Jump to content

Veronika Tanaeva

Members
  • Content Count

    42
  • Joined

  • Last visited

Posts posted by Veronika Tanaeva


  1. Hello colleagues!
    We are asking you to test SW, Qscan, AntiRootkit, VAPM, AVENGINE modules release
    Update available from: http://iro.kaspersky-labs.com

    Release date:
    22 January 2018 (start of targeting)
    Update description:

    VAPM
    vapm.dll x86    Version: 3.4.0.59    MD5: 7B1C13E47D95BE1721C4499F512C322B    
    vapmhst.exe x86    Version: 3.4.0.59    MD5: FBF606300A365DA3C9F8979BA64AC2C5    

    Changelist: 
    SQLite cnanged from 3.19.3 to 3.20.1

    How to test:
    https://forum.kaspersky.com/index.php?showtopic=361018
    ________________________________________

    SW
    klavasyswatch.dll (x86, unmod)    Version: 2.3.6.2460    MD5: 2618B3B1BD6FC492D8039CF3EC211777
    klavasyswatch.dll (x86, mod)    Version: 2.3.6.2461    MD5: 46F13D131A0992E4093D18854D0D945C
            
    sw2.xms (unmod)        MD5: 4EAC3662533A5D3C3E2CC6829D201AE4
    sw2.xms (mod)        MD5: 947E0E5FD0E7693721366A82B8F02DD0
            
    pdm.kdl (x86, unmod)    Version: 3.3.7.27    MD5: 9B4785FF4B522C7AD2209000739DED8D
    pdm.kdl (x86, mod)    Version: 3.3.7.27    MD5: BE7B0A7F1F272C63288BE5869FF58D62
            
    sw2ar.xms        MD5: 3A75824035483836647566D68AFE634D


    Changelist:
    Monitoring of new events enabled
    Performance fixes
    AntiRansom technology improvements

    How to test:
    https://forum.kaspersky.com/index.php?showtopic=313385


    ________________________________________
    Qscan
    Unmod:
    qscan.kdl 4.7.11.0 (md5: 45ed488a9fd791b024270837c308de6d ) 
    kavsys.kdl 2.7.11.0 (md5: c4273d9415b4c476c284e268344923d6 )

    Mod :
    qscan.kdl 4.7.11.0 (md5: 2fedac82683c3a0a684c43213d982834 ) 
    kavsys.kdl 2.7.11.0 (md5: 5c940e230e2bff34af599a45aed4f928 )

    ARK
    Unmod:
    arkmon.kdl 1.13.6.1 (md5: c321caec71c2ec2921e8efc14eeec641 ) 
    arkmon32.dat 1.13.6.0 (md5: 4e3d9e0f331b4edad4a63b17f10c83fb ) 
    arkmon64.dat 1.13.6.0 (md5: b38172c8f467fe520ab9f2a13569bee6 ) 
    arkmon32.drv 1.13.6.0 (md5: 0a24839fe73e785c2e1843eefc7df6be ) 
    arkmon64.drv 1.13.6.0 (md5: a0d28e20a988c40254afeb8f265d5b16 )

    Mod:
    arkmon.kdl 1.13.6.1 (md5: 0911da6570337f66cbc5248f2388263c ) 
    arkmon32.dat 1.13.6.0 (md5: 6eb35ed09ec75023535f366390304adc ) 
    arkmon64.dat 1.13.6.0 (md5: f98104550d11123d929ecd81789cf81d ) 
    arkmon32.drv 1.13.6.0 (md5: 95bc118cdc74559462fe746db12c58ac ) 
    arkmon64.drv 1.13.6.0 (md5: 2ed5e114d8f777eff45a7d0b81c0b011 )

    Changelist:
    1)      Support of new Win7 SP1 core (build 24000) in ARKMON
    2)      Fix of miss in AV-Test.
    3)      Fixes of working on DeviceGuard

    How to test:
    https://forum.kaspersky.com/index.php?/topic/309094-faq-qscan-update-testing/
    https://forum.kaspersky.com/index.php?/topic/306486-faq-anti-rootkit-update-testing/
    ________________________________________

    AVENGINE

    avengine.efi x64 2.3.0.4 md5: f2734168568b8b500f2ff85d9e07df8c

    Changelist:
    •         Actualize version of Avengine for efi

    How to check:
    https://forum.kaspersky.com/index.php?/topic/310312-faq-testing-of-avenginedll/
     


  2. On 12/29/2017 at 12:37 PM, xzz123 said:

    After a whole day using beta modules, I found they are pretty stable. No crash and no slow down.

    However, Looks like you move amsi_plugin file cache file folder from %avp18.0.0% to %bases%, a deeper path.

    The problem is that there is a empty Amsi folder still under %avp18.0.0%. May be you should consider delete it when apply new cache mechanism?

    Regards

     

    Hello,

    Yes, beginning with this release placement of amsi_plugins changed. Old folder should be deleted on reboot.


  3. Всем привет!

