UVK Help: Log analyzer


Menu	UVK Help: Log analyzer	Pub
Home UVK>> UVK help>> Welcome screen Smart uninstaller System booster UVK immunization Process manager Modules manager Autorun manager Services/Drivers Streams manager Delete file or folder Scan & create log Run UVK Scripts UVK tools UVK System repair UVK Options System Info Useful links Keyboard usage Context menu File signatures Custom commands UVK log Log analyzer Command line ref. Change log Report a bug UVK forum>> Introductions Help and support Bug reports Comments Tutorials Malware removal UVK scripts Try the new Beta Buy license FVIE ExeFixer Recent File Seeker Quick Any2Ico SHIcon Contact us Donate Search the site About us... Tweet	The Log analyzer is a text editor specially created to analyze UVK logs and create UVK commands scripts. The Log analyzer is a very important part of UVK, as it can help you to quickly find infected files or registry entries in a UVK log. It can also be used to analyze the reports created by the Recent file seeker, and create UVK scripts to delete the infected items in those logs. Opening a UVK log with the Log analyzer
	If you created an UVK log using Scan & create log and you want to analyze it, just click Analyze log button on the UVK Scan section, after creating the log. The log's text will be automatically added to the Log analyzer. You can also open the Log analyzer from Start menu / All programs / UVK / Log analyzer. Click the File menu and then Open (Ctrl+O) to open a log. Navigate to the log's location, click to select it and click Open.. Read attentively the Custom commands and UVK log pages to learn how the log lines and custom commands work. In the menu bar, on the top of the window, there are several menus: File, Insert, Insert(2), Insert(3), Edit, Analyze and Help. These menus will help you to analyze the log and create a commands script to disinfect and fix the infected pc. Analyzing the log: In the Analyze menu you have several tools to help you in your job. Use one of the options below to reduce the number of lines to analyze: Hide Microsoft signed files: Use this option if you're only searching for infected files. Microsoft signed files are not infected. Hide all signed files: Use this option if you only want to search within the files which signatures couldn't be verified. Remember that infected files can be digitally signed and not all unsigned files are infected. Hide uninstall entries: Use this option if you have already analyzed the uninstall entries, or if you don't want to analyze them. Hide folder contents: This option will hide all the lines containing the system drive, Application data and Program files folders contents. Hide stopped services and drivers: This option will hide the lines on the modes Services and Drivers which corresponding service is stopped. Clear unnecessary lines: This option will clear all lines that don't have active content, like the headers and descriptions. The Analyze menu also allows you to select one or several lines and get more information about the files or folders they point to, or add them to a list in memory that you can insert later. To select only one line to analyze you don't have to really select all its content. Just click on the line, or select a small part of it to easily know which one is selected. For just one line, the Log Analyzer always refers to the full line where the caret is, and ignores the selected content. To select several lines, put the pointer in the beginning of the first line to select, click and drag down vertically until the last line you wish to select is selected. You can also click on the beginning of the first line and press Shift+Down arrow. After selecting the desired lines, expand Analyze menu and click the sub menu with the option you wish: Submit selected MD5 to VirusTotal (Alt+V): This option will use the VT API to create an html report for the MD5 hashes in the selected lines. Only works for UVK log lines containing a file's MD5 hash. You can select several lines. Search current line item with google (Ctrl+G): This option will extract the line's file name and google it. For Subdirectories lines it will use the folder name as the search keyword. For Uninstall entries it will use the corresponding entry name. Only lines with active content are valid. Search current line file in runscanner (Ctrl+R): This option will extract the file name from a line and search on runscanner database for its description. Only lines containing a file name are valid. Memorizing lines pointing to infected files: If you find lines pointing to an infected files or registry entries, expand Analyze menu and click Add selection to memory list or press Alt+M. This list can store an unlimited number of lines that you can use later to create your script. To display the memorized lines, expand Analyze menu and click View memory list or press Alt+W. To delete the memorized list, expand Analyze menu and click Reset memory list or press Alt+E. Once all the log is analyzed, if you've found and memorized lines lines pointing to infected files, you can now create your script. Expand File menu and click New UVK commands script (Ctrl+N). If you're prompted to save the file before closing, click NO. Expand Insert menu and click Insert memorized lines. If you don't want to add any custom commands, then your script is ready to save and run. If you want UVK to delete a registry entry, but not the corresponding file, select the corresponding lie(s), expand Analyze menu and click Ignore files in selected lines or press Alt+I.. Then UVK will only delete the registry entry and not the file. This means, for a startup entry, that the application will no longer run on windows startup, but you'll still be able to run it manually. Completing and saving the script: Choose the right place to insert your custom commands. The script will be executed by UVK from top to bottom, so you must write the custom commands you want to run before the disinfection, above the inserted memorized lines, and the ones you want to run after the disinfection, under the inserted memorized lines. It's easy to add custom commands to your script using Log analyzer. Just click to put the caret in the line where you want to insert the custom commands, expand one of the insert Insert menus and insert the desired mode. Then, in the lines under the mode, write or paste your commands (if not single line modes). You can even add file paths by dragging corresponding files to the Log analyzer's window. You can add comments to your script. Just expand Insert menu and click Add a comment. Then add your comments below. Here is a valid example: <Comment> This script will disinfect my computer and register the system DLLs All the lines under <Comment> will be ignored by UVK until another mode is reached. By expanding Edit menu, you have common text editor options: Copy, Paste, Clear all, Select all and Undo. Increase font size (Ctrl+I) will increase the size of the text. Decrease font size (Ctrl+D) will decrease it. Find (Ctrl+F) will open the Find text dialog, allowing you to locate specific portions of text in the log or script. If some text is selected when you click this button, it will be automatically set as the text to search. but you can edit it, of course. Click Find next (F3) to begin the research. the first instance of the text to find will be selected, if it exists. After using the Find function once, a new button is created in the Edit menu: Find next (F3). You can use this button, or just press F3 to find the next instance of the text to find, even if you have closed the Find text dialog. Creating system repair and maintenance scripts: Looking at the menus Insert, Insert(2) and Insert(3), you'll see that the Log Analyzer can really help you to create your custom scripts to perform your own maintenance and repair methods. The screenshots below show the contents of the menus Insert, Insert(2) and Insert(3): Clicking each menu button will insert the corresponding command to the text box. Again, read carefully the Custom commands page if you don't know what these tags mean. For multi-line modes, the Log analyzer only inserts the keywords, of course, you must complete the code. The three last buttons of the Insert(3) menu automatically create scripts for full system repair and maintenance. Running the script: When your script is ready, expand File menu and click Save as UVK commands script. You have four ways to run the created script: Double clicking the script: If you selected the option to associate .uvk files to UVK when you installed the software, double-clicking an UVK commands script will open UVK and load the script text to Run UVK Scripts text box. Using Import from file button: Open UVK, click Run UVK scripts, click Import from file, browse to the folder where you saved the script and double-click it. Pasting the script's text to the Run UVK Scripts text box. You can also copy the text from the Log analyzer and paste it in this text box. Using the UVK command line switches. UVK has command line options that allow full automation for running UVK scripts. Once the script text is loaded to the Run UVK Scripts text box, select the desired extra options on the lower pane, then click Run / Fix listed and confirm that you want to execute the commands. If Create log is checked, a report of the actions will be shown after running the script.