Just upgraded from Avast 4.8 to 5.0 today. I generally consider myself pretty knowledgeable about PC’s and software as that is what I do for a living. Anyway, after installing 5.0 and going through the features and settings, I noted an entry in mail shield’s expert settings SSL accounts area for carrierzone.com POP3 on port 995.
Since I didn’t recognize the entry, I tried deleting it. It came back.
I ran a boot time scan with Avast to see if I had some sort of virus/malware which might be causing this. The scan was clean.
Ran additional full (not quick) scans with Malwarebytes and SuperAntiSpyware with latest updates from Windows safe mode. Both came up clean.
Googling carrierzone.com doesn’t turn up a lot of useful info.
Can someone tell me what the heck an SSL POP3 entry for carrierzone.com on port 995 is doing in my Avast 5 SSL accounts? Is this something to do with Avast itself? Is the CNet download (linked directly from the Avast site) carrying something it ought not?
I realize that many if not in fact most people will never look at these settings in Avast, but I did and I’d like to know why carrierzone.com is listed on port 995 for POP3 in SSL and why I can’t make it go away.
Just finished additional scans with the Microsoft Malicious Software Removal Tool (ran MRT /F:Y) and Windows Defender. Both came up just as clean as the Avast boot time scan, Malwarebytes and SuperAntiSpyware.
The carrierzone.com SSL POP3 connection on port 995 comes back no matter what I do. (See attached screenshot.)
So…any ideas? Search of the forums has come up empty and I can find no reference to this email account/SSL connection in any of the Avast documentation.
Usually this comes as an automatic detection when you try to connect to some email server via a SSL/TSL connection - sure you do not have one with this name? Avast tries then to store the respective port settungs and will ask you to disable SSL/TSl in your mail programm; avast is then doing the SSL/TSL encryption (as avast can otherwise not scan your encrypted mails).
Appreciate the advice but I hoped it would be clear from my initial post that I have already done the basics.
This is not part of any of my email client settings. Right up until the moment I installed the new version of Avast, this SSL POP3 connection on port 995 did not to the best of my knowledge exist on my system. The only thing I have with regards to POP3 that requires an SSL connection on port 995 is Gmail. My standard ISP POP3 is not SSL and is on port 110.
The information at the carrierzone.com site is less than helpful. Like I said in my original post, I’d already fired up Google looking for answers. Frankly, I was surprised at just how little info turns up.
I’m not ready to say that this port is somehow related to the new version of Avast itself, but I’m also not ready to say that it’s not. In any case, I’d like to find the answer.
Yup. Did all that before I posted. Between this forum and multiple web searches, it quickly became apparent that no one had any real idea of what was causing this behaviour. I still don’t know where it came from or why it kept coming back even when deleted repeatedly, but it’s fixed now through a combination of steps:
Uninstalled Avast Free!
Cleaned all temp files with Temp Cleaner 3.04
Cleaned all traces of Avast from the registry with JV16 Power Tools[/I]
[li]Ran (fruitless) scans again with Malwarebytes and SuperAntiSpyware in safe mode
Scanned with the bootable Avira Rescue System CD (which is a GREAT bit of free software.)
Scanned with the bootable AVG Rescue CD (which is also free and pretty dang good.)
Rebooted and re-installed Avast Free
Deselected scans of incoming and outgoing mail* before firing up Windows Live Mail
Problem gone!
*I wish there were a way to just slap turn off that provider service without getting an ugly exclamation mark on the Avast systray icon. Since nothing is going to run simply by looking at it in the preview pane (as thankfully those bad old days are over), I’m well satisfied with simply scanning any attached files when they are opened which (by default) happens regardless.
It may not be a solution, but a solution does not seem to be forthcoming. I do what works.
Also, as I said, there is little or no reason to actually scan email as it arrives. My ISP scans. Gmail scans. And any attachments are scanned when opened just as any other file is scanned (by default) when opened. And now that you’ve told me this…
You can also turn off the status control of email shield in avast.
…I’ve turned off status bar monitoring of the mail shield (and done away with the ugly exclamation mark* that was showing up in response) completely.
*Anyone else that didn’t know where to find the setting for turning off these things, just click on “settings” and then “status bar” to de-select.
Anyway, it would be interresting to see, if the “carrierzone” is still on your system…
So, turn on the scanning and see if it comes back.
You can always turn it off again and delete the ssl-settings in avast.
just guessing: the system could be spammed with a mass mailing bot…do you get any mail scanned through carrierzone? I mean not originating from your email client, just mails sent by something running on your system… some trojans can do this.
edit: you wouldn’t see it scanned in Avast anyway as it’s on POP 995 and obviously you didn’t set up anything related to carrier zone, it’s just detected. But it’s definitely there, running somehow…
Your standard mailprovider is not gmail, do I understand that right? So you have another mail account.
May I ask the provider of your standard email-account?
And the email-client that you use?
The weirdness is that my ISP email account is not SSL and not on port 995 and not set up using the carrierzone.com as the named POP3 server (see attached screenshots) which makes me wonder why Avast was picking this up as SSL and port 995 (see screenshot from Avast posted upthread) even though the carrierzone thing now makes sense.
Re-enabling the mail shield and inbound/outbound scanning now picks up carrierzone.com on port 110 (which is correct) and shows it to be unencrypted/non-SSL which is correct. (See attached screenshot.)
I had checked all my account settings manually before I ever posted here. I would not have thought to check the DNS (nifty web based tools at http://www.robtex.com/) if you hadn’t asked about my mail client and ISP. Reading that just made it go ‘click’ in my mind. So…thanks!
See my previous reply to another forum participant that I just posted prior to this.
I didn’t think I had an infection with any sort of trojan or bot and indeed that was not the case. It was a simple matter of connecting the dots (which took someone else’s question to bring to mind) of checking my ISP’s DNS record.
Thanks to everyone on this thread for the help. (And no thanks to the tech support at my ISP who I had already asked about this earlier and who assured me that centurytel ran their own mail servers.)