    Доступно для тестирования очередное обновление модулей SCO, SW2 
    Источник обновления: http://iro.kaspersky-labs.com

    Дата релиза:
    23 октября 2017 (start of targeting)

    Описание обновления:

    SCO
    sys_critical_obj.dll 1.9.7.0 (md5: 5d1bf8d62d85c962969d661382af7c49) 
    sys_critical_obj.esm (md5: 0675d2365f597b6ef84371b4a34d3438)
    Mod:
    sys_critical_obj.dll 1.9.7.0 (md5: 7639f7f10ec76ad958309ba7657fe836) 
    Products :
    KES8+, KAVKIS2011+, Pure2+, KSV LA, KAV SDK, KSS, CIP, KVRT
    Изменения:
    1)      поддержка новых интерфейсов
    2)      внутренние улучшения
    Как тестировать


    SystemWatcher
    2.3.6.2334
    853bc128f95d632d213c83ecbfd112f1 - klavasyswatch.dll
    0e32db52883c41dc39364ce56e7fae7d - sw2.xms
    6e9a756a4692318c4a015b4d058848d6 - sw2ar.xms
    21a5a4ac4ed10f08afe5ed0be88e9bc3 - amsi_plugin32.dll
    73a174642f74af5607c04672733f8b9e - amsi_plugin64.dll
    7cccbbba4c18de1ed5e08d7821d427eb - rollback.dll
    6d8644cc7aa556be268da0ac363af690 - sw2.esm

    2.3.6.2335 (mod)
    5410b3316709e9134ce766b4ce075803 - klavasyswatch.dll
    5cf5996cb257da622fa65a6a73b81838 - sw2.xms
    2c0e29e2b01697e41734e4848831feeb - amsi_plugin32.dll
    0b83820e3644aa32512f5c920b133001 - amsi_plugin64.dll
    ae88392564b6b34135e6569247b3f1d7 - rollback.dll
    Изменения:
    -    фикс дампов
    -    фикс багов
    -    новые события добавлены в список логирования
    Как тестировать
     


  4. Hello colleagues!
    We are asking you to test SCO, SW2 modules update
    Update available from: http://iro.kaspersky-labs.com

    Release date:
    23 October 2017 (start of targeting)
    Update description:

    SCO
    sys_critical_obj.dll 1.9.7.0 (md5: 5d1bf8d62d85c962969d661382af7c49) 
    sys_critical_obj.esm (md5: 0675d2365f597b6ef84371b4a34d3438)
    Mod:
    sys_critical_obj.dll 1.9.7.0 (md5: 7639f7f10ec76ad958309ba7657fe836) 
    Products :
    KES8+, KAVKIS2011+, Pure2+, KSV LA, KAV SDK, KSS, CIP, KVRT
    Changes :
    1)      New interface support
    2)     internal improvements
    How to test


    SystemWatcher
    2.3.6.2334
    853bc128f95d632d213c83ecbfd112f1 - klavasyswatch.dll
    0e32db52883c41dc39364ce56e7fae7d - sw2.xms
    6e9a756a4692318c4a015b4d058848d6 - sw2ar.xms
    21a5a4ac4ed10f08afe5ed0be88e9bc3 - amsi_plugin32.dll
    73a174642f74af5607c04672733f8b9e - amsi_plugin64.dll
    7cccbbba4c18de1ed5e08d7821d427eb - rollback.dll
    6d8644cc7aa556be268da0ac363af690 - sw2.esm

    2.3.6.2335 (mod)
    5410b3316709e9134ce766b4ce075803 - klavasyswatch.dll
    5cf5996cb257da622fa65a6a73b81838 - sw2.xms
    2c0e29e2b01697e41734e4848831feeb - amsi_plugin32.dll
    0b83820e3644aa32512f5c920b133001 - amsi_plugin64.dll
    ae88392564b6b34135e6569247b3f1d7 - rollback.dll
    Changelist:
    -    Dump fix
    -    Bug fix
    -    New events logging
    How to test
     


  5. Всем привет!

     

    Доступно для тестирования очередное обновление модулей AVEngine, Pbs,kdl, SystemWatcher, Integrity Control, Klsihk

    Источник обновлений: http://dnl-test.kaspersky-labs.com/test/iro/

     

    Дата релиза:

    25 сентября 2017 (начало таргетирования)

     

    Описание обновления:

     

    ________________________________________

    Pbs.kdl

    60aa62214d3b705a21f5dac5637bb372 *pbs.kdl

    3a0e4de0558b4fb674ccab1410906774 *mod/pbs.kdl

     

    Список изменений: 

    - смена механизма сжатия с KLAVPack на KLZ

    - добавление верификации подписи и подписи PPL signature

    ________________________________________

    AVengine

    Windows

    MD5 (x86):                   824fb481d0558926baa07a8187e2e912

    MD5 (mod, x86):       fc5ff99e42c428a8155bdb97d55e4a8a

     

    MD5 (x64):                   da30a18044d7cdc05c9de0f20edb666d

     

    Mac

    MD5 (x86):                   67b2298167d01163dcbc2672d4dd6ce8

     

