Very Strange Email Alert

Hello everyone! Shortly after yesterday’s virus definition update, my cable broadband ISP had some connection and email problems. After they said everything was back to normal, I sent myself an email to make sure it was working.

When I pressed ‘send’ on Outlook Express, avast!-home alerted with a siren and announcement that there was suspicious activity. I chose to continue because I knew my computer had no virus or trojan. The same alert sounded when the email was received. I then deleted it.

The data log said heuristic found possible suspicious activity and the owner chose to delete. I then had a friend send me an email with a clean attachment and again, avast!-home alerted with the same siren and message. I deleted the email.

Today, I repeated the test and everything’s fine and the log message from yesterday is gone.

Was this an ISP thing or was avast! having too much holiday cheer? ;D

Avast! has the default settings in place. XP-SP1 with all critical updates – Outlook Express 6.

Dave

Next time this happens please notice the reason of the alert. The heuristics module always tells you what it found suspicious about the message (like ‘attachment with a double extension found’ etc…).

Thanks
Vlk

Vlk – thank you for reply. Makes sense.

Dave

Especially suspicious subject lines.

do u mean avast will warn of virus bcoz of a suspicious subject line even if the mail is clean?

Yes, that’s the heuristic (you can configure it, of course - and switch off if you want).
The mail worms have typical patterns of spreading - sending to a big number of recipients, strange subjects… this way, you get a warning about it. It may flag a virus that’s not in the database yet (i.e. a new, unknown one).
Of course, it may cause false alarms - therefore the description is given. Besides, it’s not a “virus alarm” - just a “suspicious message” warning.