Hello everyone! Shortly after yesterday’s virus definition update, my cable broadband ISP had some connection and email problems. After they said everything was back to normal, I sent myself an email to make sure it was working.
When I pressed ‘send’ on Outlook Express, avast!-home alerted with a siren and announcement that there was suspicious activity. I chose to continue because I knew my computer had no virus or trojan. The same alert sounded when the email was received. I then deleted it.
The data log said heuristic found possible suspicious activity and the owner chose to delete. I then had a friend send me an email with a clean attachment and again, avast!-home alerted with the same siren and message. I deleted the email.
Today, I repeated the test and everything’s fine and the log message from yesterday is gone.
Was this an ISP thing or was avast! having too much holiday cheer? ;D
Avast! has the default settings in place. XP-SP1 with all critical updates – Outlook Express 6.
Next time this happens please notice the reason of the alert. The heuristics module always tells you what it found suspicious about the message (like ‘attachment with a double extension found’ etc…).
Yes, that’s the heuristic (you can configure it, of course - and switch off if you want).
The mail worms have typical patterns of spreading - sending to a big number of recipients, strange subjects… this way, you get a warning about it. It may flag a virus that’s not in the database yet (i.e. a new, unknown one).
Of course, it may cause false alarms - therefore the description is given. Besides, it’s not a “virus alarm” - just a “suspicious message” warning.