbaled HIPS. NO solution.

 

Any ideas ?

 

Kind regards.

 

 

Wim

 

[WBA 0]

GPO is not working eather, pc's are taking 4ever to start, i presume one has to do with the other.
it seems like ESET blocks GPO

 

[Marcos 5,070]

That means you have custom firewall rules for the application created and the application has been recently modified. Do you use policy-based firewall mode? Otherwise I don't see any reason for having a firewall rule specifically for wmiprvse.exe.

You can solve this easily by excluding that executable from being checked for modifications.

[WBA 0]

idd i used policy based mode
only specified EXE's can access the network
 

where do i add the exclusion ?

Why did this only started happening last week? worked fine b4 .. for like 2 years

 

[WBA 0]

idd i used policy based mode
only specified EXE's can access the network
 

where do i add the exclusion ?

Why did this only started happening last week? worked fine b4 .. for like 2 years

 

[WBA 0]

i have the same error about rundll32 on every machine..
anyone has an idea how to solve this ? 

User are getting frustrated!

 

 

[WBA 0]

Great!

So apart from a Cryptic Answer I get no Response here ? 

Super Forum..

still have 30 users with this issue and neither ESET or MGK Technologies gives a damn..

 

Thanks!

 

Wim

 

[Marcos 5,070]

You can exclude particular network-aware applications from modification detection, you can do so in the advanced setup as show in the screen shot below.