95
12.2.3 Compare
The feature Compare allows the user to compare two existing logs. The outcome of this feature is a set of items not
common to both logs. It is suitable if you want to keep track of changes in the system – you may for example detect the
activity of malicious code.
After it is launched, the application creates a new log, which is displayed in a new window. Navigate to
File
->
Save log
to save a log to a file. Log files can be later opened and viewed. To open an existing log, use the menu
File
->
Open log
.
In the main program window, ESET SysInspector always displays one log at a time.
If you compare two logs, the principle lies in the fact that you compare a currently active log to a log saved in a file. To
compare logs, use the option
File
->
Compare log
and choose
Select file
. The selected log will be compared to the
active one in the main program windows. The resulting, so called comparative log will display only differences between
those two logs.
NOTE:
In case you compare two log files, select
File
->
Save log
, and save it as a ZIP file, both files are saved. If you later
open such file, the contained logs are automatically compared.
Next to the displayed items, SysInspector shows symbols identifying differences between the compared logs.
Items marked by a can only be found in the active log and were not present in the opened comparative log. Items
marked by a on the other hand, were present only in the opened log and are missing in the active one.
Description of all symbols that can be displayed next to items:
new value, not present in the previous log
tree structure section contains new values
removed value, present in the previous log only
tree structure section contains removed values
value / file has been changed
tree structure section contains modified values / files
the risk level has decreased / it was higher in the previous log
the risk level has increased / it was lower in the previous log
The explanation section displayed in the left bottom corner describes all symbols and also displays the names of logs
which are being compared.
Any comparative log can be saved to a file and opened at a later time.
Example:
Generate and save a log, recording original information about the system, to a file named previous.xml. After changes
to the system have been made, open SysInspector and let it generate a new log. Save it to a file named
current.xml
.
In order to track changes between those two logs, navigate to
File
->
Compare logs
. The program will create a
comparative log showing differences between the logs.
The same result can be achieved if you use the following command line option:
SysIsnpector.exe current.xml previous.xml