diff --git a/acquire/acquire.py b/acquire/acquire.py
index 061a0100..ef32dcd9 100644
--- a/acquire/acquire.py
+++ b/acquire/acquire.py
@@ -850,6 +850,7 @@ class Misc(Module):
         ("dir", "sysvol/windows/sysvol/domain/policies/"),
         ("dir", "sysvol/windows/system32/GroupPolicy/DataStore/"),
         ("dir", "sysvol/ProgramData/Microsoft/Group Policy/History/"),
+        ("dir", "AppData/Local/Microsoft/Group Policy/History/", from_user_home),
         ("glob", "sysvol/Windows/System32/LogFiles/SUM/*.mdb"),
     ]
 
@@ -870,6 +871,8 @@ class AV(Module):
         ("file", "sysvol/ProgramData/Avast Software/Avast/Chest/index.xml"),
         # Avira
         ("dir", "sysvol/ProgramData/Avira/Antivirus/LOGFILES"),
+        ("dir", "sysvol/ProgramData/Avira/Security/Logs"),
+        ("dir", "sysvol/ProgramData/Avira/VPN"),
         # Bitdefender
         ("dir", "sysvol/ProgramData/Bitdefender/Endpoint Security/Logs"),
         ("dir", "sysvol/ProgramData/Bitdefender/Desktop/Profiles/Logs"),
@@ -880,9 +883,16 @@ class AV(Module):
         ("dir", "sysvol/ProgramData/crs1/Logs"),
         ("dir", "sysvol/ProgramData/apv2/Logs"),
         ("dir", "sysvol/ProgramData/crb1/Logs"),
+        # Cylance
+        ("dir", "sysvol/ProgramData/Cylance/Desktop"),
+        ("dir", "sysvol/ProgramData/Cylance/Optics/Log"),
+        ("dir", "sysvol/Program Files/Cylance/Desktop/log"),
         # ESET
         ("dir", "sysvol/Documents and Settings/All Users/Application Data/ESET/ESET NOD32 Antivirus/Logs"),
         ("dir", "sysvol/ProgramData/ESET/ESET NOD32 Antivirus/Logs"),
+        ("dir", "sysvol/ProgramData/ESET/ESET Security/Logs"),
+        ("dir", "sysvol/ProgramData/ESET/RemoteAdministrator/Agent/EraAgentApplicationData/Logs"),
+        ("dir", "sysvol/Windows/System32/config/systemprofile/AppData/Local/ESET/ESET Security/Quarantine"),
         # Emsisoft
         ("glob", "sysvol/ProgramData/Emsisoft/Reports/scan*.txt"),
         # F-Secure
@@ -944,6 +954,7 @@ class AV(Module):
         ("dir", "sysvol/ProgramData/Microsoft/Microsoft AntiMalware/Support"),
         ("glob", "sysvol/Windows/System32/winevt/Logs/Microsoft-Windows-Windows Defender*.evtx"),
         ("dir", "sysvol/ProgramData/Microsoft/Windows Defender/Support"),
+        ("dir", "sysvol/ProgramData/Microsoft/Windows Defender/Scans/History/Service/DetectionHistory"),
         ("file", "sysvol/Windows/Temp/MpCmdRun.log"),
         ("file", "sysvol/Windows.old/Windows/Temp/MpCmdRun.log"),
     ]
diff --git a/acquire/collector.py b/acquire/collector.py
index 38d13198..a7e2f8bc 100644
--- a/acquire/collector.py
+++ b/acquire/collector.py
@@ -300,9 +300,9 @@ def collect_file(
             return
 
         outpath = self._create_output_path(outpath or path, base)
-        entry = path.get()
 
         try:
+            entry = path.get()
             if volatile:
                 self.output.write_volatile(outpath, entry, size)
             else: