Jump to content

Cannot disable notifications in ESET Protect Cloud


Panayiotis Zezos

Recommended Posts

Hello to all community here. 

We have a policy in ESET Protect Cloud to disable "rundll32.exe".

Users are complaining because are getting several times in a day the notification that the specific executable file tried to open but its blocked due to ESET Policies.
We disabled the notify button on the policy but users still get it. 

image.png

Can anyone please assist what is the actual case here? Rule is on prepend fyi.

Thank you,

Panayiotis

Edited by Panayiotis Zezos
vocabulary
Link to comment
Share on other sites

  • Panayiotis Zezos changed the title to Cannot disable notifications in ESET Protect Cloud
  • Administrators

I couldn't find the HIPS rule from the first screenshot. There's only one rule "Allow powershell" on the machine from which you have provided the ELC logs.

Link to comment
Share on other sites

I find it odd that the rundll32.exe HIPS rule is being triggered at all. I have the same HIPS rule and it has never been triggered.

I advise determining what is triggering the HIPS rule rather than how to disable notification of it being applied. If it turns out to be legitimate activity, you can create a HIPS rule to allow that activity.

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...