    Linux

    MD5 (x86):                   978e0b89e8238dc428af82aace5d77e1

    MD5 (x64):                   06e399905420beb27e4dea572dd1d006

     

    FreeBSD

    MD5 (8, x86):              a38e7041afd413e25bb587712d2f5b2f

    MD5 (8, x64):              3010dc0daa7621f4df9a7c76f2eb42df

    MD5 (9, x86):              69d122b92c3e627e301e77e4de05d0ff

    MD5 (9, x64):              757cbc2b541a72d4b1736ec5ffebce95

     

    Список изменений:

    - поддержка сканирования HTTP-запросов

    - добавление Анти-Криптора в KESL10

    - фикс конфликта System Watcher и Hancom в KES10SP2

    - исправление багов

    Как тестировать

    ________________________________________

     

    SystemWatcher

      klavasyswatch.dll (x86, unmod) Version: 2.3.6.2285 MD5: B0C8AB593399F9AD9080416A8BDADF7D GOST: 4B58FD5E7CE6BD0784FC4B8EFA9E576BA950A73A567FC5ABACF962D1DFA31F89
      klavasyswatch.dll (x86, mod) Version: 2.3.6.2286 MD5: F8B82A64A4A2276A450A3533C064C53D GOST: 7B285FE7E70830C1E57A0BBA2D562B6B830B942A1BAD4B5C4587E099E23B2C7F
      sw2.xms (unmod)   MD5: A27821B736A3AE8B48BD1E19D9A5B28D GOST: 21C4CC69671956CDA202E8EEBBB8C5CF0500220095E58A6073F4FCC15482054F
      sw2.xms (mod)   MD5: C81CFA78740025E80F041A8049B87335 GOST: 4759099145693735DF2BF7C4F8E5B255177A48190AE01DFBFE5C32329F8D6165
      rollback.dll (x86, unmod) Version: 2.0.0.1298 MD5: DF6D392D69DC5CCC57176C201E5596DF GOST: 1C58A2F106F3C7454674A79B69630F9B7BEE749269792C250190019713E40001
      rollback.dll (x86, mod) Version: 2.0.0.1299 MD5: F3C2424524B6E99112D9CDD263C38CE6 GOST: 48687D6EA75441A431C6937972A9EE3896F5A798C2D8378E4E0D7B347D414EBF
      sw2ar.xms   MD5: BF8C97C6CB4E211ED1946726CAC6C4C8 GOST: F227AC9C0A6B763D40FA63DFD58F96432B1447D9D674C97B36FC5B4EA16B255D
      amsi_plugin32.dll (x86, unmod) Version: 2.3.6.2285 MD5: 883EC2DB4FE3F2A99E8C73B22755ECC2 GOST: BF4F4FA4B9518B47FB030D15BB5EA346E3F2F19795D30403E73BE68EA9D7ED77
      amsi_plugin32.dll (x86, mod) Version: 2.3.6.2286 MD5: 6F46E33BD889E5886B4F6E2B8B942907 GOST: EFEA8AC06448E2FCC2F05F28EBA7807BBD43AD957776E97EB4F69C50EB265E11
      amsi_plugin64.dll (x64, unmod) Version: 2.3.6.2285 MD5: DB180F66AF070D02BDDB71058B76F2D5 GOST: 22DBF6111960121F7BC71A06188BACF32CFF93DB3DE4E6A0889297CB80DABDEE
      amsi_plugin64.dll (x64, mod) Version: 2.3.6.2286 MD5: A2EEE2564D4D5E03CB841B8C221825B1 GOST: FC2E8941EF4FA3B00B617D264E1C5B478A0AAFAAFCC0496280683FD362443E3C
      klpshk32.dll (x86, unmod) Version: 1.0.0.0 MD5: 8F6D5D3589ED9B1891D461BCBDC6D11F GOST: D50B368C78C0CA43E940E23E730E563F0B59F894FCD29543C7580F39EB2EC691
      klpshk32.dll (x86, mod) Version: 1.0.0.0 MD5: 8FF6F70648D64D1B9E43CBA6DF6A6DB2 GOST: 394035793AA6C9E40E8A30EF8EE442DA563122F31F19A56EC261EFAED0F9B104
      klpshk64.dll (x64, unmod) Version: 1.0.0.0 MD5: F685B9EE09950AE3754225290547751C GOST: 2296B5F2537837680ADB7A35C2E0D97BB701F96BB6F1216258FED28942531822
      klpshk64.dll (x64, mod) Version: 1.0.0.0 MD5: 4BCF79ACBEFC2DCB00A1D4BAFA416CC7 GOST: CB0D230DDA43DBE807B41A6B86329D45FDB498D8D54BD9D279AD6890671F9B2B

    Список изменений:

    - поддержка механизма AMSI для 2018+

    - детектирование крипторов, исопользующих мапинг при шифровании

    - фикс дампов

    Как тестировать

    ________________________________________

     

