I got another favor to ask, this time related to AVG.

AVG 8 doesn't seem to keep a human-readable log of any malware it may have detected anywhere. There are some logs in %alluserprofile%\Application Data\AVG8, but there's no details in there that can help me determine exactly what was found.

There is a file "avgsrm.log" that appears to log something when avg detects malware, but it's all in "code", and there's no secret decoder ring available, and Grisoft isn't sharing with me because I'm not a subscriber to their software (this is for future clients who may be using AVG for their AV).

The avgsrm.log file appears to log a line looking like this when malware is detected:
[AVG8.SRM] INFO 2008-07-07 19:27:09,207 name PID:2324 THID:300 ID:{xxx-xx-xx-xx-xx}:256.134.79458 MSG:*

The question now is, does it do that for every piece of malware detected?

I've only been able to test this with the eicar test "virus", so I can't be sure of the message above indicates "eicar found" or a more general "threat found".

Can someone who has AVG check this log file and see if they can find lines containing "256.134" (this appears to be the "threat detected" code) that correspond to when a threat was actually found? Someone somewhere must have visited an unsavory website at some point... Any help would be appreciated.

Legacy Forum Name: AVG favor,
Legacy Posted By Username: Lmhansen