TotalAv Logs

Overview

Evidence: TotalAv Logs Description: Collect TotalAv Logs Category: Applications Platform: windows Short Name: ttlals Is Parsed: No Sent to Investigation Hub: No Collect File(s): Yes

Background

TotalAV is a consumer antivirus solution that maintains logs of malware detections, system scans, real-time protection events, and security activities in dedicated log directories within both program files and program data.

Data Collected

This collector gathers structured data about totalav logs.

Collection Method

This collector gathers TotalAV log files from both Program Files installation directory and ProgramData locations, capturing comprehensive antivirus activity logs.

Forensic Value

TotalAV logs provide evidence of malware detections, scan histories, real-time protection events, and user security actions. They're useful for investigating consumer endpoint compromises and understanding threat exposure.