# TotalAv Logs

## Overview

**Evidence:** TotalAv Logs\
**Description:** Collect TotalAv Logs\
**Category:** Applications\
**Platform:** windows\
**Short Name:** ttlals\
**Is Parsed:** No\
**Sent to Investigation Hub:** No\
**Collect File(s):** Yes

## Background

TotalAV is a consumer antivirus solution that maintains logs of malware detections, system scans, real-time protection events, and security activities in dedicated log directories within both program files and program data.

## Data Collected

This collector gathers structured data about totalav logs.

## Collection Method

This collector gathers TotalAV log files from both Program Files installation directory and ProgramData locations, capturing comprehensive antivirus activity logs.

## Forensic Value

TotalAV logs provide evidence of malware detections, scan histories, real-time protection events, and user security actions. They're useful for investigating consumer endpoint compromises and understanding threat exposure.