Jump to content
  • Announcements

    • Rodion Nagornov

      Долгое сохранение сообщений || Delays while posting (click here to read the full text RU/EN)   09/20/2017

      Due to some technical reasons visual delays are possible while message sending. Actually your message is published immediately - just interface works long. In such case, please, do not re-send your message immediately! Press F5 to reload the page and check if your message/topic is published. || По техническим причинам возможно визуально долгое отправление сообщений на форуме. Фактически ваше сообщение публикуется мгновенно - долго отрабатывает графика. В случае подобной ситуации, пожалуйста, сначала обновите страницу (F5) и проверьте, появилось ли ваше сообщение. Не пытайтесь сразу отправить его заново.

Veronika Tanaeva

KL Russia
  • Content count

    36
  • Joined

  • Last visited

About Veronika Tanaeva

  • Rank
    Candidate

Contact Methods

  • E-mail
    0
  1. Hello colleagues! We are asking you to test SW, Qscan, AntiRootkit, VAPM, AVENGINE modules release Update available from: http://iro.kaspersky-labs.com Release date: 22 January 2018 (start of targeting) Update description: VAPM vapm.dll x86 Version: 3.4.0.59 MD5: 7B1C13E47D95BE1721C4499F512C322B vapmhst.exe x86 Version: 3.4.0.59 MD5: FBF606300A365DA3C9F8979BA64AC2C5 Changelist: SQLite cnanged from 3.19.3 to 3.20.1 How to test: https://forum.kaspersky.com/index.php?showtopic=361018 ________________________________________ SW klavasyswatch.dll (x86, unmod) Version: 2.3.6.2460 MD5: 2618B3B1BD6FC492D8039CF3EC211777 klavasyswatch.dll (x86, mod) Version: 2.3.6.2461 MD5: 46F13D131A0992E4093D18854D0D945C sw2.xms (unmod) MD5: 4EAC3662533A5D3C3E2CC6829D201AE4 sw2.xms (mod) MD5: 947E0E5FD0E7693721366A82B8F02DD0 pdm.kdl (x86, unmod) Version: 3.3.7.27 MD5: 9B4785FF4B522C7AD2209000739DED8D pdm.kdl (x86, mod) Version: 3.3.7.27 MD5: BE7B0A7F1F272C63288BE5869FF58D62 sw2ar.xms MD5: 3A75824035483836647566D68AFE634D Changelist: Monitoring of new events enabled Performance fixes AntiRansom technology improvements How to test: https://forum.kaspersky.com/index.php?showtopic=313385 ________________________________________ Qscan Unmod: qscan.kdl 4.7.11.0 (md5: 45ed488a9fd791b024270837c308de6d ) kavsys.kdl 2.7.11.0 (md5: c4273d9415b4c476c284e268344923d6 ) Mod : qscan.kdl 4.7.11.0 (md5: 2fedac82683c3a0a684c43213d982834 ) kavsys.kdl 2.7.11.0 (md5: 5c940e230e2bff34af599a45aed4f928 ) ARK Unmod: arkmon.kdl 1.13.6.1 (md5: c321caec71c2ec2921e8efc14eeec641 ) arkmon32.dat 1.13.6.0 (md5: 4e3d9e0f331b4edad4a63b17f10c83fb ) arkmon64.dat 1.13.6.0 (md5: b38172c8f467fe520ab9f2a13569bee6 ) arkmon32.drv 1.13.6.0 (md5: 0a24839fe73e785c2e1843eefc7df6be ) arkmon64.drv 1.13.6.0 (md5: a0d28e20a988c40254afeb8f265d5b16 ) Mod: arkmon.kdl 1.13.6.1 (md5: 0911da6570337f66cbc5248f2388263c ) arkmon32.dat 1.13.6.0 (md5: 6eb35ed09ec75023535f366390304adc ) arkmon64.dat 1.13.6.0 (md5: f98104550d11123d929ecd81789cf81d ) arkmon32.drv 1.13.6.0 (md5: 95bc118cdc74559462fe746db12c58ac ) arkmon64.drv 1.13.6.0 (md5: 2ed5e114d8f777eff45a7d0b81c0b011 ) Changelist: 1) Support of new Win7 SP1 core (build 24000) in ARKMON 2) Fix of miss in AV-Test. 3) Fixes of working on DeviceGuard How to test: https://forum.kaspersky.com/index.php?/topic/309094-faq-qscan-update-testing/ https://forum.kaspersky.com/index.php?/topic/306486-faq-anti-rootkit-update-testing/ ________________________________________ AVENGINE avengine.efi x64 2.3.0.4 md5: f2734168568b8b500f2ff85d9e07df8c Changelist: • Actualize version of Avengine for efi How to check: https://forum.kaspersky.com/index.php?/topic/310312-faq-testing-of-avenginedll/
  2. Hello, Yes, beginning with this release placement of amsi_plugins changed. Old folder should be deleted on reboot.
  3. Всем привет! Доступно для тестирования очередное обновление модулей SCO, SW2 Источник обновления: http://iro.kaspersky-labs.com Дата релиза: 23 октября 2017 (start of targeting) Описание обновления: SCO sys_critical_obj.dll 1.9.7.0 (md5: 5d1bf8d62d85c962969d661382af7c49) sys_critical_obj.esm (md5: 0675d2365f597b6ef84371b4a34d3438) Mod: sys_critical_obj.dll 1.9.7.0 (md5: 7639f7f10ec76ad958309ba7657fe836) Products : KES8+, KAVKIS2011+, Pure2+, KSV LA, KAV SDK, KSS, CIP, KVRT Изменения: 1) поддержка новых интерфейсов 2) внутренние улучшения Как тестировать SystemWatcher 2.3.6.2334 853bc128f95d632d213c83ecbfd112f1 - klavasyswatch.dll 0e32db52883c41dc39364ce56e7fae7d - sw2.xms 6e9a756a4692318c4a015b4d058848d6 - sw2ar.xms 21a5a4ac4ed10f08afe5ed0be88e9bc3 - amsi_plugin32.dll 73a174642f74af5607c04672733f8b9e - amsi_plugin64.dll 7cccbbba4c18de1ed5e08d7821d427eb - rollback.dll 6d8644cc7aa556be268da0ac363af690 - sw2.esm 2.3.6.2335 (mod) 5410b3316709e9134ce766b4ce075803 - klavasyswatch.dll 5cf5996cb257da622fa65a6a73b81838 - sw2.xms 2c0e29e2b01697e41734e4848831feeb - amsi_plugin32.dll 0b83820e3644aa32512f5c920b133001 - amsi_plugin64.dll ae88392564b6b34135e6569247b3f1d7 - rollback.dll Изменения: - фикс дампов - фикс багов - новые события добавлены в список логирования Как тестировать
  4. SW2, SCO update

    Hello colleagues! We are asking you to test SCO, SW2 modules update Update available from: http://iro.kaspersky-labs.com Release date: 23 October 2017 (start of targeting) Update description: SCO sys_critical_obj.dll 1.9.7.0 (md5: 5d1bf8d62d85c962969d661382af7c49) sys_critical_obj.esm (md5: 0675d2365f597b6ef84371b4a34d3438) Mod: sys_critical_obj.dll 1.9.7.0 (md5: 7639f7f10ec76ad958309ba7657fe836) Products : KES8+, KAVKIS2011+, Pure2+, KSV LA, KAV SDK, KSS, CIP, KVRT Changes : 1) New interface support 2) internal improvements How to test SystemWatcher 2.3.6.2334 853bc128f95d632d213c83ecbfd112f1 - klavasyswatch.dll 0e32db52883c41dc39364ce56e7fae7d - sw2.xms 6e9a756a4692318c4a015b4d058848d6 - sw2ar.xms 21a5a4ac4ed10f08afe5ed0be88e9bc3 - amsi_plugin32.dll 73a174642f74af5607c04672733f8b9e - amsi_plugin64.dll 7cccbbba4c18de1ed5e08d7821d427eb - rollback.dll 6d8644cc7aa556be268da0ac363af690 - sw2.esm 2.3.6.2335 (mod) 5410b3316709e9134ce766b4ce075803 - klavasyswatch.dll 5cf5996cb257da622fa65a6a73b81838 - sw2.xms 2c0e29e2b01697e41734e4848831feeb - amsi_plugin32.dll 0b83820e3644aa32512f5c920b133001 - amsi_plugin64.dll ae88392564b6b34135e6569247b3f1d7 - rollback.dll Changelist: - Dump fix - Bug fix - New events logging How to test
  5. Всем привет! Доступно для тестирования очередное обновление модулей AVEngine, Pbs,kdl, SystemWatcher, Integrity Control, Klsihk Источник обновлений: http://dnl-test.kaspersky-labs.com/test/iro/ Дата релиза: 25 сентября 2017 (начало таргетирования) Описание обновления: ________________________________________ Pbs.kdl 60aa62214d3b705a21f5dac5637bb372 *pbs.kdl 3a0e4de0558b4fb674ccab1410906774 *mod/pbs.kdl Список изменений: - смена механизма сжатия с KLAVPack на KLZ - добавление верификации подписи и подписи PPL signature ________________________________________ AVengine Windows MD5 (x86): 824fb481d0558926baa07a8187e2e912 MD5 (mod, x86): fc5ff99e42c428a8155bdb97d55e4a8a MD5 (x64): da30a18044d7cdc05c9de0f20edb666d Mac MD5 (x86): 67b2298167d01163dcbc2672d4dd6ce8 Linux MD5 (x86): 978e0b89e8238dc428af82aace5d77e1 MD5 (x64): 06e399905420beb27e4dea572dd1d006 FreeBSD MD5 (8, x86): a38e7041afd413e25bb587712d2f5b2f MD5 (8, x64): 3010dc0daa7621f4df9a7c76f2eb42df MD5 (9, x86): 69d122b92c3e627e301e77e4de05d0ff MD5 (9, x64): 757cbc2b541a72d4b1736ec5ffebce95 Список изменений: - поддержка сканирования HTTP-запросов - добавление Анти-Криптора в KESL10 - фикс конфликта System Watcher и Hancom в KES10SP2 - исправление багов Как тестировать ________________________________________ SystemWatcher klavasyswatch.dll (x86, unmod) Version: 2.3.6.2285 MD5: B0C8AB593399F9AD9080416A8BDADF7D GOST: 4B58FD5E7CE6BD0784FC4B8EFA9E576BA950A73A567FC5ABACF962D1DFA31F89 klavasyswatch.dll (x86, mod) Version: 2.3.6.2286 MD5: F8B82A64A4A2276A450A3533C064C53D GOST: 7B285FE7E70830C1E57A0BBA2D562B6B830B942A1BAD4B5C4587E099E23B2C7F sw2.xms (unmod) MD5: A27821B736A3AE8B48BD1E19D9A5B28D GOST: 21C4CC69671956CDA202E8EEBBB8C5CF0500220095E58A6073F4FCC15482054F sw2.xms (mod) MD5: C81CFA78740025E80F041A8049B87335 GOST: 4759099145693735DF2BF7C4F8E5B255177A48190AE01DFBFE5C32329F8D6165 rollback.dll (x86, unmod) Version: 2.0.0.1298 MD5: DF6D392D69DC5CCC57176C201E5596DF GOST: 1C58A2F106F3C7454674A79B69630F9B7BEE749269792C250190019713E40001 