Author Topic: BETATESTERS! Try Avast for Mac - release candidate engine  (Read 32574 times)

0 Members and 1 Guest are viewing this topic.

Offline keithhmh

  • Jr. Member
  • **
  • Posts: 53
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #15 on: March 09, 2009, 03:17:28 PM »
My preferences are set at whatever default there is. (I noticed default scan location is simply /). When I clicked on the Scan Volume button I get presented with 2 choices, either my hard drive or the Time Machine hard drive. I clicked on my hardrive and off it went to do the scan. First it counts files and says there are in the region of 800,000 so where did the several million come from? Surely it has to be looking into my Time Machine system, unless it is getting into some sort of recursion in my main drive.

Do you want me to do anything else?

If a kick off another scan, can I get on with other stuff

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #16 on: March 09, 2009, 04:29:41 PM »
My preferences are set at whatever default there is. (I noticed default scan location is simply /). When I clicked on the Scan Volume button I get presented with 2 choices, either my hard drive or the Time Machine hard drive. I clicked on my hardrive and off it went to do the scan. First it counts files and says there are in the region of 800,000 so where did the several million come from? Surely it has to be looking into my Time Machine system, unless it is getting into some sort of recursion in my main drive.

Do you want me to do anything else?

If a kick off another scan, can I get on with other stuff

Hallo, i'm confused now. Macintosh HD is a link, from Volumes, to '/'. So, doing scan this way cannot enter the time-machine-mounted volumes. it's maybe time to capture full log. Quit both application and agent.

Then, open terminal, and write:
default write com.avast.MacAvast LogCompleteCommunication yes

restart avast, and do the scan. when done (~ manually stopped, when it really loops through Time Machine), return the default to normal:

default write com.avast.MacAvast LogCompleteCommunication no

... and send us (zipped, preferably) the file: ~/Library/Application Support/com.avast.MacAvast/BetaLog.txt

IMHO, by clicking "Macintosh HD" as the desired volume to scan, the action is to scan equivalent to scanning '/', and time machine volumes wouldn't be entered. that's why i'm confused now.

regards,
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)

Offline keithhmh

  • Jr. Member
  • **
  • Posts: 53
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #17 on: March 09, 2009, 04:52:05 PM »
I entered terminal and typed what you said and got the following:

khimac:~ Keith$ default write com.avast.MacAvast LogCompleteCommunication yes
-bash: default: command not found
khimac:~ Keith$


I am sorry if I am not spotting something that is obvious but it is all new to me

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #18 on: March 10, 2009, 11:49:35 PM »
I entered terminal and typed what you said and got the following:

khimac:~ Keith$ default write com.avast.MacAvast LogCompleteCommunication yes
-bash: default: command not found
khimac:~ Keith$


I am sorry if I am not spotting something that is obvious but it is all new to me


hallo,
that was a pasted typo - of course, it's "defaults", the name of the command (http://public.avast.com/~cimbal/beta.html for details).

regards,
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)

Offline keithhmh

  • Jr. Member
  • **
  • Posts: 53
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #19 on: March 13, 2009, 10:44:33 PM »
(Sorry - been away) I tried the creation of a log and did a scan fr 2 hours. It played up and stalled in the middle so I closed everything else and it kicked off but their was no file at the end so I will have to try again tomorrow. I have noticed that my screen goes black after a while (energy save) but when I move the mouse to see whats happening, it comes on for about a second then goes back again and won't come on until I left click. i.e.moving the mouse  does nothing. This doesn' seem right to me. No other application behaves that way.

Offline keithhmh

  • Jr. Member
  • **
  • Posts: 53
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #20 on: March 16, 2009, 12:35:08 PM »
I have tried 3 times now to create a betalog.txt file and although I follow your line for Terminal to the letter, I still cannot create a log file. Could I ask you to double check and type out again exactly what you need me to type. I know it is frustrating for you not to be sitting at my machine but I don't have the skills to work out what is going wrong. Is there a search I can do for files larger than X? Nowhere does your instruction set up a "betalog.txt' file so I assiue it must already be present but I cannot find such a file anywhere. if I have been saving every bit iof traffic associateed with avast then I guess there must be some file with quite a bit in it that i dated today so if I ca do a searc on all files created today that are bigger than X I should be able to find it.

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #21 on: March 24, 2009, 11:22:46 AM »
I have tried 3 times now to create a betalog.txt file and although I follow your line for Terminal to the letter, I still cannot create a log file. Could I ask you to double check and type out again exactly what you need me to type. I know it is frustrating for you not to be sitting at my machine but I don't have the skills to work out what is going wrong. Is there a search I can do for files larger than X? Nowhere does your instruction set up a "betalog.txt' file so I assiue it must already be present but I cannot find such a file anywhere. if I have been saving every bit iof traffic associateed with avast then I guess there must be some file with quite a bit in it that i dated today so if I ca do a searc on all files created today that are bigger than X I should be able to find it.

