email "Threat Detected" popup balloon fails to identify which email

If I receive an email containing a thread, a nice red “Threat Detected” pop-up balloon appears in the system tray area of the task bar.

The problem is, it fails to identify WHICH EMAIL contains the threat.

Instead, it only shows the path of my email client executable (e.g. “C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE”), which is completely worthless.

Please fix this.

Thank you.

do you have any mails where the subject field is marked with virus ?

Nope.

But then it could be because I’m PopFile?

I’m not sure where in the chain (i.e. how) avast! is hooking into the data flow, but my mail client is configured to retrieve its POP3 mail from 127.0.0.1, which is PopFile (http://getpopfile.org/). PopFile then connects to my actual POP3 mail server to retrieve the mail.

PopFile retrieves the mail, classifies it (it’s a Bayesian spam filtering (http://en.wikipedia.org/wiki/Bayesian_spam_filtering)), and hands it back to my mail client.

On which side of the connection avast! intercepts the data flow I don’t know. It either intrecepts PopFile’s connection to my POP3 server, or else it intercepts my mail client’s connection to PopFile.

PopFile is configured to insert “[spam]” into the subject line for all email it classifies as being spam (so my mail client can route it to the proper folder), and I can see where avast’s mail shield can be configured to insert “*** virus ***” intothe subject line, so one or the other is wiping out (overlaying) the other.

Either avast needs to be fixed ot else PopFile does.

But either way, the task bar system tray “Threat Detected” popup balloon should in my opinion identify the email that contains the threat, and not the executable.

If I was doing a manual virus scan (or if it was an executable that was actually infected) then yeah, sure, I’d want to know the name of the executable (process) so I could terminate it.

But for an email threat?! The name of the executable is worthless.