rollback.dll (x86, mod) Version: 2.0.0.1299 MD5: F3C2424524B6E99112D9CDD263C38CE6 GOST: 48687D6EA75441A431C6937972A9EE3896F5A798C2D8378E4E0D7B347D414EBF sw2ar.xms MD5: BF8C97C6CB4E211ED1946726CAC6C4C8 GOST: F227AC9C0A6B763D40FA63DFD58F96432B1447D9D674C97B36FC5B4EA16B255D amsi_plugin32.dll (x86, unmod) Version: 2.3.6.2285 MD5: 883EC2DB4FE3F2A99E8C73B22755ECC2 GOST: BF4F4FA4B9518B47FB030D15BB5EA346E3F2F19795D30403E73BE68EA9D7ED77 amsi_plugin32.dll (x86, mod) Version: 2.3.6.2286 MD5: 6F46E33BD889E5886B4F6E2B8B942907 GOST: EFEA8AC06448E2FCC2F05F28EBA7807BBD43AD957776E97EB4F69C50EB265E11 amsi_plugin64.dll (x64, unmod) Version: 2.3.6.2285 MD5: DB180F66AF070D02BDDB71058B76F2D5 GOST: 22DBF6111960121F7BC71A06188BACF32CFF93DB3DE4E6A0889297CB80DABDEE amsi_plugin64.dll (x64, mod) Version: 2.3.6.2286 MD5: A2EEE2564D4D5E03CB841B8C221825B1 GOST: FC2E8941EF4FA3B00B617D264E1C5B478A0AAFAAFCC0496280683FD362443E3C klpshk32.dll (x86, unmod) Version: 1.0.0.0 MD5: 8F6D5D3589ED9B1891D461BCBDC6D11F GOST: D50B368C78C0CA43E940E23E730E563F0B59F894FCD29543C7580F39EB2EC691 klpshk32.dll (x86, mod) Version: 1.0.0.0 MD5: 8FF6F70648D64D1B9E43CBA6DF6A6DB2 GOST: 394035793AA6C9E40E8A30EF8EE442DA563122F31F19A56EC261EFAED0F9B104 klpshk64.dll (x64, unmod) Version: 1.0.0.0 MD5: F685B9EE09950AE3754225290547751C GOST: 2296B5F2537837680ADB7A35C2E0D97BB701F96BB6F1216258FED28942531822 klpshk64.dll (x64, mod) Version: 1.0.0.0 MD5: 4BCF79ACBEFC2DCB00A1D4BAFA416CC7 GOST: CB0D230DDA43DBE807B41A6B86329D45FDB498D8D54BD9D279AD6890671F9B2B Список изменений: - поддержка механизма AMSI для 2018+ - детектирование крипторов, исопользующих мапинг при шифровании - фикс дампов Как тестировать ________________________________________ Integrity Control intctrl.kdl (x86, unmod) Version: 2.3.0.113 MD5: 6F3A2F77E91B4B13F35CD5DBAC9FC648 GOST: 8CE850F873C22F012842D9D4F0D44F8A5C2EF6CDF78C5785D0CB42C2FCEA7582 intctrl.kdl (x86, mod) Version: 2.3.0.114 MD5: 618F47A91F8125E05ADEF37E5268C723 GOST: 7CF90F095D19354F3BFE92A78F3575F1EE58928FFC9A95525894058514000969 Список изменений: - улучшение механизма детектирования Как тестировать ________________________________________ KLSIHK klsihk.dll 14.0.596.0 af6c1cd3e289a4a65a37ea7915692f195 klsihk64.dll 14.0.596.0 e1390916e5873df4f0bcba5761f6278e klsihk64l.dll 14.0.596.0 aa2330d7e835da9b548832bd0d04479e Список изменений: - поддержка браузера Edge Как тестировать ________________________________________ FAQ по тестированию: Обновление, таргетирование итд
  6. Hello! We are asking you to test IC, SW2, klsihk modules update Update available from: http://dnl-test.kaspersky-labs.com/test/iro/ Release date: 25 September 2017 (start of targeting) Update description: Avengnie 2.3.0.2: Windows MD5 (x86): 824fb481d0558926baa07a8187e2e912 MD5 (mod, x86): fc5ff99e42c428a8155bdb97d55e4a8a MD5 (x64): da30a18044d7cdc05c9de0f20edb666d Mac MD5 (x86): 67b2298167d01163dcbc2672d4dd6ce8 Linux MD5 (x86): 978e0b89e8238dc428af82aace5d77e1 MD5 (x64): 06e399905420beb27e4dea572dd1d006 FreeBSD MD5 (8, x86): a38e7041afd413e25bb587712d2f5b2f MD5 (8, x64): 3010dc0daa7621f4df9a7c76f2eb42df MD5 (9, x86): 69d122b92c3e627e301e77e4de05d0ff MD5 (9, x64): 757cbc2b541a72d4b1736ec5ffebce95 Changelist: Support HTTP request scanning Add Anti-Cryptor в KESL10 Fix KES10SP2 System Watcher conflict with Hancom Bug fix PBS.kdl 2.5.0.9 60aa62214d3b705a21f5dac5637bb372 *pbs.kdl 3a0e4de0558b4fb674ccab1410906774 *mod/pbs.kdl Changelist: Change compression mechanism from KLAVPack to KLZ Add verisign и PPL signature Integrity Control intctrl.kdl (x86, unmod) Version: 2.3.0.113 MD5: 6F3A2F77E91B4B13F35CD5DBAC9FC648 GOST: 8CE850F873C22F012842D9D4F0D44F8A5C2EF6CDF78C5785D0CB42C2FCEA7582 intctrl.kdl (x86, mod) Version: 2.3.0.114 MD5: 618F47A91F8125E05ADEF37E5268C723 GOST: 7CF90F095D19354F3BFE92A78F3575F1EE58928FFC9A95525894058514000969 Changelist: - improvements of detection mechanisms How to test SystemWatcher klavasyswatch.dll (x86, unmod) Version: 2.3.6.2285 MD5: B0C8AB593399F9AD9080416A8BDADF7D GOST: 4B58FD5E7CE6BD0784FC4B8EFA9E576BA950A73A567FC5ABACF962D1DFA31F89 klavasyswatch.dll (x86, mod) Version: 2.3.6.2286 MD5: F8B82A64A4A2276A450A3533C064C53D GOST: 7B285FE7E70830C1E57A0BBA2D562B6B830B942A1BAD4B5C4587E099E23B2C7F sw2.xms (unmod) MD5: A27821B736A3AE8B48BD1E19D9A5B28D GOST: 21C4CC69671956CDA202E8EEBBB8C5CF0500220095E58A6073F4FCC15482054F sw2.xms (mod) MD5: C81CFA78740025E80F041A8049B87335 GOST: 4759099145693735DF2BF7C4F8E5B255177A48190AE01DFBFE5C32329F8D6165 rollback.dll (x86, unmod) Version: 2.0.0.1298 MD5: DF6D392D69DC5CCC57176C201E5596DF GOST: 1C58A2F106F3C7454674A79B69630F9B7BEE749269792C250190019713E40001 rollback.dll (x86, mod) Version: 2.0.0.1299 MD5: F3C2424524B6E99112D9CDD263C38CE6 GOST: 