Hallo,
basically, there are 2 logs:
- server side log - the log produced by com.avast.MacAvast.MAD binary itself.
- client side log - the log produced by the GUI agent.

although the server-side log could be triggered also manually (just by running the server with proper switch - gui will accept its running instance), there are two ":standard" methods (be sure that yopu are the same user who launches the avast, when playing with defaults):

defaults write com.avast.MacAvast MADLogRedirection /users/myusername/mumadlog.txt
defaults write com.avast.MacAvast LOGCompleteCommunication yes

then, quit both avast and agent, re-run, and both logs will start to grow on your HDD. if not, you did something wrong.

regards,
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)

Offline llucius

  • Newbie
  • *
  • Posts: 2
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #22 on: May 10, 2009, 12:39:04 PM »
Don't know if your still looking for scan results, but here ya go.  I did not let the scan complete, but it did scan 5964389 files before I stopped it.  And, I stopped it before it got to the Time Machine disk.  This is on Intel/Leopard 10.5.6.  I also threw in a disk I'd pulled from a used PC that I knew contained some infected files.  I haven't gone so far as to cross check the 0.82 results with another virus scanner, but it did at least find some of the virii.  It also picked up some false positives of known clean files (VMware Fusion virtual disks).

Err(ors) encountered:

5
13
212
42056
42110
42125
42126
42127
42128
42129
42130
42137
42145
42146

Identified virii:

Krile-5880
Win32:Apocalipse-10626/12256
Win32:Cardgen-B [trj]
Win32:Chifrax-AJ [trj]
Win32:Crypt=BCI [trj]
Win32:Delf-LEC [trj]
Win32:Driller
Win32:Neptunia-ABU [trj]
Win32:Oliga [trj]
Win32:Rbot-EFU [trj]
Win32:Spyware-gen [trj]
Win32:StartPage-178 [trj]
Win32:Tibs-BGG [trj]
Win32:Trojan-gen [Other]
Win32:VB-RG [Wrm]
Win32:Zapchast-DT [trj]
Win32:Zlob-CTC [trj]
Win32:Zlob-RM [trj]

I can do the scan again if you'd like to get some sort of log file or if you need to know how the Time Machine scanning works out.

Leland
« Last Edit: May 10, 2009, 07:52:21 PM by llucius »

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #23 on: May 11, 2009, 12:52:34 PM »
Don't know if your still looking for scan results, but here ya go.  I did not let the scan complete, but it did scan 5964389 files before I stopped it.  And, I stopped it before it got to the Time Machine disk.  This is on Intel/Leopard 10.5.6.  I also threw in a disk I'd pulled from a used PC that I knew contained some infected files.  I haven't gone so far as to cross check the 0.82 results with another virus scanner, but it did at least find some of the virii.  It also picked up some false positives of known clean files (VMware Fusion virtual disks).

Err(ors) encountered:

5
13
212
42056
42110
42125
42126
42127
42128
42129
42130
42137
42145
42146

Identified virii:

Krile-5880
Win32:Apocalipse-10626/12256
Win32:Cardgen-B [trj]
Win32:Chifrax-AJ [trj]
Win32:Crypt=BCI [trj]
Win32:Delf-LEC [trj]
Win32:Driller
Win32:Neptunia-ABU [trj]
Win32:Oliga [trj]
Win32:Rbot-EFU [trj]
Win32:Spyware-gen [trj]
Win32:StartPage-178 [trj]
Win32:Tibs-BGG [trj]
Win32:Trojan-gen [Other]
Win32:VB-RG [Wrm]
Win32:Zapchast-DT [trj]
Win32:Zlob-CTC [trj]
Win32:Zlob-RM [trj]

I can do the scan again if you'd like to get some sort of log file or if you need to know how the Time Machine scanning works out.

Leland


Hallo,
htnaks for youer testing. Yes, Time Machine volumes should be bypassed by default (and scanned only when selected directly). This works for me, but some people claimed that on their machine those volumes are still recursed into.

regards,
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)

Offline llucius

  • Newbie
  • *
  • Posts: 2
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #24 on: May 11, 2009, 03:20:24 PM »
Hallo,
htnaks for youer testing. Yes, Time Machine volumes should be bypassed by default (and scanned only when selected directly). This works for me, but some people claimed that on their machine those volumes are still recursed into.
Cool.  I'll go ahead and remove that PC disk since you don't need another scan...I know I'm safe, but it still makes me a little nervous.   :)

Leland

Offline DarkClown

  • Newbie
  • *
  • Posts: 15
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #25 on: August 09, 2009, 01:13:04 AM »
There hasn't been any activity in this forum is quite a while. Are you still Beta testing? I don't see any indication that the Beta is over and/or has moved into released status.

