VIPRE Premium UPDATE 1 version 4.0.3904

Discussion in 'other anti-virus software' started by atomomega, Aug 27, 2010.

Thread Status:
Not open for further replies.
  1. atomomega
    Offline

    atomomega Registered Member

    This update applies to CounterSpy®, VIPRE® Antivirus, and VIPRE® Antivirus Premium
    UPDATE released on 08/26/2010

    Changes:
    • The default definitions update time has been modified to be 1 hour for consumer.
    • Modified the definitions updates process to download all available incrementals and
    apply them as one package.
    • Internet Connection Sharing mode added.
    • Enhanced the ports rules tab to show different fields for the simple port rules versus the
    advanced rules.
    • Improved firewall event logging.
    • Prevented users from deleting the default Web filter application exceptions.
    • Logic was added to the Threat Engine and root kit driver to support 64-bit rootkit engine
    registry scanning. This improves our ability to detect malware traces in the 64-bit specific
    registry hives.
    • Logic was added to the Threat Engine to support rootkit engine MBR cleaning.
    • The Active Protection logic was enhanced to not quarantine infected files that could be
    cleaned.
    • A small memory leak in the tray was fixed.
    • Improved upgrade notices when logged on as a limited user.
    • The Scan tab now stays yellow after a scan only if further action is required by the user.
    • Printers and monitors that have USB ports on them are now only scanned when
    media/devices are inserted in them.
    • USB scans now only scan the USB drive (on occasion, the entire C drive would get
    scanned).
    • A fix in the HIPS driver to eliminate BSODs if any driver hooks ZwLoaddriver or
    ZwMapViewOfSection after HIPs. This was happening with the Zemana AntiLogger
    program.
    • The HIPS driver was fixed to handle hardware with the TPM chip on it. No more BSODs
    with Embassy Trust Suites.
    • The way AP processed archives was incorrectly changed in 4.0 causing AP to not catch
    malware in archives. This logic was fixed to properly scan inside of archives.
    • The firewall advertising stats were not showing how many ads were blocked. They have
    been fixed.
    • The capability to add Web filter exclusions by application (process) was added to VIPRE
    Premium.
    • A new pop up screen was added to allow users to add exceptions (web sites) to override
    known bad URLs. The firewall was modified to use these new values to override the bad
    URL check.
    • Added the ability to include inbound and outbound email AV footers. Check boxes were
    added to the consumer UI to allow the user to enable/disable these.
    • Fixed a bug where AP did not detect infected files that were larger than 4k.
    • Fix to allow MalwareBytes to update with advertisement blocking enabled.
    • Boot time protection not working properly. Fixed in update 1.
    • Rootkit scanning occasionally causing BSOD. Fixed.

    EDIT: Release Date
  2. sg09
    Offline

    sg09 Registered Member

    Thanks for the update. I may have installed it again..:)
  3. PnP
    Offline

    PnP Registered Member

    interesting to test the new version.. :)
  4. Blackcat
    Offline

    Blackcat Registered Member

    Was in beta for a long time so most kinks should be ironed out at this stage.

    Runs very light with the on-execute scanning of the Guard selected. But Vipre needs to be tested at other sites apart from Virus Bulletin to judge its overall detection rate.
  5. eBBox
    Offline

    eBBox Registered Member

    Agree - a lot of people is waiting for that :thumb:
  6. Boyfriend
    Offline

    Boyfriend Registered Member

    Thanks atomomega for update especially change log. I never use/update any software/software update, which do not have change log. Currently downloading VIPRE Antivirus Premium…
  7. atomomega
    Offline

    atomomega Registered Member

    No problem man! I really would like to see VIPRE becoming one of the big names cause it's a great piece of software. It has great potential and right now the AV/AM engine and the FW are top-class, can compare with any of the big guys. The GUI and the software in general still need some work.

    ~Comment removed~
    Last edited by a moderator: Aug 30, 2010
  8. goaldendj
    Offline

    goaldendj Registered Member

    It's good that they auto update the version you are using-makes things a little easier.
    I haven't had any security issues since I started using VIPRE and hope that continues with this updated release.
    The GUI isn't a problem for me as I'm only interested in the protection side of things.
    It'd be nice if they get a bigger share of the market,they surely will if they continue doing such a great job.
  9. slider916
    Offline

    slider916 Registered Member

    This version seems like a very stable product with good pricing for a home site license. I would really like to see how it does against some of the nasty rootkits and other exploits that are out there.