    Integrity Control

    intctrl.kdl (x86, unmod)    Version: 2.3.0.113    MD5: 6F3A2F77E91B4B13F35CD5DBAC9FC648    GOST: 8CE850F873C22F012842D9D4F0D44F8A5C2EF6CDF78C5785D0CB42C2FCEA7582
    intctrl.kdl (x86, mod)    Version: 2.3.0.114    MD5: 618F47A91F8125E05ADEF37E5268C723    GOST: 7CF90F095D19354F3BFE92A78F3575F1EE58928FFC9A95525894058514000969

    Список изменений:

    - улучшение механизма детектирования

    Как тестировать

    ________________________________________

     

    KLSIHK 


    klsihk.dll 14.0.596.0  af6c1cd3e289a4a65a37ea7915692f195
    klsihk64.dll 14.0.596.0   e1390916e5873df4f0bcba5761f6278e
    klsihk64l.dll 14.0.596.0   aa2330d7e835da9b548832bd0d04479e

    Список изменений:

    - поддержка браузера Edge
     

    Как тестировать

    ________________________________________

    FAQ по тестированию:

    Обновление, таргетирование итд


  6. Hello!

    We are asking you to test IC, SW2, klsihk modules update

    Update available from: http://dnl-test.kaspersky-labs.com/test/iro/

     

    Release date:

    25 September 2017 (start of targeting)

    Update description:

     

    Avengnie 2.3.0.2:

    Windows

    MD5 (x86):                   824fb481d0558926baa07a8187e2e912

    MD5 (mod, x86):       fc5ff99e42c428a8155bdb97d55e4a8a

     

    MD5 (x64):                   da30a18044d7cdc05c9de0f20edb666d

     

    Mac

    MD5 (x86):                   67b2298167d01163dcbc2672d4dd6ce8

     

    Linux

    MD5 (x86):                   978e0b89e8238dc428af82aace5d77e1

    MD5 (x64):                   06e399905420beb27e4dea572dd1d006

     

    FreeBSD

    MD5 (8, x86):              a38e7041afd413e25bb587712d2f5b2f

    MD5 (8, x64):              3010dc0daa7621f4df9a7c76f2eb42df

    MD5 (9, x86):              69d122b92c3e627e301e77e4de05d0ff

    MD5 (9, x64):              757cbc2b541a72d4b1736ec5ffebce95

     

    Changelist:

    Support HTTP request scanning

    Add Anti-Cryptor в KESL10

    Fix KES10SP2 System Watcher conflict with Hancom

    Bug fix

     

    PBS.kdl

    2.5.0.9 

    60aa62214d3b705a21f5dac5637bb372 *pbs.kdl

    3a0e4de0558b4fb674ccab1410906774 *mod/pbs.kdl

     

    Changelist: 

    Change compression mechanism from KLAVPack to KLZ

    Add verisign и PPL signature

     

     

    Integrity Control

    intctrl.kdl (x86, unmod)    Version: 2.3.0.113    MD5: 6F3A2F77E91B4B13F35CD5DBAC9FC648    GOST: 8CE850F873C22F012842D9D4F0D44F8A5C2EF6CDF78C5785D0CB42C2FCEA7582
    intctrl.kdl (x86, mod)    Version: 2.3.0.114    MD5: 618F47A91F8125E05ADEF37E5268C723    GOST: 7CF90F095D19354F3BFE92A78F3575F1EE58928FFC9A95525894058514000969
     

    Changelist:

    - improvements of detection mechanisms

    How to test

     