48687D6EA75441A431C6937972A9EE3896F5A798C2D8378E4E0D7B347D414EBF sw2ar.xms MD5: BF8C97C6CB4E211ED1946726CAC6C4C8 GOST: F227AC9C0A6B763D40FA63DFD58F96432B1447D9D674C97B36FC5B4EA16B255D amsi_plugin32.dll (x86, unmod) Version: 2.3.6.2285 MD5: 883EC2DB4FE3F2A99E8C73B22755ECC2 GOST: BF4F4FA4B9518B47FB030D15BB5EA346E3F2F19795D30403E73BE68EA9D7ED77 amsi_plugin32.dll (x86, mod) Version: 2.3.6.2286 MD5: 6F46E33BD889E5886B4F6E2B8B942907 GOST: EFEA8AC06448E2FCC2F05F28EBA7807BBD43AD957776E97EB4F69C50EB265E11 amsi_plugin64.dll (x64, unmod) Version: 2.3.6.2285 MD5: DB180F66AF070D02BDDB71058B76F2D5 GOST: 22DBF6111960121F7BC71A06188BACF32CFF93DB3DE4E6A0889297CB80DABDEE amsi_plugin64.dll (x64, mod) Version: 2.3.6.2286 MD5: A2EEE2564D4D5E03CB841B8C221825B1 GOST: FC2E8941EF4FA3B00B617D264E1C5B478A0AAFAAFCC0496280683FD362443E3C klpshk32.dll (x86, unmod) Version: 1.0.0.0 MD5: 8F6D5D3589ED9B1891D461BCBDC6D11F GOST: D50B368C78C0CA43E940E23E730E563F0B59F894FCD29543C7580F39EB2EC691 klpshk32.dll (x86, mod) Version: 1.0.0.0 MD5: 8FF6F70648D64D1B9E43CBA6DF6A6DB2 GOST: 394035793AA6C9E40E8A30EF8EE442DA563122F31F19A56EC261EFAED0F9B104 klpshk64.dll (x64, unmod) Version: 1.0.0.0 MD5: F685B9EE09950AE3754225290547751C GOST: 2296B5F2537837680ADB7A35C2E0D97BB701F96BB6F1216258FED28942531822 klpshk64.dll (x64, mod) Version: 1.0.0.0 MD5: 4BCF79ACBEFC2DCB00A1D4BAFA416CC7 GOST: CB0D230DDA43DBE807B41A6B86329D45FDB498D8D54BD9D279AD6890671F9B2B Changelist: - mapping cryptors detection - AMSI support for 2018+ - dumps fixes How to test Klsihk klsihk.dll 14.0.596.0 af6c1cd3e289a4a65a37ea7915692f195 klsihk64.dll 14.0.596.0 e1390916e5873df4f0bcba5761f6278e klsihk64l.dll 14.0.596.0 aa2330d7e835da9b548832bd0d04479e changelog: Support for Edge browser How to test How to update: Update etc
  7. Hello! We are asking you to test IC, SW2 modules update Update available from: http://dnl-test.kaspersky-labs.com/test/iro/ Release date: 25 September 2017 (start of targeting) Update description: Avengnie 2.3.0.2: Windows MD5 (x86): 824fb481d0558926baa07a8187e2e912 MD5 (mod, x86): fc5ff99e42c428a8155bdb97d55e4a8a MD5 (x64): da30a18044d7cdc05c9de0f20edb666d Mac MD5 (x86): 67b2298167d01163dcbc2672d4dd6ce8 Linux MD5 (x86): 978e0b89e8238dc428af82aace5d77e1 MD5 (x64): 06e399905420beb27e4dea572dd1d006 FreeBSD MD5 (8, x86): a38e7041afd413e25bb587712d2f5b2f MD5 (8, x64): 3010dc0daa7621f4df9a7c76f2eb42df MD5 (9, x86): 69d122b92c3e627e301e77e4de05d0ff MD5 (9, x64): 757cbc2b541a72d4b1736ec5ffebce95 Changelist: Support HTTP request scanning Add Anti-Cryptor в KESL10 Fix KES10SP2 System Watcher conflict with Hancom Bug fix PBS.kdl 2.5.0.9 60aa62214d3b705a21f5dac5637bb372 *pbs.kdl 3a0e4de0558b4fb674ccab1410906774 *mod/pbs.kdl Changelist: Change compression mechanism from KLAVPack to KLZ Add verisign и PPL signature Integrity Control intctrl.kdl (x86, unmod) Version: 2.3.0.113 MD5: 6F3A2F77E91B4B13F35CD5DBAC9FC648 GOST: 8CE850F873C22F012842D9D4F0D44F8A5C2EF6CDF78C5785D0CB42C2FCEA7582 intctrl.kdl (x86, mod) Version: 2.3.0.114 MD5: 618F47A91F8125E05ADEF37E5268C723 GOST: 7CF90F095D19354F3BFE92A78F3575F1EE58928FFC9A95525894058514000969 Changelist: - improvements of detection mechanisms How to test SystemWatcher klavasyswatch.dll (x86, unmod) Version: 2.3.6.2285 MD5: B0C8AB593399F9AD9080416A8BDADF7D GOST: 4B58FD5E7CE6BD0784FC4B8EFA9E576BA950A73A567FC5ABACF962D1DFA31F89 klavasyswatch.dll (x86, mod) Version: 2.3.6.2286 MD5: F8B82A64A4A2276A450A3533C064C53D GOST: 7B285FE7E70830C1E57A0BBA2D562B6B830B942A1BAD4B5C4587E099E23B2C7F sw2.xms (unmod) MD5: A27821B736A3AE8B48BD1E19D9A5B28D GOST: 21C4CC69671956CDA202E8EEBBB8C5CF0500220095E58A6073F4FCC15482054F sw2.xms (mod) MD5: C81CFA78740025E80F041A8049B87335 GOST: 4759099145693735DF2BF7C4F8E5B255177A48190AE01DFBFE5C32329F8D6165 rollback.dll (x86, unmod) Version: 2.0.0.1298 MD5: DF6D392D69DC5CCC57176C201E5596DF GOST: 1C58A2F106F3C7454674A79B69630F9B7BEE749269792C250190019713E40001 rollback.dll (x86, mod) Version: 2.0.0.1299 MD5: F3C2424524B6E99112D9CDD263C38CE6 GOST: 48687D6EA75441A431C6937972A9EE3896F5A798C2D8378E4E0D7B347D414EBF sw2ar.xms MD5: BF8C97C6CB4E211ED1946726CAC6C4C8 GOST: F227AC9C0A6B763D40FA63DFD58F96432B1447D9D674C97B36FC5B4EA16B255D amsi_plugin32.dll (x86, unmod) Version: 2.3.6.2285 MD5: 883EC2DB4FE3F2A99E8C73B22755ECC2 GOST: BF4F4FA4B9518B47FB030D15BB5EA346E3F2F19795D30403E73BE68EA9D7ED77 amsi_plugin32.dll (x86, mod) Version: 2.3.6.2286 MD5: 6F46E33BD889E5886B4F6E2B8B942907 GOST: EFEA8AC06448E2FCC2F05F28EBA7807BBD43AD957776E97EB4F69C50EB265E11 amsi_plugin64.dll (x64, unmod) Version: 2.3.6.2285 MD5: DB180F66AF070D02BDDB71058B76F2D5 GOST: 22DBF6111960121F7BC71A06188BACF32CFF93DB3DE4E6A0889297CB80DABDEE amsi_plugin64.dll (x64, mod) Version: 2.3.6.2286 MD5: A2EEE2564D4D5E03CB841B8C221825B1 GOST: FC2E8941EF4FA3B00B617D264E1C5B478A0AAFAAFCC0496280683FD362443E3C klpshk32.dll (x86, unmod) Version: 1.0.0.0 MD5: 8F6D5D3589ED9B1891D461BCBDC6D11F GOST: D50B368C78C0CA43E940E23E730E563F0B59F894FCD29543C7580F39EB2EC691 klpshk32.dll (x86, mod) Version: 1.0.0.0 MD5: 8FF6F70648D64D1B9E43CBA6DF6A6DB2 GOST: 394035793AA6C9E40E8A30EF8EE442DA563122F31F19A56EC261EFAED0F9B104 klpshk64.dll (x64, unmod) Version: 1.0.0.0 MD5: F685B9EE09950AE3754225290547751C GOST: 2296B5F2537837680ADB7A35C2E0D97BB701F96BB6F1216258FED28942531822 klpshk64.dll (x64, mod) Version: 1.0.0.0 MD5: 4BCF79ACBEFC2DCB00A1D4BAFA416CC7 GOST: CB0D230DDA43DBE807B41A6B86329D45FDB498D8D54BD9D279AD6890671F9B2B Changelist: - mapping cryptors detection - AMSI support for 2018+ - dumps fixes How to test How to update: Update etc
  8. KJIM, Interprecz, VLNS, SW2 update

    Hello! Modules are being targeted now, only ~30% of users of some products. The modules will be fully released on Sep'22
  9. Всем привет! Доступно для тестирования очередное обновление модулей KJIM, Interprecz, VLNS, SW2 Источник обновлений: http://dnl-test.kaspersky-labs.com/test/iro/ Дата релиза: 11 September 2017 (начало таргетирования) Описание обновления: KJIM x86/kjim.kdl 5.29.0.3 b3cd6222535ff14c8df78356856915cb x86/mod/kjim.kdl 5.29.0.3 37461d2f4529bc99373c18fea59d884e x64/kjim.kdl 5.29.0.3 636dcc6f929dde8e370cc62f49dfebd5 Список изменений: - фиксы обработки VBA, HTA, JS - изменение механизма подсчёта хэшей Как тестировать VLNS DDD12FA804F5FE69CCA19B8F0A49A6A7 vlns.kdl B734347B75B07D3C65004D587FB94401 vlns.kdl (mod) Список изменений: - фикс проверки версий файлов Как тестировать Interprecz interprecz.dll (x86, unmod) Version: 2.0.65.0 MD5: 159C1770B233031FC25E1B29572EE58D GOST: 1F5E06B6C9014E744844E761196C0091BA06376189EFD474069FC4EF4569F20E interprecz.dll (x86, mod) Version: 2.0.65.0 MD5: 159C1770B233031FC25E1B29572EE58D GOST: 1F5E06B6C9014E744844E761196C0091BA06376189EFD474069FC4EF4569F20E Список изменений:: - улучшения обработки нескольких скриптов Как тестировать SystemWatcher klavasyswatch.dll (x86, unmod) Version: 2.3.6.2253 MD5: A58312E1F24B9986415370DC7B2C0CCC GOST: 8EEACE37F255C3ED8624785E0B6BCA16433BD62E2FF92C076AFB33689823C6EA klavasyswatch.dll (x86, mod) Version: 2.3.6.2254 MD5: 7FC93B169307442220884109C1F6638C GOST: 672355743321716072C04942988B86022FFE58969BBD413EABF136F258D6E7A9 sw2.xms (unmod) MD5: FE39C027D50FA83E26E11ADB5099FC30 GOST: 24F3E690E5DF2EAF994CF146C0304750B3813745D85E9EF1EB9916504C0A6608 sw2.xms (mod) MD5: 1DD4DAA0F8D9619E024F6303AD0CE24E GOST: BCAC550ACC726328F30CD70669DF6B66EBF89E6041EE63472FD3ECBB3645CE88 rollback.dll (x86, unmod) Version: 2.0.0.1298 MD5: DF6D392D69DC5CCC57176C201E5596DF GOST: 1C58A2F106F3C7454674A79B69630F9B7BEE749269792C250190019713E40001 rollback.dll (x86, mod) Version: 2.0.0.1299 MD5: F3C2424524B6E99112D9CDD263C38CE6 GOST: 48687D6EA75441A431C6937972A9EE3896F5A798C2D8378E4E0D7B347D414EBF sw2ar.xms MD5: BF8C97C6CB4E211ED1946726CAC6C4C8 GOST: F227AC9C0A6B763D40FA63DFD58F96432B1447D9D674C97B36FC5B4EA16B255D amsi_plugin32.dll (x86, unmod) MD5: 79EF32FA314B4CF760EEAF239D44E82E GOST: 0AF43894A07DDE1B12261DB1107CDB2813F313B870EAC98A4D21486E834CA459 amsi_plugin32.dll (x86, mod) MD5: 17701AA133F5E6B86FC8F6B300FB84D7 GOST: DBD2369682EF51C97856D76A4FC92A9AC1857E717FB0B71BDC7ECA808BB2E315 amsi_plugin64.dll (x64, unmod) MD5: FDC219AA0CE1C36171386F9B24AB7525 GOST: 94583A1F20D0ACBF3F97A203FF6ECC216ED4B2B08A8E75ECDF8B9EBED62602D6 amsi_plugin64.dll (x64, mod) MD5: 49BCA66654C5881EC767509812537D49 GOST: 4FEAF581F44B0298E9E9F5CD1916FB6C4F9B331E0B44A0655EB1B245A1913A7C klpshk32.dll (x86, unmod) MD5: 8F6D5D3589ED9B1891D461BCBDC6D11F GOST: D50B368C78C0CA43E940E23E730E563F0B59F894FCD29543C7580F39EB2EC691 klpshk32.dll (x86, mod) MD5: 8FF6F70648D64D1B9E43CBA6DF6A6DB2 GOST: 394035793AA6C9E40E8A30EF8EE442DA563122F31F19A56EC261EFAED0F9B104 klpshk64.dll (x64, unmod) MD5: F685B9EE09950AE3754225290547751C GOST: 2296B5F2537837680ADB7A35C2E0D97BB701F96BB6F1216258FED28942531822 klpshk64.dll (x64, mod) MD5: 4BCF79ACBEFC2DCB00A1D4BAFA416CC7 GOST: CB0D230DDA43DBE807B41A6B86329D45FDB498D8D54BD9D279AD6890671F9B2B Список изменений: - поддержка механизма AMSI для 2018+ - детектирование крипторов, исопользующих мапинг при шифровании - фикс дампов Как тестировать Как получить обновление: Update etc
  10. Hello! We are asking you to test KJIM, Interprecz, VLNS, SW2 modules update Update available from: http://dnl-test.kaspersky-labs.com/test/iro/ Release date: 11 September 2017 (start of targeting) Update description: KJIM x86/kjim.kdl 5.29.0.3 b3cd6222535ff14c8df78356856915cb x86/mod/kjim.kdl 5.29.0.3 37461d2f4529bc99373c18fea59d884e x64/kjim.kdl 5.29.0.3 636dcc6f929dde8e370cc62f49dfebd5 Changelog: - VBA, HTA, JS fixes - changes in hash counting mechanism How to test VLNS Update description: DDD12FA804F5FE69CCA19B8F0A49A6A7 vlns.kdl B734347B75B07D3C65004D587FB94401 vlns.kdl (mod) Changes: - Bugfix in file version check How to test Interprecz interprecz.dll (x86, unmod) Version: 2.0.65.0 MD5: 159C1770B233031FC25E1B29572EE58D GOST: 1F5E06B6C9014E744844E761196C0091BA06376189EFD474069FC4EF4569F20E interprecz.dll (x86, mod) Version: 2.0.65.0 MD5: 159C1770B233031FC25E1B29572EE58D GOST: 1F5E06B6C9014E744844E761196C0091BA06376189EFD474069FC4EF4569F20E Changelog: - improvement of work with multiple scripts How to test SystemWatcher klavasyswatch.dll (x86, unmod) Version: 2.3.6.2253 MD5: A58312E1F24B9986415370DC7B2C0CCC GOST: 8EEACE37F255C3ED8624785E0B6BCA16433BD62E2FF92C076AFB33689823C6EA klavasyswatch.dll (x86, mod) Version: 2.3.6.2254 MD5: 7FC93B169307442220884109C1F6638C GOST: 672355743321716072C04942988B86022FFE58969BBD413EABF136F258D6E7A9 sw2.xms (unmod) MD5: FE39C027D50FA83E26E11ADB5099FC30 GOST: 24F3E690E5DF2EAF994CF146C0304750B3813745D85E9EF1EB9916504C0A6608 sw2.xms (mod) MD5: 1DD4DAA0F8D9619E024F6303AD0CE24E GOST: BCAC550ACC726328F30CD70669DF6B66EBF89E6041EE63472FD3ECBB3645CE88 rollback.dll (x86, unmod) Version: 2.0.0.1298 MD5: DF6D392D69DC5CCC57176C201E5596DF GOST: 1C58A2F106F3C7454674A79B69630F9B7BEE749269792C250190019713E40001 rollback.dll (x86, mod) Version: 2.0.0.1299 MD5: F3C2424524B6E99112D9CDD263C38CE6 GOST: 48687D6EA75441A431C6937972A9EE3896F5A798C2D8378E4E0D7B347D414EBF sw2ar.xms MD5: BF8C97C6CB4E211ED1946726CAC6C4C8 GOST: F227AC9C0A6B763D40FA63DFD58F96432B1447D9D674C97B36FC5B4EA16B255D amsi_plugin32.dll (x86, unmod) MD5: 79EF32FA314B4CF760EEAF239D44E82E GOST: 0AF43894A07DDE1B12261DB1107CDB2813F313B870EAC98A4D21486E834CA459 amsi_plugin32.dll (x86, mod) MD5: 17701AA133F5E6B86FC8F6B300FB84D7 GOST: DBD2369682EF51C97856D76A4FC92A9AC1857E717FB0B71BDC7ECA808BB2E315 amsi_plugin64.dll (x64, unmod) MD5: FDC219AA0CE1C36171386F9B24AB7525 GOST: 94583A1F20D0ACBF3F97A203FF6ECC216ED4B2B08A8E75ECDF8B9EBED62602D6 amsi_plugin64.dll (x64, mod) MD5: 49BCA66654C5881EC767509812537D49 GOST: 4FEAF581F44B0298E9E9F5CD1916FB6C4F9B331E0B44A0655EB1B245A1913A7C klpshk32.dll (x86, unmod) MD5: 8F6D5D3589ED9B1891D461BCBDC6D11F GOST: D50B368C78C0CA43E940E23E730E563F0B59F894FCD29543C7580F39EB2EC691 klpshk32.dll (x86, mod) MD5: 8FF6F70648D64D1B9E43CBA6DF6A6DB2 GOST: 394035793AA6C9E40E8A30EF8EE442DA563122F31F19A56EC261EFAED0F9B104 klpshk64.dll (x64, unmod) MD5: F685B9EE09950AE3754225290547751C GOST: 2296B5F2537837680ADB7A35C2E0D97BB701F96BB6F1216258FED28942531822 klpshk64.dll (x64, mod) MD5: 4BCF79ACBEFC2DCB00A1D4BAFA416CC7 GOST: CB0D230DDA43DBE807B41A6B86329D45FDB498D8D54BD9D279AD6890671F9B2B Changelog: - AMSI support for 2018+ - mapping cryptors detection - dumps fixes How to test How to update: Update etc
  11. Всем привет! Доступно для тестирования очередное обновление модулей Integrity Control, KLSIHK, AVZ, VLNS3, AVEngine, Kimul Источник обновлений: http://dnl-test.kaspersky-labs.com/test/iro/ Дата релиза: 28 Августа 2017 (начало таргетирования) Описание обновления: Klsihk: klsihk.dll 14.0.455.0 164551a8149dfd804320b94680724291 klsihk64.dll 14.0.455.0 7f12e3fd789855ac8e9bee18e4b9c70f klsihk64l.dll 14.0.455.0 05bedab5952537ab078cfaa2292f01bf Изменения: - улучшена поддержка Edge Как тестировать AVZ • bt.avz MD5: 823e52692a833753943d899d09aa5409 • tsw.avz MD5: 70d8d7e485fe517ced3424d971646b8c • tsw-auto.avz MD5: 8505298ec4daac45ff05fe3e13ad4e6d Продукты : KAVKIS2009+, KES8+, KSOS2+, Pure2+, KSVLA3+, KSS, KSC (System Checker). Изменения: - Улучшения скриптов, используемых средствами: Browser Configuration, Microsoft Windows Troubleshooting (или AVZ scan в KES). Как тестировать VLNS3 • vlns3_engine.dll (2.2.2.27) hash: 4f2fa8e2a8b851a9c3df860079643596 • vlns3_convert.dll (2.2.2.27) hash: 8985f85a77a687a668bf7fcb3be5383b Изменения: • BF 2182691: Errors in eventlog • BF 2274925:Vapm thread hangs after update when tries to get new vlns3 engine info. Продукты : • Kaspersky Security Center 10 Как тестировать Avengine 2.2.0.35 Linux: x86 MD5: 437aae11b6f06e1f8bdaf7c63b5184c7 x64 MD5: 215ee55531dbda5ff19cf764597a8177 FreeBSD 8 (10, 11): x86 MD5: e15e05c069a05e06ca65aa3466307309 x64 MD5: 06d6e2d6a15b9174c00b1d7e0f3ab367 FreeBSD 9: x86 MD5: ea8addff131117bde4f9102f382b11fa x64 MD5: 65e997f99b6a22152a419b8b1842bdd3 Изменения: ∙ Актуализация версии Avengine для nix и bsd ∙ Исправления падений Как тестировать Kimul v46 for MacOS 78145f720a5ea1258ada2da679bb0c32 *kimul.signed.tar.gz 306c82e494e4b7e634b33404f4929310 *kimul.tar.gz Изменения: - Изменён Bundleid для новых механизмов безопасности Apple IntegrityControl 2.3.0.107: 9e71c93a2070fb2dc51117b57d0ff417 - intctrl.kdl 2.3.0.108 (mod) caf4be75f9060457c4bef20b8e84902d - intctrl.kdl Изменения: - Поддержка Win10 How to test Как получить обновление: Update etc
