Avira is a security software company that provides customers with secure and private digital solutions. Avira antivirus is one of the company's essential and well known solutions which is available for free. Avira claims that its antivirus software provides protection and repairing services without affecting the performance of the devices.
Windows Avira Antivirus artifacts retain information about detected threats, device users and activities. This information can help in understanding and constructing events that occurred on a target device.
The artifacts can be found at the following location:
%systempartititon%\ProgramData\Avira\Endpoint Protection SDK\quarantine
This section will discuss how to use ArtiFast to extract Avira Antivirus from Windows and what kind of digital forensics insights we can gain from the artifacts.
After you have created your case and added evidence for the investigation, at the Artifact Selection phase, you can select Avira Antivirus artifacts.
Once ArtiFast parser plugins complete processing the artifact for analysis, it can be reviewed via “Artifact View” or “Timeline View,” with indexing, filtering, and searching capabilities. Below is a detailed description of Window Avira Antivirus artifacts in ArtiFast.
Avira Detected Threats Artifact
Avira User Related Information Artifact
Avira Reports Artifact
Avira Other Information Artifact
For more information or suggestions please contact: [email protected]