Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


pronto last won the day on October 17 2019

pronto had the most liked content!

1 Follower

Profile Information

  • Location

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Servus Community, we have received feedback from support. Removing macros from Office documents only works for Office documents that are newer versions or afair equal to version 2007. Under these versions, ESET cannot unzip the office document to remove the macro. The entire document is then moved to quarantine. This is a bit of a pity, because it would be a significant increase in security, but has a high error potential. Since this feature was introduced only a few weeks ago, there is still hope that it might be adjusted. Thx & Bye Tom
  2. Servus Marcos, I opened a support ticket. For everyone who is interested in and has access to the submitted data, the ticket number is: CASE_00092770 Thanks for your attention & Bye Tom
  3. Yes, this is what Matej announced a few posts before. Thx & Bye Tom
  4. Servus Matej, no, the rule does not work as expected. The entire attachment is still being moved to quarantine. The modules are all updated to current versions:
  5. Servus Matej, I could not follow your instruction step by step. I have underlined the parameters I consider necessary in your mail. However, I have not found the parameter 'Incoming email'. Here are the steps I have now set, could you please check if this is correct and if it meets our requirements? Create a new policy (Product: ESET Mail Security for Microsoft Exchange (V6+) Settings -> Server -> Rules Mail Transport Protection -> Edit -> Add Condition type -> Office Files -> Other Files -> Generic OLE2 Compound Document Action type: Qur
  6. Servus Matej, This are interesting news. Thank you for being so careful and giving feedback after such a long time. I don't know where I can look up in the Security Management Center what we actually use but according to the description of an article in your knowledge base I found it on my client and I would consider the German translation to be related to Archivunterstützungsmodul. It seems to be available in version 1302 and seems to be from 05.05 (Please note attached screenshot). The updates seem to come automatically. Such an unremarkable update unlocks such a fundamental f
  7. Servus Rami, I'm afraid none of this would have helped, because ESET did not know about the virus at 11:00 and only at 15:00 a pattern was inserted which recognized the virus. We only noticed this because we have three exchange servers but only one of them accepts emails from outside, but the virus was only found four hours later on the two internal mail servers where the databases are running. ESET Mail Security is installed on all three servers. Normaly only the first mail server finds viruses and spam, and the other two usually don't even notice how evil the world outside is.
  8. Servus Rami, yes, i know that this can be disabled in office and we have enabled this policy but it only applies to the computers in our organization. But if we accidentally forward this email to an external business partner, they will receive an infected email from us as the sender. This would be negative, because I can't make sure that the business partner has secured his infrastructure as well in that deep level, and we are the sender of the virus. Thx & Bye Tom
  9. Servus Community, is it possible to setup ESET to remove any macro in Office documents, whether a virus is found or not? So don't delete the office document itself, just remove the macro? Background: Yesterday we received an email at 10:50 with an Office Word document to a mailing list and in this email was a macro with a trojan downloader. Upon receipt, ESET did not classify this email as suspicious. In the afternoon around 15:00 the virus was detected and removed by ESET in the Word document. In the four hours in between, a lot has happened to this email, including it being opened
  • Create New...