Yes, I did see that thread shortly after starting this one. However, the conclusion in that thread is that Avast should not be blocking a mere image of some text. It should only block things that are actually executable. I had said, above, that I thought what was being removed from these emails by Avast was an embedded image. I have now checked these messages in the webmail for the account, which is not subject to Avast. I can't actually find anything in those messages that looks suspicious.
The subject line in the webmail is: how to counter Block Recent NTFS 0day(C:\:$i30:$bitmap that screws filetable)
That full line is present in both the webmail and my email client. The webmail and my email client access the same email account.
In the case where Avast removed the entire message body in my email client, according to the webmail, all it removed was the following text: "any ideas how to prevent this? are there any patches?" There is no indication in the webmail of any embedded images or attachments. If my webmail provider had silently removed them, then how could they have been downloaded to my email client, where Avast saw them? In the case where Avast claimed to have removed something from the email, I can find nothing in the webmail that is missing in the downloaded copy seen by Avast. It's almost as though Avast simply reacted to the contents of the subject line--but did not remove it--and then, in the one case, removed a completely harmless unrelated line of text, and in the other case, falsely reported removing something else.
Does this make any kind of sense?
