Hallo again,
it seems that all reported flaws of 0.80-beta engine should be solved now, thus, it’s the right time to pass this RC engine back to our betatesters :). VPS loading should be even faster, one new winexec unpacker was added, one minor race in daemon’s logger fixed, CAB unpacker newly available in Preferences, and outer recursions into Time Machine volumes (to get reasonable time for overall scan) supressed.

INSTRUCTIONS FOR BETATESTERS:

installation:
0) if you don’t have avast! for Mac yet, get it here: http://files.avast.com/files/mac/avast.2.74.zip

1. download and unzip http://public.avast.com/~cimbal/md82.zip, you will get new com.avast.MacAvast.MAD engine
2. quit both avast! and agent from avast’s menubar (if grayed out, uncheck persistent mode in Preferences first)
3. go to the /Applications/avast!.app/Contents/Resources and make a backup of the previous com.avast.MacAvast.MAD
4. place the new com.avast.MacAvast.MAD file there, and run avast! again
   
   verification:
   hover mouse above VPS 0901xx-x text in the left upper corner - Engine version: 0.0.82-beta must be shown there (not 0.0.68 nor 0.0.69 nor 0.0.80-beta)

task:
do the scan of your harddrive - the more files/stuff = the better. the scan must complete flawlessly, daemon shouldn’t die, neither the GUI.
in the case of any problem (futile cycling, crash), please let me immediately know (cimbal :at: avast.com). in the case of no problem, please let me immdiately know too :).

back to previous version:
apply the steps 1) to 4) again, just use the previously backed-up com.avast.MacAvast.MAD file (or, when lost, get one here: http://public.avast.com/~cimbal/md69.zip)

… and note, it’s NOT new version of avast! yet - just the release candidate of the core engine

Regards,
pc

Any help/report/suggestion will be very appreciated.

10.5.6 Intel - Scan completed OK
10.5.6 PPC - Scan Completed OK
10.4.11 PPC - Scan Completed OK

I should note that none of my machines use Time Machine so I am unable to test if it does ignore time machine volumes.

Also all three still showed lots of Err 13 messages. I thought this was to be suppressed in the new release?

Hallo, thanks for the report, Mac.

err13s are still visible because you use former gui (complete new beta with its new gui, which can utilise all new features of the daemon, will come out after this engine is confirmed stable and uploaded to our web repository). this testing was about the stability of the new core.

regards,
pc

Thus, everything work for everyone as expected? Well, it’s time to include this as base-version to the auto-update machinery.

regards,
pc

I have just tried to follow your instructions to instal it on my iMAC (OS X 10.5.6 2.6Ghz Intel Core Duo) and I can’t find an /appplications/avast!.app/contents/resources folder (Is it hidden from me?)

I deleted all the Avast associated files and downloaded 2.74 from scratch but still never ended up with such a folder . I downloaded the md82.zip file and created a new MAD file but because I can’t find where to put it I can only get Version 0.0.68 to run.

I get 2 instances of 42110, one of 42128 and 9 of 42125 all of which concerns me but I waned to see if 0.0.82 came up with the same

If the resources folder is hidden, how do I find it or am i doing something more fundamentally wrong?

Hallo Keith,
few secrets:

• nearly all macos apps are in the fact directories (bound together by metadata), although they look like atomic files
• you can inspect them from terminal (directly, terminal rulez), or in finder, using ctrl-click above them, then show package contents
• 110 is a decompression bomb, will be there as well, don’t worry it just says that it’s an archive with suspiciously high compression ratio (sometimes (ab)used to protect malware from unpacking)
• 128 is a corrupted tar, you can verify it using tar tvf that_particular_file, whether it’s really corrupted, if not, you could send it as sample to me
• 125 is a corrupted zipfile, use unzip -t that_particular_file to check it

regards,
pc

btw. we were about to wait with the release for new MacOS X 10.6 Snow Leopard (announced for Q1 2009) - but http://www.gizmodo.com.au/2009/01/has_amazon_leaked_snow_leopards_release_date_probably_not.html looks like they postponed the date to July 1…

Hi, Thanks for coming back so quickly. Brilliant - we learn new things every day!! My next problem is that when I came to rename the MAD file it told me I didn’t have sufficient access privilages. As it is my computer and no one else has access I can’t see why I haven’t got all the control available. Once again, I guess I have done something dumb. Where do I change the access rights?

