I’m new to the forum but have used avast! for several years. A problem has arisen that I’d please like help with.
I’ve been awaiting some important info by way of an email complete with attachment from a UK government body. Instead, I have received an email from “avast! 5” with the Subject: [avast! heuristic - WARNING] followed by the text: [b]Suspicious extension(s) of attachment
HC427.mht[/b] together with the addresses of the sender and myself. That’s all I received. Incredibly there was no link to the email in question nor any guidance as to the procedure I need to follow. Incredibly annoying!
I need the original email but it doesn’t seem to be filed anywhere on my computer. I’d like to know how I can retrieve it.
Are you actually using avast 5 still ?
The .mht file is essentially an html file with all the content embedded within the archived .html file this kind of file when opened can run scripts, etc. so generally it is potentially harmful and not so frequently used. Depending on your email program the attachment would be immediately displayed, this is why it can be dangerous just to let it through.
It has been so long since I used it I can’t recall the Heuristic settings on the Mail Shield for it (and that is possibly the same for most of the helpers here). I believe it would probably have stripped out the attachment, but I would have though you would have got the remainder of the email, but with the warning in the subject.
What is your email program ?
I’m using avast 7.0.1426 and crucially I have the Mail Shield set to Ask and I did a test with a .mht file attached. On trying to sent it I get an alert, image1. I am able to select what action to take, image2, I chose ignore, That allowed it to be sent. I’m now going to receive it and expect the same alert and the same Ignore selection to be able to receive it, image3 email received and .mht immediately displayed.
So you really have to have a high degree of certainty about where this is from and what it is just to let it slide…
As you can see avast 7 has greater flexibility the same as avast 6 had over avast 5.x, EDIT: see image4.
That’s a most helpful and prompt response, David. Thanks very much!
I’m on avast! 7.0.1406, with Outlook Express for emails. I have stayed with the latter as, though I have used desktop computers for many years, I am not at all clever with them and hesitate to experiment. I’m now long retired, but when I was in work our IT Dept used me as a ‘guinea pig’ for any new system (such as intranet) because “if David can work it, anyone can”!
I’ve no doubt at all that the deleted email was genuine as it came from a recognised and appropriate Sender that has never entered my email system previously. It was also expected.
The deleted email was deleted in its entirety, not just the attachment, which seems so unnecessary. I hadn’t realised that I could adjust email filtering in avast! and no doubt this applies to many other novices. Using your attached images as a guide, I have set the Mail Shield to Ask and will request a re-send of the email in question.
Thanks, DJBone, but the email wasn’t in the Chest.
Problem now resolved as the deleted email was re-sent to me this morning and avast! asked if I wanted to accept it.
A shame that “Ask” isn’t the default. If our postman had a parcel for delivery to my house and he thought it looked “suspicious”, I’d expect him hand it over with a warning to be careful when opening it, not take it upon himself to destroy it!
Avast is the most configurable AV that I have used and have been using it for the last 8 years. The problem with high configurability is the end user and getting the balance right for the greatest majority of over 150million active users. The avast Help File accessed through the avastUI, Support, Program Help, this attempts to give an idea of what settings are available. But how many can even say they look at help files or have a period of exploration through the various shields and what settings are available and what bests suits their use and experience.
So having all settings on Ask (which I do have) this will generate a bit of AV noise and be ‘asking’ questions of a user that they may not be able to answer, e.g. what the h*ll is an .mht file and why is it considered suspicious or more complex.
It is a giant balancing act to provide a balance between protection and performance, to provide a relatively transparent level of protection without too much input required from the average user.
One other fly in the ointment, is Outlook Express as that has a weird idea of what is a suspicious attachment in its security settings. I don’t believe it actually says what file types it considers suspicious but in the bast it has even blocked .zip attachments.