    I'd also like to know more about how their HIPS works because there's only allow and block, and not a prompt for action setting.
  10. atomomega
    Offline

    atomomega Registered Member

    Also found this:
    about MX-V technology:
    Also I noticed until today that this new release adds a BB-like setting which allows VIPRE to prompt for user interaction when unknown programs attempt to make changes on the system.
    vipreunknownapps.JPG
  11. sg09
    Offline

    sg09 Registered Member

    This feature were even there previously..:)
  12. Ibrad
    Offline

    Ibrad Registered Member

    The behavior blocker like settings have always been in Vipre/Counterspy they are just off by default.
  13. slider916
    Offline

    slider916 Registered Member

    I guess it depends on if you want a lot of pop ups or not.
  14. sg09
    Offline

    sg09 Registered Member

    Not too much. It acts mainly like an AE...:) It is very much useful for guys like me who don't like hard HIPS....
    Btw, guys anyone know if the HIPS of Vipre can be set in ask more..? AFAIK there is only deny or allow mode...
  15. atomomega
    Offline

    atomomega Registered Member

    If the HIPS module is enabled, there's an option to allow VIPRE to prompt for user interaction. It's not as clear as saying "Ask for action" or "Prompt for decition", rather it says: "Block with notify", so the action will be blocked until the user decides wether to allow it or block it. You can also make VIPRE remember the answer to create a rule.
    viprehips.JPG
  16. sg09
    Offline

    sg09 Registered Member

    Thank you..:)
  17. slider916
    Offline

    slider916 Registered Member

    Thanks.

    This product also gave some impressive results in the tests performed by Malware Research Group.

    I would take it that there's a pretty good antikeylogger function as well Vipre?
  18. slider916
    Offline

    slider916 Registered Member

    atomomega,

    I think I'm going to take this product on a test run to see how it does.

    May I ask what settings you use since you use this product?

    Also, I use UTorrent and wanted to know if there were any special settings I needed to make in order to have UTorrent work?

    I already have the ports opened in my firewall.

    Thanks,
  19. atomomega
    Offline

    atomomega Registered Member

    The keyloggers should be stopped by the antispyware module which integrates the same technology as the one in CounterSpy. In case a keylogger happened to avoid detection, it wouldn't be able to send out any info without the user being prompted wether to allow it or not, through the VIPRE's IDS module.

    EDIT: Typo
  20. atomomega
    Offline

    atomomega Registered Member

    Sure my friend,
    I'd personally disable any other firewall app as VIPRE Premium integrates a powerful fw. So, pretty much the only settings I change are the following:

    1) On the Active Protection tab just uncheck the option that says: "Check files when they are opened or copied", this will make VIPRE to scan any file upon execution, and not on-access (by default). This will save you ram usage and reduce I/O activity.

    2) On the same tab, there's an Advanced option to configure Handling of Unknown Programs, though this may be annoying some times specially when installing software that's not digitally signed. But will boost up the overall security of your system and will allow you to monitor the actions taken by any "unknown" program. This is more like a behaviour blocker module.

    3) First, make sure you setup the firewall on Learning mode and then on the firewall tab enable Intrusion Detection Systems (IDS) and on IDS Settings make sure to change all three intrusion levels to "Block". This will ensure that no app/program whatsoever creates a network/internet connection without your explicit consent.

    4) Enable the HIPS module and make sure you set it on "Block with notify" so you can create specific rules for the HIPS when prompted.

    That's it. Should you have any further question, feel free to ask.:thumb: ;)
  21. LODBROK
    Online

    LODBROK Guest

    @atomomegaYour signature: Resident: VIPRE Premium (IDS on/HIPS off)

    Which is it? You have HIPS on or off?

    o_O
  22. atomomega
    Offline

    atomomega Registered Member

    I do have it on. Haven't updated my sig..... Sorry... :thumb:
  23. slider916
    Offline

    slider916 Registered Member

    Thanks for the help.

    I'll set it up and give it a test run on my vm later.
  24. NickHSunbelt
    Offline

    NickHSunbelt Support Specialist

    This isn't quite accurate. The IDS would not be the component that prompts for connections. This is actually just how the firewall works in Learning Mode. The IDS is separate but dependent on the firewall being enabled. The IDS just uses basic SNORT-like rules to block specific known attacks. I'd also personally suggest only setting the high priority intrusions to block. The medium and low priority intrusions are less important to block and can occasionally cause legitimate traffic to be blocked by mistake. These are mostly suggested to only have set to block if you are aware you are being attacked and want more data about connections going to your system and attacks being attempted.

    Additionally, the Process Protection (HIPS) feature in VIPRE is mainly for blocking any kind of code injection. If you have this set to block it will block any code injection from occurring. If you have it set to block with notify it will notify you with a pop up any time this has blocked code injection. On this pop up it also gives you the option to add an exception for the injecting application.

    As it states on the option itself, Process Protection is suggested only for advanced users as a lot of legitimate software does use code injection and some applications may not work correctly unless exceptions are set for them.
  25. slider916
    Offline

    slider916 Registered Member

    So, I guess my next question would be. If the HIPS, IDS, and Behavior Blocker are all off by default. How does the product do its job?

    Thanks.
Thread Status:
Not open for further replies.