Problem with deftasks.xml and sound files

Hi!

I have a problem again :slight_smile:
I did this:

Look at the deftasks.xml file in the avast folder - all you need to do to enable scanning of archives on-access is to add the line

EXE;ZIP;MIME;RAR;ARJ;TAR;GZ

after the line
1

My problem is that deftasks.xml is changed back to normal when avast checks definitions update (even if there were not any updates). ???
Same problem if I edited the sound files. All files are changed back to normal ones after checking definitions update.

So, what is this?

Thanx.

– Jeccu –

Windows XP Home
Avast! 4.1.357 Home
Celeron 2.4 GHz 512 RAM

It doesn’t matter. You just need to change the XML file and restart the avast antivirus service (or entire system, if you prefer). That’s all. It doesn’t make any difference that the file will be reverted to the original state.

Sound files – you need to pick different names for your custom files.

Just as Vlk said… Just make another directory with your sounds in it, and then recall them from Sound events and audio devices (control panel) under avast! antivirus sounds… it will never ever change those sounds again.

Btw, you can download some additional female voice sounds I made few days ago, from here:

http://cat.asw.cz/~vlk/sasha_avast_sounds.zip

Cheers !

Thanks guys!

Yes, I noticed too late that there were own settings for avast! sounds in Control Panel where you can change them. :slight_smile: :slight_smile:

Thanks S.Z.Craftec! I’ll use your additional sound files.

– Jeccu –

Where is the new info stored. The “STANDARD” settings for scanning archives wasn’t added to the avast4.mdb database either (found the other settings from the deftasks.xml files there :slight_smile:

Or did I do something wrong so that the new settings weren’t stored anyway :frowning:

You need to restart the avast service (Control Panel → Administrative Tools → Services) after making changes to the XML file. Or restart the machine, if you prefer…

That should commit the changes to the storage (the MDB file)

Yep, thanks. BTW. Will the ZIP files be scanned automaticly on all tyes of access, or do you need to add the file type to the “Scan files with these extension” list to make it try to scan the file at all (or will that make avast! scan the file twice - it takes some time now)

The XML thing affects the unpacker engines that are used. ALL files (regardless of their extensions) are feeded to the engines, regardless of their extension. HOWEVER, the Standard Shield of course only hands to the engines files with the extensions in the list.

In other words, if there’s TXT in the extension list, and there’s a file.txt that is in fact a ZIP, it will be decompressed. However if there is file.zip and ZIP is not in the extension list, it will not be decompressed?

Capisce? :slight_smile:

Yes sir! Does that mean that enabling archive file scanning for “STANDARD” will slow down on-access scanning a lot since all file-types in the list must be fed to all archive-unpackers (to check if it’s an archive)? And is that why it’s disabled as a default :slight_smile:

That’s pretty much it. :slight_smile:
But slow-down for non-compressed files should be very low - the IsPacked functions are optimized for speed.

OK, everything OK then. Just one last question to be 100% sure: The mail-scanning check all files regardless of extenison through all the unpackers, right. No need to setup anything to scan ZIP files there (so no matter your on-access extension-list mail-files are always scanned)?

Correct.

But beware that the latest Beagle viruses (not very widely spread really) send themselves as password-protected archives, so neither the mail scanner nor the Standard Shield can handle the archived variant…

But if you enter the password and unpack the archive it will be caught anyway, right. So it shouldn’t be any real problem, or…

It’s not a big problem in terms of real possibility of infection, but it may be a bit of surprise that neither the mail scanner nor the Standard Shield is picking it up in the first place (because of course, it won’t tell you that it was password protected [I guess]).