    SystemWatcher

      klavasyswatch.dll (x86, unmod) Version: 2.3.6.2285 MD5: B0C8AB593399F9AD9080416A8BDADF7D GOST: 4B58FD5E7CE6BD0784FC4B8EFA9E576BA950A73A567FC5ABACF962D1DFA31F89
      klavasyswatch.dll (x86, mod) Version: 2.3.6.2286 MD5: F8B82A64A4A2276A450A3533C064C53D GOST: 7B285FE7E70830C1E57A0BBA2D562B6B830B942A1BAD4B5C4587E099E23B2C7F
      sw2.xms (unmod)   MD5: A27821B736A3AE8B48BD1E19D9A5B28D GOST: 21C4CC69671956CDA202E8EEBBB8C5CF0500220095E58A6073F4FCC15482054F
      sw2.xms (mod)   MD5: C81CFA78740025E80F041A8049B87335 GOST: 4759099145693735DF2BF7C4F8E5B255177A48190AE01DFBFE5C32329F8D6165
      rollback.dll (x86, unmod) Version: 2.0.0.1298 MD5: DF6D392D69DC5CCC57176C201E5596DF GOST: 1C58A2F106F3C7454674A79B69630F9B7BEE749269792C250190019713E40001
      rollback.dll (x86, mod) Version: 2.0.0.1299 MD5: F3C2424524B6E99112D9CDD263C38CE6 GOST: 48687D6EA75441A431C6937972A9EE3896F5A798C2D8378E4E0D7B347D414EBF
      sw2ar.xms   MD5: BF8C97C6CB4E211ED1946726CAC6C4C8 GOST: F227AC9C0A6B763D40FA63DFD58F96432B1447D9D674C97B36FC5B4EA16B255D
      amsi_plugin32.dll (x86, unmod) Version: 2.3.6.2285 MD5: 883EC2DB4FE3F2A99E8C73B22755ECC2 GOST: BF4F4FA4B9518B47FB030D15BB5EA346E3F2F19795D30403E73BE68EA9D7ED77
      amsi_plugin32.dll (x86, mod) Version: 2.3.6.2286 MD5: 6F46E33BD889E5886B4F6E2B8B942907 GOST: EFEA8AC06448E2FCC2F05F28EBA7807BBD43AD957776E97EB4F69C50EB265E11
      amsi_plugin64.dll (x64, unmod) Version: 2.3.6.2285 MD5: DB180F66AF070D02BDDB71058B76F2D5 GOST: 22DBF6111960121F7BC71A06188BACF32CFF93DB3DE4E6A0889297CB80DABDEE
      amsi_plugin64.dll (x64, mod) Version: 2.3.6.2286 MD5: A2EEE2564D4D5E03CB841B8C221825B1 GOST: FC2E8941EF4FA3B00B617D264E1C5B478A0AAFAAFCC0496280683FD362443E3C
      klpshk32.dll (x86, unmod) Version: 1.0.0.0 MD5: 8F6D5D3589ED9B1891D461BCBDC6D11F GOST: D50B368C78C0CA43E940E23E730E563F0B59F894FCD29543C7580F39EB2EC691
      klpshk32.dll (x86, mod) Version: 1.0.0.0 MD5: 8FF6F70648D64D1B9E43CBA6DF6A6DB2 GOST: 394035793AA6C9E40E8A30EF8EE442DA563122F31F19A56EC261EFAED0F9B104
      klpshk64.dll (x64, unmod) Version: 1.0.0.0 MD5: F685B9EE09950AE3754225290547751C GOST: 2296B5F2537837680ADB7A35C2E0D97BB701F96BB6F1216258FED28942531822
      klpshk64.dll (x64, mod) Version: 1.0.0.0 MD5: 4BCF79ACBEFC2DCB00A1D4BAFA416CC7 GOST: CB0D230DDA43DBE807B41A6B86329D45FDB498D8D54BD9D279AD6890671F9B2B

    Changelist:

    - mapping cryptors detection

    - AMSI support for 2018+

    - dumps fixes

    How to test

     

    Klsihk

    klsihk.dll 14.0.596.0  af6c1cd3e289a4a65a37ea7915692f195
    klsihk64.dll 14.0.596.0   e1390916e5873df4f0bcba5761f6278e
    klsihk64l.dll 14.0.596.0   aa2330d7e835da9b548832bd0d04479e

    changelog:
    Support for Edge browser
    How to test

     

    How to update:

    Update etc


  7. Hello!

    We are asking you to test IC, SW2 modules update

    Update available from: http://dnl-test.kaspersky-labs.com/test/iro/

     

    Release date:

    25 September 2017 (start of targeting)

    Update description:

     

    Avengnie 2.3.0.2:

    Windows

    MD5 (x86):                   824fb481d0558926baa07a8187e2e912

    MD5 (mod, x86):       fc5ff99e42c428a8155bdb97d55e4a8a

     

    MD5 (x64):                   da30a18044d7cdc05c9de0f20edb666d

     

    Mac

    MD5 (x86):                   67b2298167d01163dcbc2672d4dd6ce8

     

    Linux

    MD5 (x86):                   978e0b89e8238dc428af82aace5d77e1

    MD5 (x64):                   06e399905420beb27e4dea572dd1d006

     

    FreeBSD

    MD5 (8, x86):              a38e7041afd413e25bb587712d2f5b2f

    MD5 (8, x64):              3010dc0daa7621f4df9a7c76f2eb42df

    MD5 (9, x86):              69d122b92c3e627e301e77e4de05d0ff

    MD5 (9, x64):              757cbc2b541a72d4b1736ec5ffebce95

     

    Changelist:

    Support HTTP request scanning

    Add Anti-Cryptor в KESL10

    Fix KES10SP2 System Watcher conflict with Hancom

    Bug fix

     

    PBS.kdl

    2.5.0.9 

    60aa62214d3b705a21f5dac5637bb372 *pbs.kdl

    3a0e4de0558b4fb674ccab1410906774 *mod/pbs.kdl

     

    Changelist: 

    Change compression mechanism from KLAVPack to KLZ

    Add verisign и PPL signature

     

     

    Integrity Control

    intctrl.kdl (x86, unmod)    Version: 2.3.0.113    MD5: 6F3A2F77E91B4B13F35CD5DBAC9FC648    GOST: 8CE850F873C22F012842D9D4F0D44F8A5C2EF6CDF78C5785D0CB42C2FCEA7582
    intctrl.kdl (x86, mod)    Version: 2.3.0.114    MD5: 618F47A91F8125E05ADEF37E5268C723    GOST: 7CF90F095D19354F3BFE92A78F3575F1EE58928FFC9A95525894058514000969
     

    Changelist:

    - improvements of detection mechanisms

    How to test

     

    SystemWatcher

      klavasyswatch.dll (x86, unmod) Version: 2.3.6.2285 MD5: B0C8AB593399F9AD9080416A8BDADF7D GOST: 4B58FD5E7CE6BD0784FC4B8EFA9E576BA950A73A567FC5ABACF962D1DFA31F89
      klavasyswatch.dll (x86, mod) Version: 2.3.6.2286 MD5: F8B82A64A4A2276A450A3533C064C53D GOST: 7B285FE7E70830C1E57A0BBA2D562B6B830B942A1BAD4B5C4587E099E23B2C7F
      sw2.xms (unmod)   MD5: A27821B736A3AE8B48BD1E19D9A5B28D GOST: 21C4CC69671956CDA202E8EEBBB8C5CF0500220095E58A6073F4FCC15482054F
      sw2.xms (mod)   MD5: C81CFA78740025E80F041A8049B87335 GOST: 4759099145693735DF2BF7C4F8E5B255177A48190AE01DFBFE5C32329F8D6165
      rollback.dll (x86, unmod) Version: 2.0.0.1298 MD5: DF6D392D69DC5CCC57176C201E5596DF GOST: 1C58A2F106F3C7454674A79B69630F9B7BEE749269792C250190019713E40001
      rollback.dll (x86, mod) Version: 2.0.0.1299 MD5: F3C2424524B6E99112D9CDD263C38CE6 GOST: 48687D6EA75441A431C6937972A9EE3896F5A798C2D8378E4E0D7B347D414EBF
      sw2ar.xms   MD5: BF8C97C6CB4E211ED1946726CAC6C4C8 GOST: F227AC9C0A6B763D40FA63DFD58F96432B1447D9D674C97B36FC5B4EA16B255D
      amsi_plugin32.dll (x86, unmod) Version: 2.3.6.2285 MD5: 883EC2DB4FE3F2A99E8C73B22755ECC2 GOST: BF4F4FA4B9518B47FB030D15BB5EA346E3F2F19795D30403E73BE68EA9D7ED77
      amsi_plugin32.dll (x86, mod) Version: 2.3.6.2286 MD5: 6F46E33BD889E5886B4F6E2B8B942907 GOST: EFEA8AC06448E2FCC2F05F28EBA7807BBD43AD957776E97EB4F69C50EB265E11
      amsi_plugin64.dll (x64, unmod) Version: 2.3.6.2285 MD5: DB180F66AF070D02BDDB71058B76F2D5 GOST: 22DBF6111960121F7BC71A06188BACF32CFF93DB3DE4E6A0889297CB80DABDEE
      amsi_plugin64.dll (x64, mod) Version: 2.3.6.2286 MD5: A2EEE2564D4D5E03CB841B8C221825B1 GOST: FC2E8941EF4FA3B00B617D264E1C5B478A0AAFAAFCC0496280683FD362443E3C
      klpshk32.dll (x86, unmod) Version: 1.0.0.0 MD5: 8F6D5D3589ED9B1891D461BCBDC6D11F GOST: D50B368C78C0CA43E940E23E730E563F0B59F894FCD29543C7580F39EB2EC691
      klpshk32.dll (x86, mod) Version: 1.0.0.0 MD5: 8FF6F70648D64D1B9E43CBA6DF6A6DB2 GOST: 394035793AA6C9E40E8A30EF8EE442DA563122F31F19A56EC261EFAED0F9B104
      klpshk64.dll (x64, unmod) Version: 1.0.0.0 MD5: F685B9EE09950AE3754225290547751C GOST: 2296B5F2537837680ADB7A35C2E0D97BB701F96BB6F1216258FED28942531822
      klpshk64.dll (x64, mod) Version: 1.0.0.0 MD5: 4BCF79ACBEFC2DCB00A1D4BAFA416CC7 GOST: CB0D230DDA43DBE807B41A6B86329D45FDB498D8D54BD9D279AD6890671F9B2B

    Changelist:

    - mapping cryptors detection

    - AMSI support for 2018+

    - dumps fixes

    How to test

     

    How to update:

    Update etc


  8. Всем привет!

    Доступно для тестирования очередное обновление модулей KJIM, Interprecz, VLNS, SW2

    Источник обновлений: http://dnl-test.kaspersky-labs.com/test/iro/

     

    Дата релиза:

    11 September 2017 (начало таргетирования)

    Описание обновления:

     

    KJIM

     

    x86/kjim.kdl                  5.29.0.3             b3cd6222535ff14c8df78356856915cb

    x86/mod/kjim.kdl          5.29.0.3             37461d2f4529bc99373c18fea59d884e

    x64/kjim.kdl                  5.29.0.3             636dcc6f929dde8e370cc62f49dfebd5

     

    Список изменений:

    - фиксы обработки VBA, HTA, JS

    - изменение механизма подсчёта хэшей

    Как тестировать



    VLNS
     
    DDD12FA804F5FE69CCA19B8F0A49A6A7  vlns.kdl

    B734347B75B07D3C65004D587FB94401  vlns.kdl (mod)

     

    Список изменений:

    фикс проверки версий файлов

    Как тестировать

     

    Interprecz

    interprecz.dll (x86, unmod)

    Version: 2.0.65.0

    MD5: 159C1770B233031FC25E1B29572EE58D

    GOST: 1F5E06B6C9014E744844E761196C0091BA06376189EFD474069FC4EF4569F20E

    interprecz.dll (x86, mod)

    Version: 2.0.65.0

    MD5: 159C1770B233031FC25E1B29572EE58D

    GOST: 1F5E06B6C9014E744844E761196C0091BA06376189EFD474069FC4EF4569F20E

    Список изменений::

    - улучшения обработки нескольких скриптов

    Как тестировать

     

    SystemWatcher

      klavasyswatch.dll (x86, unmod) Version: 2.3.6.2253 MD5: A58312E1F24B9986415370DC7B2C0CCC GOST: 8EEACE37F255C3ED8624785E0B6BCA16433BD62E2FF92C076AFB33689823C6EA
      klavasyswatch.dll (x86, mod) Version: 2.3.6.2254 MD5: 7FC93B169307442220884109C1F6638C GOST: 672355743321716072C04942988B86022FFE58969BBD413EABF136F258D6E7A9
      sw2.xms (unmod)   MD5: FE39C027D50FA83E26E11ADB5099FC30 GOST: 24F3E690E5DF2EAF994CF146C0304750B3813745D85E9EF1EB9916504C0A6608
      sw2.xms (mod)   MD5: 1DD4DAA0F8D9619E024F6303AD0CE24E GOST: BCAC550ACC726328F30CD70669DF6B66EBF89E6041EE63472FD3ECBB3645CE88
      rollback.dll (x86, unmod) Version: 2.0.0.1298 MD5: DF6D392D69DC5CCC57176C201E5596DF GOST: 1C58A2F106F3C7454674A79B69630F9B7BEE749269792C250190019713E40001
      rollback.dll (x86, mod) Version: 2.0.0.1299 MD5: F3C2424524B6E99112D9CDD263C38CE6 GOST: 48687D6EA75441A431C6937972A9EE3896F5A798C2D8378E4E0D7B347D414EBF
             
             
      sw2ar.xms   MD5: BF8C97C6CB4E211ED1946726CAC6C4C8 GOST: F227AC9C0A6B763D40FA63DFD58F96432B1447D9D674C97B36FC5B4EA16B255D
      amsi_plugin32.dll (x86, unmod)   MD5: 79EF32FA314B4CF760EEAF239D44E82E GOST: 0AF43894A07DDE1B12261DB1107CDB2813F313B870EAC98A4D21486E834CA459
      amsi_plugin32.dll (x86, mod)   MD5: 17701AA133F5E6B86FC8F6B300FB84D7 GOST: DBD2369682EF51C97856D76A4FC92A9AC1857E717FB0B71BDC7ECA808BB2E315
      amsi_plugin64.dll (x64, unmod)   MD5: FDC219AA0CE1C36171386F9B24AB7525 GOST: 94583A1F20D0ACBF3F97A203FF6ECC216ED4B2B08A8E75ECDF8B9EBED62602D6
      amsi_plugin64.dll (x64, mod)   MD5: 49BCA66654C5881EC767509812537D49 GOST: 4FEAF581F44B0298E9E9F5CD1916FB6C4F9B331E0B44A0655EB1B245A1913A7C
      klpshk32.dll (x86, unmod)   MD5: 8F6D5D3589ED9B1891D461BCBDC6D11F GOST: D50B368C78C0CA43E940E23E730E563F0B59F894FCD29543C7580F39EB2EC691
      klpshk32.dll (x86, mod)   MD5: 8FF6F70648D64D1B9E43CBA6DF6A6DB2 GOST: 394035793AA6C9E40E8A30EF8EE442DA563122F31F19A56EC261EFAED0F9B104
      klpshk64.dll (x64, unmod)   MD5: F685B9EE09950AE3754225290547751C GOST: 2296B5F2537837680ADB7A35C2E0D97BB701F96BB6F1216258FED28942531822
      klpshk64.dll (x64, mod)   MD5: 4BCF79ACBEFC2DCB00A1D4BAFA416CC7 GOST: CB0D230DDA43DBE807B41A6B86329D45FDB498D8D54BD9D279AD6890671F9B2B

    Список изменений:

    - поддержка механизма AMSI для 2018+

    - детектирование крипторов, исопользующих мапинг при шифровании

    - фикс дампов

    Как тестировать

     

    Как получить обновление:

    Update etc

     


  9. Hello!

    We are asking you to test KJIM, Interprecz, VLNS, SW2 modules update

    Update available from: http://dnl-test.kaspersky-labs.com/test/iro/

     