Keith

Hallo,
normally, as common user, you can manipulate with things in Applications too (just, in preferences, check “administrator privileges” checkbox for your user account).

regards,
pc

I let it run for 8 hours and it was still going when I stopped it (having scanned 4098934 items in 3396429 files) so I guess it is still not recognising my Time Machine system. I got the same errors which I will check as you described and let you know what I find. (Still loads of err 13’s)

This is an extract from my scan

iTunesX.tar OK
iTunesX.pkg.tar err 42128
Cache.db OK
av10-daily.vdb err 42125
av10-daily.vdb.sig err 42125

When I tried to copy and paste the above to save typing it this is what I got:

“/private/var/folders/e-/e–S8gC0F5KVE7s3ps8Ml++++TI/-Caches-/com.apple.SoftwareUpdate/swcdn.apple.com/content/downloads/21/18/061-5634/nQbjLg3bn8hXTLwnKq2bDgnTPwj7vqfgFH/iTunesX.tar”
“/private/var/folders/e-/e–S8gC0F5KVE7s3ps8Ml++++TI/-Caches-/com.pctools.Smart Update/Cache.db”
“/private/var/folders/e-/e–S8gC0F5KVE7s3ps8Ml++++TI/-Caches-/com.pctools.SmartUpdate/Cache.db”

I tried to follow your instructions to list them out but once again I couldn’t find them. I assume there is another trick to get at “private” files (hence I couldn’t send them for you to take a look)

As an aside, it would be useful to be able to grab the full path of a file highlighted so that you can paste it wherever (reports, topic replies, terminal tests)

More to the point, do you think I have a virus?

Hallo, time-machine volumes are excluded by default, are you sure it’s the latest 0.0.82? In general, items-vs-files aren’t the same numbers (compression, archives…), what’s relevant is the progress bar below. 13s are pretty normal, on any system with reasonable user-separation privileges (= not windows :).

regards,
pc

btw. could you run in terminal: mount -a
… and paste the results here? I’m pretty sure that 0.0.82 would never recurse into mounted time-machine volumes.

bw2: yes, copy-pasting particular path would be useful, but in this gui, there’s “gui-equivalent”, called “reveal in finder”.
btw3: no, you don’t seem to have a virus. warnings have nothing to do with infection, in general. it warns about problems during the scan itself.

When I hover the mouse over the top left I get “Engine version 0.0.82-beta”. I got it from md82.zip that I downloaded on Friday. It’s file size is 1,580,108 bytes. Most of the files in the package are dated December 10th 2007 with the MAD file saying 15th Jan 2009

I will gladly help out by doing something in Terminal but you will have to spell it out in words of 1/2 a syllabol

Well,
open Terminal Utility (Applications, Utilites), and type:
mount -v

… then, select the output with mouse, and apple-c apple-v copy&paste it here.

regards,
pc

is this what you meant? I am intrigued. What is it and what does it mean?

khimac:~ Keith$ mount -v
/dev/disk0s2 on / (hfs, local, journaled)
devfs on /dev (devfs, local)
fdesc on /dev (fdesc, union)
map -hosts on /net (autofs, automounted)
map auto_home on /home (autofs, automounted)
/dev/disk1s2 on /Volumes/Time Machine Backups (hfs, local, nodev, nosuid, journaled)
khimac:~ Keith$

My preferences are set at whatever default there is. (I noticed default scan location is simply /). When I clicked on the Scan Volume button I get presented with 2 choices, either my hard drive or the Time Machine hard drive. I clicked on my hardrive and off it went to do the scan. First it counts files and says there are in the region of 800,000 so where did the several million come from? Surely it has to be looking into my Time Machine system, unless it is getting into some sort of recursion in my main drive.

Do you want me to do anything else?

If a kick off another scan, can I get on with other stuff

Hallo, i’m confused now. Macintosh HD is a link, from Volumes, to ‘/’. So, doing scan this way cannot enter the time-machine-mounted volumes. it’s maybe time to capture full log. Quit both application and agent.

Then, open terminal, and write:
default write com.avast.MacAvast LogCompleteCommunication yes

restart avast, and do the scan. when done (~ manually stopped, when it really loops through Time Machine), return the default to normal:

default write com.avast.MacAvast LogCompleteCommunication no

… and send us (zipped, preferably) the file: ~/Library/Application Support/com.avast.MacAvast/BetaLog.txt

IMHO, by clicking “Macintosh HD” as the desired volume to scan, the action is to scan equivalent to scanning ‘/’, and time machine volumes wouldn’t be entered. that’s why i’m confused now.

regards,
pc

I entered terminal and typed what you said and got the following:

khimac:~ Keith$ default write com.avast.MacAvast LogCompleteCommunication yes
-bash: default: command not found
khimac:~ Keith$

I am sorry if I am not spotting something that is obvious but it is all new to me

hallo,
that was a pasted typo - of course, it’s “defaults”, the name of the command (http://public.avast.com/~cimbal/beta.html for details).

regards,
pc

(Sorry - been away) I tried the creation of a log and did a scan fr 2 hours. It played up and stalled in the middle so I closed everything else and it kicked off but their was no file at the end so I will have to try again tomorrow. I have noticed that my screen goes black after a while (energy save) but when I move the mouse to see whats happening, it comes on for about a second then goes back again and won’t come on until I left click. i.e.moving the mouse does nothing. This doesn’ seem right to me. No other application behaves that way.