Skip to content
AIR Knowledge Base

TotalAv Logs

Overview

Section titled “Overview”

Evidence: TotalAv Logs
Description: Collect TotalAv Logs
Category: Applications
Platform: windows
Short Name: ttlals
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes

Background

Section titled “Background”

TotalAV is a consumer antivirus solution that maintains logs of malware detections, system scans, real-time protection events, and security activities in dedicated log directories within both program files and program data.

Data Collected

Section titled “Data Collected”

This collector gathers structured data about totalav logs.

Collection Method

Section titled “Collection Method”

This collector gathers TotalAV log files from both Program Files installation directory and ProgramData locations, capturing comprehensive antivirus activity logs.

Forensic Value

Section titled “Forensic Value”

TotalAV logs provide evidence of malware detections, scan histories, real-time protection events, and user security actions. They’re useful for investigating consumer endpoint compromises and understanding threat exposure.