Author Topic: Suspicious  (Read 16464 times)

0 Members and 1 Guest are viewing this topic.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Suspicious
« Reply #15 on: November 22, 2005, 04:55:02 PM »
I've spotted the relevant words 'outbound messages' in the Note section, so it would only effect the sender and not the recipient, which to me doesn't make sense.
If it is suspicious when it is sent, it should still be suspicious when it is received ???
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6927
Re: Suspicious
« Reply #16 on: November 22, 2005, 05:06:05 PM »
Exactly, and that's exactly what I'm thinking... but regardless of those settings, and what the line up there (NOTE) says, if avast! is checking the subject of those messages when they are leaving your outbox, IMHO it should also check them before they arrive in your inbox, right ?
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6927
Re: Suspicious
« Reply #17 on: November 22, 2005, 05:08:56 PM »
And guess what... I just sent one message without a subject line to myself... no warning when sending, nor when I received that same message... I see avast! is checking the message (blue bar down there by the taskbar) and every single message is signed by avast!
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: Suspicious
« Reply #18 on: November 22, 2005, 05:32:31 PM »
Exactly, and that's exactly what I'm thinking... but regardless of those settings, and what the line up there (NOTE) says, if avast! is checking the subject of those messages when they are leaving your outbox, IMHO it should also check them before they arrive in your inbox, right ?
Can't Vojtech or Forejt say something about this?

And guess what... I just sent one message without a subject line to myself... no warning when sending, nor when I received that same message... I see avast! is checking the message (blue bar down there by the taskbar) and every single message is signed by avast!
This is even stranger  ::) ???
The best things in life are free.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Suspicious
« Reply #19 on: November 22, 2005, 07:31:26 PM »
Quote
This is even stranger 
We are now well into page 2 and still no word from Alwil that's what's strange.....
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Suspicious
« Reply #20 on: November 22, 2005, 07:47:53 PM »
And guess what... I just sent one message without a subject line to myself... no warning when sending, nor when I received that same message... I see avast! is checking the message (blue bar down there by the taskbar) and every single message is signed by avast!
Snap, just done the same sent email with no subject with Internet Mail on High and no Suspicious message and obviously no inbound warning. Weird.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6927
Re: Suspicious
« Reply #21 on: November 22, 2005, 08:53:36 PM »
I told you, I'm not making it up  ;D  ;D  ;D

It looks like Bob is the only one who ever saw that message... actually I saw it as well when he sent me screenshot in following e-mail.

Ghosts maybe ? ...or this time little goblins ?  ;D
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11658
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: Suspicious
« Reply #22 on: November 23, 2005, 06:01:15 AM »
Depends on the heuristics level. On High, it does warn for these kinds of things. On normal, it should not.

Anyway, the "       Me        " sender address is also sort of weird, isn't it? Why the white spaces? Do you know that some worms use this technique to hide the actual value (by relying on the fact that the text will be too long and Outlook [or other mail client] will clip it)?


Thanks
Vlk
If at first you don't succeed, then skydiving's not for you.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Suspicious
« Reply #23 on: November 23, 2005, 06:09:49 AM »
Depends on the heuristics level. On High, it does warn for these kinds of things. On normal, it should not.

Anyway, the "       Me        " sender address is also sort of weird, isn't it? Why the white spaces? Do you know that some worms use this technique to hide the actual value (by relying on the fact that the text will be too long and Outlook [or other mail client] will clip it)?


Thanks
Vlk

Vlk
It's not suspicious, it's a screen shot in which I deleted and edited certain personal information. Just as it doesn't show the actual e-mail addresses used.
Also, My settings aren't set to high as you can see from the screen shot.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6927
Re: Suspicious
« Reply #24 on: November 23, 2005, 12:34:09 PM »
...
...
...
Anyway, the "       Me        " sender address is also sort of weird, isn't it? Why the white spaces? Do you know that some worms use this technique to hide the actual value (by relying on the fact that the text will be too long and Outlook [or other mail client] will clip it)?
Thanks
Vlk

@Vlk - Yes, just as Bob already mentioned "      Me      " is just added (retouched) part of the screenshot. He just erased original information not wanting to make his e-mail address and sender's name public. See those white lines, he actually removed original information and added some non-existing info, just to fill up the space.

@Bob - you didn't have to add "    Me   " or anything for that matter, you could just simply bloor all those original information to avoid confusion.

Depends on the heuristics level. On High, it does warn for these kinds of things. On normal, it should not.

Well, that's really weird in this case... Bob's settings are set to NORMAL and still he gets those missing subject line warnings... DavidR and I, both have set our heuristics level to HIGH or CUSTOM (with high-like settings) and neither one of us is getting those messages... whether we try to send e-mails without the subject line, or we try to receive them...  :o

Regards

P.S. Vlk, I hope you guys had some nice time in Microsoft, Seattle. Any productive news for public maybe or those are little business secrets  ;D ?
« Last Edit: November 23, 2005, 12:36:22 PM by S.Z.Craftec »
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

sedina

  • Guest
Re: Suspicious
« Reply #25 on: November 24, 2005, 06:49:37 PM »
Hi guys, there are two similar "subject check" fields in heuristic, but with different meaning. First one is "Subject structure check" and is located on Customize dialog. This check enables/disables warning for empty subject (for all heuristic level it's disabled, you must turn on manually). In "summary" window it's noticed as "* Message structure check".

Second "subject check" is located on Heuristics - Advanced page. In "summary" window it's noticed as " - Check according to subject". If this option is enabled, avast! will warn you when there are emails (defined count) with identical subject sent from your computer in defined time (you can also make recognition not only according to subject, but also according to name of attachment - it's check-box "Check attachments"). This functionality is called "Outbound messages - Time period check". It's enabled for HIGH level (you cannot change values) and for CUSTOM (you can change everything). Hope this helps...

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Suspicious
« Reply #26 on: November 24, 2005, 07:36:55 PM »
Thank Pavel
But mine is set to normal and when I looked at the settings, the one for check subject is NOT ckecked by default.
Was this just a fluke???
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

sedina

  • Guest
Re: Suspicious
« Reply #27 on: November 25, 2005, 10:44:39 AM »
Hi, so you have set Internet Mail sensitivity to "Normal" (it means that Heuristic sensitivity is Medium) and you are warn by avast! when sending e-mail with empty subject? thanks for info...

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Suspicious
« Reply #28 on: November 25, 2005, 04:36:54 PM »
pavels
It happened that one time as you can see from the screen shot.
I just sent an e-mail to one of my other addresses  again without a subject but this time I didn't get the
suspicious warning. I haven't touched any settings so I really don't know what's going on.
Maybe like Sasha said..... goblins... ???
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet