You can deactivate the [iframe] option here: Right click the ‘a’ blue icon on the System Tray > On-Access Protection Control > Internet Mail > Heuristic (unmark the HTML part check)
I think if you deactivate it in the Resident you will receive the email ‘without’ avast! checking. If you want to ‘automatically delete’ infected emails, you must let that options on and configure your tasks at Enhanced User Interface. See ‘Virus’ Page at Resident Task under Internet Mail and choose the action ‘Delete’.
Ok, but I thought you must have something for Oulook 2002 (not Express). This is a plugin and you must have some place to configure it (See that there is no such a ‘Silent Mode’ for Outlook…). Do you activate the option ‘Show detailed information on performed action’?
Sorry if I can’t help you so much, becouse I use OE and not Outlook :
hadley, sorry for the confusion. Indeed such a feature is currently missing from avast (possibly because we initially thought that unconditionally deleting all such mails would be quite a dangerous thing as there’s a number of legal mails with iframes in them (e.g. all the Tucows, CNet and other newsletters have iframes - you know, the ads… :-))…
But you’re right that such a feature should be there, and that’s why we’re planning to add it in one of the upcoming avast updates…
As usual, Vlk, try to make a good documentation of it, at least, in Help files. And, please, do not forget to put this option in the GUI settings of the resident providers… It useful either not automatically delete all emails…
I’m not sure about the danger of the iframes… Anyway, this is a way of infection… I receive very few emails with them (I remember PC World Reviews have them)… If you want protection, stay with the Heuristic iframe on and add each the URL to permitted ones… Wait for the new feature promised by Vlk.
If you cannot stand to add each URL, so deactivate the iframe and be a little less protected… 8)
as always a polite and insightful answer !!!
though I would have much rather you made the choice for me ;D
But that was the answer i was looking for I can add them as “permitted urls” from the people I know ??
as i said I never received one from an outside source , though a screen all my mail using Eprompter (an A+ utility) that allow you to see all the mails on your accounts while still on their servers and I delete them (spam etc) from there
Yes, you can add your friends to “permitted urls”. But, most of your friends, won’t send you HTML email files with remote iframes… This is most used by newsletters and alert emails. You can add every url you trust (for instante, I trust in PC World and add it). The iframe is an heuristic feature, not a deterministic one, I mean, detects souspiciuos things (sometimes true ones but sometimes not).
With ePrompter, you’ll be safe deleting the emails before downloading them.
Thanks mina. For this kind of virus is what ‘Heuristic’ module is added to avast! Your link says:
JS.Flea.B
Alias: JS.Flea.b (Kaspersky),
JS/Fortnight.gen (McAfee),
JScript/FortNight.116.Trojan
Category: Java Script
Type: Trojan
Published Date: 11/30/2003
Last Modified: 12/1/2003
CHARACTERISTICS
JS.Flea.B is a worm, which spreads through a hidden link at the bottom of HTML e-mail messages created with Outlook Express.
Method of Distribution
Via Email/Website/Exploit
The link appears in an HTML IFRAME tag, and points to a particular file: http://nc.com.tw:312*************/l.htm. At present, the link resolves to another file located on a pornographic site hosted on the terra.es domain. This file contains the worm code (encrypted Java Script), which in turn tries to load and execute the applet called “aa.class”. Currently “aa.class” is no longer available
So, if the user can stay with the Heuristic module, he/she will be safer…
Anywary, deleting the email before downloading it is safe too…