Offline DarkClown

  • Newbie
  • *
  • Posts: 15
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #26 on: August 09, 2009, 05:50:22 AM »
Okay, I went ahead and replaced the default 'com.avast.MacAvast.MAD' file with the 0.0.82-beta version as instructed.
I ran a manual scan with "/" as the only scan location in the preferences list. My understanding is that setting should scan the entire volume "Macintosh HD" and nothing else.

When the scan started it counted p the files as usual, I could not get the exact count as the count display disappears as soon at it completed counting and begins scanning, however my best estimate of the file count was just a tad under 600,000 files.

The scan reached that count in reasonable time. Again I didn't time it, but it was under an hour for certain. However instead of stopping there it next proceeded to scan my Time Capsule volume. I say 'Time Capsule' is a generic sort of way because it is not in fact an actual Apple Time Capsule, rather my Time Machine backs up to my HP Media Smart Server's Time capsule emulator (I don't know what else to call it, so I'll call it an emulator) mounted as Volumes/Backup to HP MediaSmart Server.

I can actually watch it being backed up so yes I am certain of this. Because this volume is mounted over Wifi, as you can imagine it took several hours for this scan to complete.

Once that volume completed the scan next moved onto 'Volumes/Windows' where I have my Bootcamp Windows Vista installed, Since I also have Avast for Windows installed there, I don't really need to OS/X installation scanning the Windows partition, but again there seems to be no way to avoid it. I gets scanned whether I select it or not. Of course I can avoid the scanning of the Time Machine volume simply by unmounting it prior to running the scan, however there is no good way to dismount the Windows volume that I am aware of since it resides in the same hard drive as the Macintosh HD volume.

I the end the scan did complete successfully with a total file count of 832,465. As usual there were a number of 'error' messages, but no infections detected.

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #27 on: August 12, 2009, 11:36:35 AM »
Okay, I went ahead and replaced the default 'com.avast.MacAvast.MAD' file with the 0.0.82-beta version as instructed.
I ran a manual scan with "/" as the only scan location in the preferences list. My understanding is that setting should scan the entire volume "Macintosh HD" and nothing else.

When the scan started it counted p the files as usual, I could not get the exact count as the count display disappears as soon at it completed counting and begins scanning, however my best estimate of the file count was just a tad under 600,000 files.

The scan reached that count in reasonable time. Again I didn't time it, but it was under an hour for certain. However instead of stopping there it next proceeded to scan my Time Capsule volume. I say 'Time Capsule' is a generic sort of way because it is not in fact an actual Apple Time Capsule, rather my Time Machine backs up to my HP Media Smart Server's Time capsule emulator (I don't know what else to call it, so I'll call it an emulator) mounted as Volumes/Backup to HP MediaSmart Server.

I can actually watch it being backed up so yes I am certain of this. Because this volume is mounted over Wifi, as you can imagine it took several hours for this scan to complete.

Once that volume completed the scan next moved onto 'Volumes/Windows' where I have my Bootcamp Windows Vista installed, Since I also have Avast for Windows installed there, I don't really need to OS/X installation scanning the Windows partition, but again there seems to be no way to avoid it. I gets scanned whether I select it or not. Of course I can avoid the scanning of the Time Machine volume simply by unmounting it prior to running the scan, however there is no good way to dismount the Windows volume that I am aware of since it resides in the same hard drive as the Macintosh HD volume.

I the end the scan did complete successfully with a total file count of 832,465. As usual there were a number of 'error' messages, but no infections detected.


Hallo,
that's  a common problem - people tend to install all those (censored) things like backup-pseudo-filesystems, and expect (some) that antivirus should recurse into (because they are their legal files, accessible and existing), but other people claim it takes too long and they don't want this recursion into those FS "snapshots".

thus, i disabled by default recursing into time-machine mounted volumes, but when there are other offsprings of those volumes mounted too, user will have to specify whether to recurse into them (default) or not (must set an exclusion for the particular path) manually.

also, there's the quickscan option, and  people can specify what directories they want to have scanned by one-click action.

regards,
pc

May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)

Offline DarkClown

  • Newbie
  • *
  • Posts: 15
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #28 on: August 13, 2009, 03:43:11 AM »
This is apparently the area where I get hung up. Exactly how to manually exclude a particular path. For example, not just the backup path, but how to exclude the 'Windows' partition say if you have bootcamped.

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: BETATESTERS! Try Avast for Mac - release candidate engine
« Reply #29 on: August 18, 2009, 01:08:21 PM »
This is apparently the area where I get hung up. Exactly how to manually exclude a particular path. For example, not just the backup path, but how to exclude the 'Windows' partition say if you have bootcamped.
Hallo, original idea was "to include", because possible targets of malware are in minority (home directory, user's temp etc.).
Next version has also "to exclude" list. But, anyway, the best usage scenario is to scan regularly your preferred set of directories, and one-a-week or so the rest of the system.

regards,
pc

May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)