  12. Hello! We are asking you to test Integrity Control, KLSIHK, AVZ, VLNS3, AVEngine, Kimul modules update Update available from: http://dnl-test.kaspersky-labs.com/test/iro/ Release date: 28 Aug 2017 (start of targeting) Update description: Klsihk: klsihk.dll 14.0.455.0 164551a8149dfd804320b94680724291 klsihk64.dll 14.0.455.0 7f12e3fd789855ac8e9bee18e4b9c70f klsihk64l.dll 14.0.455.0 05bedab5952537ab078cfaa2292f01bf changelog: Support for Edge improved How to test: AVZ Update description: • bt.avz MD5: 823e52692a833753943d899d09aa5409 • tsw.avz MD5: 70d8d7e485fe517ced3424d971646b8c • tsw-auto.avz MD5: 8505298ec4daac45ff05fe3e13ad4e6d Products : KAVKIS2009+, KES8+, KSOS2+, Pure2+, KSVLA3+, KSS, KSC (System Checker). New features & fixed issues: - Improvements in scripts used by tools : Browser Configuration, Microsoft Windows Troubleshooting (or AVZ scan in KES). How to test : VLNS3 Update description: • vlns3_engine.dll (2.2.2.27) hash: 4f2fa8e2a8b851a9c3df860079643596 • vlns3_convert.dll (2.2.2.27) hash: 8985f85a77a687a668bf7fcb3be5383b Changes: • BF 2182691: Errors in eventlog • BF 2274925:Vapm thread hangs after update when tries to get new vlns3 engine info. Products : • Kaspersky Security Center 10 How to test: Avengine 2.2.0.35 Linux: x86 MD5: 437aae11b6f06e1f8bdaf7c63b5184c7 x64 MD5: 215ee55531dbda5ff19cf764597a8177 FreeBSD 8 (10, 11): x86 MD5: e15e05c069a05e06ca65aa3466307309 x64 MD5: 06d6e2d6a15b9174c00b1d7e0f3ab367 FreeBSD 9: x86 MD5: ea8addff131117bde4f9102f382b11fa x64 MD5: 65e997f99b6a22152a419b8b1842bdd3 Changelist: ∙ Actualization version of Avengine for nix and bsd ∙ Crash fix How to test: Kimul v46 for MacOS 78145f720a5ea1258ada2da679bb0c32 *kimul.signed.tar.gz 306c82e494e4b7e634b33404f4929310 *kimul.tar.gz Changelist: Changed Bundleid for new Apple security mechanism Integrity Control 2.3.0.107: 9e71c93a2070fb2dc51117b57d0ff417 - intctrl.kdl 2.3.0.108 (mod) caf4be75f9060457c4bef20b8e84902d - intctrl.kdl Changelog: - Win10 support How to test: How to update: Update etc
  13. Hello! We are asking you to test Integrity Control, KLSIHK, AVZ, VLNS3, AVEngine, Kimul modules update Update available from: http://dnl-test.kaspersky-labs.com/test/iro/ Release date: 28 Aug 2017 (start of targeting) Update description: Klsihk: klsihk.dll 14.0.455.0 164551a8149dfd804320b94680724291 klsihk64.dll 14.0.455.0 7f12e3fd789855ac8e9bee18e4b9c70f klsihk64l.dll 14.0.455.0 05bedab5952537ab078cfaa2292f01bf changelog: Support for Edge improved How to test: https://forum.kaspersky.com/index.php?/topic/357379-faq-testing-of-klsihk/ AVZ Update description: • bt.avz MD5: 823e52692a833753943d899d09aa5409 • tsw.avz MD5: 70d8d7e485fe517ced3424d971646b8c • tsw-auto.avz MD5: 8505298ec4daac45ff05fe3e13ad4e6d Products : KAVKIS2009+, KES8+, KSOS2+, Pure2+, KSVLA3+, KSS, KSC (System Checker). New features & fixed issues: - Improvements in scripts used by tools : Browser Configuration, Microsoft Windows Troubleshooting (or AVZ scan in KES). How to test : https://forum.kaspersky.com/index.php?/topic/334482-faq-testing-avz-bases-update/ VLNS3 Update description: • vlns3_engine.dll (2.2.2.27) hash: 4f2fa8e2a8b851a9c3df860079643596 • vlns3_convert.dll (2.2.2.27) hash: 8985f85a77a687a668bf7fcb3be5383b Changes: • BF 2182691: Errors in eventlog • BF 2274925:Vapm thread hangs after update when tries to get new vlns3 engine info. Products : • Kaspersky Security Center 10 How to test: https://forum.kaspersky.com/index.php?/topic/311132-faq-testing-of-vlns3_enginedll/ Avengine 2.2.0.35 Linux: x86 MD5: 437aae11b6f06e1f8bdaf7c63b5184c7 x64 MD5: 215ee55531dbda5ff19cf764597a8177 FreeBSD 8 (10, 11): x86 MD5: e15e05c069a05e06ca65aa3466307309 x64 MD5: 06d6e2d6a15b9174c00b1d7e0f3ab367 FreeBSD 9: x86 MD5: ea8addff131117bde4f9102f382b11fa x64 MD5: 65e997f99b6a22152a419b8b1842bdd3 Changelist: ∙ Actualization version of Avengine for nix and bsd ∙ Crash fix How to test: https://forum.kaspersky.com/index.php?/topic/310312-faq-testing-of-avenginedll/ Kimul v46 for MacOS 78145f720a5ea1258ada2da679bb0c32 *kimul.signed.tar.gz 306c82e494e4b7e634b33404f4929310 *kimul.tar.gz Changelist: Changed Bundleid for new Apple security mechanism Integrity Control 2.3.0.107: 9e71c93a2070fb2dc51117b57d0ff417 - intctrl.kdl 2.3.0.108 (mod) caf4be75f9060457c4bef20b8e84902d - intctrl.kdl Changelog: - Win10 support How to test: https://forum.kaspersky.com/index.php?/topic/336524-faq-testing-integrity-control-update/ How to update: Update etc
