VIPRE Logs
Overview
Section titled “Overview”Evidence: VIPRE Logs
Description: Collect VIPRE Logs
Category: Applications
Platform: windows
Short Name: vprls
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes
Background
Section titled “Background”VIPRE (formerly GFI AntiMalware and Sunbelt AntiMalware) is a business security solution that maintains logs across multiple product iterations. It stores logs in both system-wide ProgramData and user-specific AppData locations.
Data Collected
Section titled “Data Collected”This collector gathers structured data about vipre logs.
Collection Method
Section titled “Collection Method”This collector gathers VIPRE logs from current and legacy installations including VIPRE Business Agent, GFI Software AntiMalware, and Sunbelt Software AntiMalware directories.
Forensic Value
Section titled “Forensic Value”VIPRE logs provide evidence of malware detections, business endpoint security events, and threat activities across different product versions. They’re valuable for investigating security incidents in business environments.