I said this would confuse users, as it is cropping up more often in the forums. When they look for it in the avast log viewer, they can’t find anything about it (more confusion). It is only when told about the network shield, customize, last attacks, that they find the info.
Hey guys, is the “last attacks” log for all users, or the current logged in user?
I just had someone worrying about a virus message on their computer, and I checked it out for them. It was clean. Then, I just took a look at the last attacks folder and it was empty, but I was logged in as the admin. Should it be there?
I don’t really know, but I would have thought it would be the same ats the log viewer stuff as that gets its data from the log files in the avast4\data\log folder and since there aren’t multiple occurrences of either the data\log folder or the log files, it would be for all users.
Ok, maybe I’ll just visit a malicious website on purpose, then login as another user to see what it says.
From what you’re saying though (which makes sense) is that there should be entries from all user accounts, not just the current logged in user. Well, I’ll play around and post back.
Looks like the same thing is in the “last attacks” log for my username, and a test user.
Now, I’m wondering what the heck my user saw, if it wasn’t an avast message???
Oh well, nothing has been reported by avast, and we lock down the internet pretty well, so I doubt it’s anything to worry about.
At least we know that the last attack log is for everyone that uses the computer now.
Which for many an administrator is no bad thing as they don’t have to go hunting through all users. Though there is a limit to the number displayed in the Last attacks in the network shield.
However this might help also as you can go directly to the log file where there is no display limitation, C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log. Mine has 43 entries in it (only 10 displayed in the network shield), so you might want to check that log incase whatever it was fell off the bottom of the displayed entries.
Thanks… actually that location of the log is very helpful, as you can browse to that file on any computer on the network, being logged in as a domain admin, without having to login to the suspect computer to check out the “last attacks” manually.
However, this computer didn’t have anything at all in the last attack log, so I can only assume that the “virus alert” or whatever my user saw, had nothing to do with avast. Probably just a popup for a rogue A/V program I guess.