Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Dave50 on December 29, 2003, 03:23:57 PM

Title: Very Strange Email Alert
Post by: Dave50 on December 29, 2003, 03:23:57 PM

Hello everyone!  Shortly after yesterday's virus definition update, my cable broadband ISP had some connection and email problems.  After they said everything was back to normal, I sent myself an email to make sure it was working.

When I pressed 'send' on Outlook Express, avast!-home alerted with a siren and announcement that there was suspicious activity.  I chose to continue because I knew my computer had no virus or trojan.  The same alert sounded when the email was received.  I then deleted it.

The data log said heuristic found possible suspicious activity and the owner chose to delete.  I then had a friend send me an email with a clean attachment and again, avast!-home alerted with the same siren and message.  I deleted the email.

Today, I repeated the test and everything's fine and the log message from yesterday is gone.

Was this an ISP thing or was avast! having too much holiday cheer?   ;D

Avast! has the default settings in place.  XP-SP1 with all critical updates -- Outlook Express 6.

Dave

Title: Re:Very Strange Email Alert
Post by: Vlk on December 29, 2003, 03:29:51 PM

Next time this happens please notice the reason of the alert. The heuristics module always tells you what it found suspicious about the message (like 'attachment with a double extension found' etc...).

Thanks
Vlk

Title: Re:Very Strange Email Alert
Post by: Dave50 on December 29, 2003, 03:37:47 PM

Vlk -- thank you for reply.  Makes sense.

Dave

Title: Re:Very Strange Email Alert
Post by: Culpeper on December 29, 2003, 03:43:06 PM

Especially suspicious subject lines.

Title: Re:Very Strange Email Alert
Post by: ash on December 29, 2003, 03:55:49 PM

Quote from: Culpeper on December 29, 2003, 03:43:06 PM

Especially suspicious subject lines.

 do u mean avast will warn of virus bcoz of a suspicious subject line even if the mail is clean?

Title: Re:Very Strange Email Alert
Post by: igor on December 29, 2003, 11:47:45 PM

Yes, that's the heuristic (you can configure it, of course - and switch off if you want).
The mail worms have typical patterns of spreading - sending to a big number of recipients, strange subjects... this way, you get a warning about it. It may flag a virus that's not in the database yet (i.e. a new, unknown one).
Of course, it may cause false alarms - therefore the description is given. Besides, it's not a "virus alarm" - just a "suspicious message" warning.