  14. This is a mini-FAQ for IntegrityControl update testing. Test collection: Attached Supported products: KAVKIS 2018 TR KAVKIS 2017 TR KAVKIS 2016 MR1 KAVKIS 2016 TR KAVKIS 2015 MP 2 KAVKIS 2015 MP 1 KAVKIS 2015 TR KAVKIS 2014 KAVKIS 2013 OS coverage: The products should be tested with supported OSes. VM or real PC? If you can, it is better to perform tests on physical computers (not VMWare or Virtual PC). Also it would be useful to test with different hardware configurations: CPU, HDD controllers, motherboards etc. Before testing: Enable complete memory dump: XP: http://support.kaspersky.com/general/dumps/6200 Vista: http://support.kaspersky.com/general/dumps/2142 Win7: http://support.kaspersky.com/general/dumps/7989 Win8+: http://support.kaspersky.com/general/dumps/10659 What to pay attention for: - speed of browser while surfing the Internet Short test plan: 1. During update, please launch a lot of applications to emulate the situation in which dumps occurred. 2. Check Reports of Updater: it should say that update was successful, report a problem otherwise. 3. Do not reboot your computer; make sure that modules versions are correct 4. Perform the following tests: A. SafeBrowser test 1. Install ProxyCap on your test PC (pcap529_x64.msi or pcap529_x86.msi corresponding to your OS) (you can find the installer here http://www.proxycap.com/download.html ). Reboot 2. Unload product, in system32 and (if exists) in sysWOW64 rename pcapwsp.dll to pcapwsp_old.dll and place there pcapwsp.dll from archive with test tools. Reboot. 3. Start product, add link to some online-bank to SafeMoney and run protected browser (IE, Chrome, FireFox, Edge) 4. By means of ProcessExplorer check that pcapwsp.dll is not loaded into process iexplore.exe 5. (optional) Uninstall ProxyCap B. Behavior of IntegrityControl while typical use of OS 1. Surf the Internet within protected browser 2. Unload product, compare performance Pay attention to: 1. Performance of product and system I. Memory usage II. Processor time usage 2. Product failures 3. OS Failures. tools_IntCtrl.zip
  15. Всем привет! Доступно для тестирования очередное обновление модулей SystemWatcher, Avengine, KJIM, VLNS3, ETW-config Источник обновлений: http://dnl-test.kaspersky-labs.com/test/iro/ Дата релиза: 31 июля 2017 (начало таргетирования) Описание обновления: ________________________________________ AVEngine: avengine.dll (x86, unmod) Version: 2.2.0.33 MD5: FA549C237E9080B9B3E9E1146017E1D1 avengine.dll (x86, mod) Version: 2.2.0.33 MD5: 9EA5ED48F3F2654D479FC8EB1D1493AC libavengine.dylib (x86) MD5: 58867E5E3A63ADA0B0E58504430280A5 Список изменений: - Фикс 10-секундной задержки запросов в KSN - Добавление причины отказа KSN в AsyncObjectFlagz _______________________________________ KJIM kjim.kdl (x86, unmod) Version: 5.29.0.2 MD5: A765CF4C5B328C75C592077C6DBC9D54 kjim.kdl (x86, mod) Version: 5.29.0.2 MD5: 8CCC613C025BB6FAEA13B0B4F5A3B3EB kjim.kdl (x64) Version: 5.29.0.2 MD5: 81AB02C730BB401793BC96EA83A4C8BC Список изменений: - Улучшение эмуляции ________________________________________ VLNS3 файл: vlns3_engine.dll(2.2.2.27) hash: 4f2fa8e2a8b851a9c3df860079643596 файл: vlns3_convert.dll(2.2.2.27) hash: 8985f85a77a687a668bf7fcb3be5383b vlns3_engine.esm hash: 6E6CB7A64D0772D40B491C0780B453AF Список изменений: - Фикс зависания на попытке получить информацию о движке - Переключение на стандартные контракты обновлений ________________________________________ SystemWatcher Unmod: - klavasyswatch.dll Version: 2.3.6.2178 MD5: 64260BE186CB064EE836D245CC4E3003 - klswapiproxy.kdl MD5: 88B91145D22C5C8F82CE1216B24174A6 - sw2.xms MD5: 76D2E35E9D8E4D61FFBA3E97D1FCBDA0 - rollback.dll Version: 2.0.0.1241 MD5: 222A7E8B6427DCC127680C50E7CA534F - pdm.kdl MD5: 3487F3BEED41C12DD1C11A7F6EB5E6AF - klifpp.xms MD5: 9A131F4BB106495D14C74C2C873B4BE1 - pdm.vds MD5: 87C13424C02569BB70DE3A2466DEA87A Mod: - klavasyswatch.dll Version: 2.3.6.2179 MD5: 57938CF243DC32CC8697A8B160E57184 - klswapiproxy.kdl MD5: F50FDB2363A8631D2B9138ACA11712F7 - sw2.xms MD5: BF503B2DC10DA63EFEE7B3D1321CD4EE - rollback.dll Version: 2.0.0.1242 MD5: F7D767BF6336CA9D92397397115FF3DD - pdm.kdl MD5: 0F1B8914EA2CC954F80B06043727ECC9 - klifpp.xms MD5: C47C06836EB3E06A30C8C1E2F2CEAA08 Список изменений - Поддержка ETW-конфига - Противодействие запуску вредоносного кода, не имеющего образа в виде файла на локальном диске (Fileless malware) - Поддержка линуксовой подсистемы в виндоус 10 - Багфикс ________________________________________ ETW-config etw_event_processor.xms 64051ab1fc1ccd2e7a6c2004a1e7dc05 Список изменений - поддержка новых событий - багфикс ________________________________________ FAQ по тестированию: SystemWatcher Avengine VLNS3 Обновление, таргетирование итд
×