    Release date:

    11 September 2017 (start of targeting)

    Update description:

     

    KJIM

     

    x86/kjim.kdl                  5.29.0.3             b3cd6222535ff14c8df78356856915cb

    x86/mod/kjim.kdl          5.29.0.3             37461d2f4529bc99373c18fea59d884e

    x64/kjim.kdl                  5.29.0.3             636dcc6f929dde8e370cc62f49dfebd5

     

    Changelog:

    - VBA, HTA, JS fixes

    - changes in hash counting mechanism

    How to test



    VLNS
     
    Update description:

    DDD12FA804F5FE69CCA19B8F0A49A6A7  vlns.kdl

    B734347B75B07D3C65004D587FB94401  vlns.kdl (mod)

     

    Changes:

    Bugfix in file version check

    How to test

     

    Interprecz

    interprecz.dll (x86, unmod)

    Version: 2.0.65.0

    MD5: 159C1770B233031FC25E1B29572EE58D

    GOST: 1F5E06B6C9014E744844E761196C0091BA06376189EFD474069FC4EF4569F20E

    interprecz.dll (x86, mod)

    Version: 2.0.65.0

    MD5: 159C1770B233031FC25E1B29572EE58D

    GOST: 1F5E06B6C9014E744844E761196C0091BA06376189EFD474069FC4EF4569F20E

    Changelog:

    - improvement of work with multiple scripts

    How to test

     

    SystemWatcher

      klavasyswatch.dll (x86, unmod) Version: 2.3.6.2253 MD5: A58312E1F24B9986415370DC7B2C0CCC GOST: 8EEACE37F255C3ED8624785E0B6BCA16433BD62E2FF92C076AFB33689823C6EA
      klavasyswatch.dll (x86, mod) Version: 2.3.6.2254 MD5: 7FC93B169307442220884109C1F6638C GOST: 672355743321716072C04942988B86022FFE58969BBD413EABF136F258D6E7A9
      sw2.xms (unmod)   MD5: FE39C027D50FA83E26E11ADB5099FC30 GOST: 24F3E690E5DF2EAF994CF146C0304750B3813745D85E9EF1EB9916504C0A6608
      sw2.xms (mod)   MD5: 1DD4DAA0F8D9619E024F6303AD0CE24E GOST: BCAC550ACC726328F30CD70669DF6B66EBF89E6041EE63472FD3ECBB3645CE88
      rollback.dll (x86, unmod) Version: 2.0.0.1298 MD5: DF6D392D69DC5CCC57176C201E5596DF GOST: 1C58A2F106F3C7454674A79B69630F9B7BEE749269792C250190019713E40001
      rollback.dll (x86, mod) Version: 2.0.0.1299 MD5: F3C2424524B6E99112D9CDD263C38CE6 GOST: 48687D6EA75441A431C6937972A9EE3896F5A798C2D8378E4E0D7B347D414EBF
             
             
      sw2ar.xms   MD5: BF8C97C6CB4E211ED1946726CAC6C4C8 GOST: F227AC9C0A6B763D40FA63DFD58F96432B1447D9D674C97B36FC5B4EA16B255D
      amsi_plugin32.dll (x86, unmod)   MD5: 79EF32FA314B4CF760EEAF239D44E82E GOST: 0AF43894A07DDE1B12261DB1107CDB2813F313B870EAC98A4D21486E834CA459
      amsi_plugin32.dll (x86, mod)   MD5: 17701AA133F5E6B86FC8F6B300FB84D7 GOST: DBD2369682EF51C97856D76A4FC92A9AC1857E717FB0B71BDC7ECA808BB2E315
      amsi_plugin64.dll (x64, unmod)   MD5: FDC219AA0CE1C36171386F9B24AB7525 GOST: 94583A1F20D0ACBF3F97A203FF6ECC216ED4B2B08A8E75ECDF8B9EBED62602D6
      amsi_plugin64.dll (x64, mod)   MD5: 49BCA66654C5881EC767509812537D49 GOST: 4FEAF581F44B0298E9E9F5CD1916FB6C4F9B331E0B44A0655EB1B245A1913A7C
      klpshk32.dll (x86, unmod)   MD5: 8F6D5D3589ED9B1891D461BCBDC6D11F GOST: D50B368C78C0CA43E940E23E730E563F0B59F894FCD29543C7580F39EB2EC691
      klpshk32.dll (x86, mod)   MD5: 8FF6F70648D64D1B9E43CBA6DF6A6DB2 GOST: 394035793AA6C9E40E8A30EF8EE442DA563122F31F19A56EC261EFAED0F9B104
      klpshk64.dll (x64, unmod)   MD5: F685B9EE09950AE3754225290547751C GOST: 2296B5F2537837680ADB7A35C2E0D97BB701F96BB6F1216258FED28942531822
      klpshk64.dll (x64, mod)   MD5: 4BCF79ACBEFC2DCB00A1D4BAFA416CC7 GOST: CB0D230DDA43DBE807B41A6B86329D45FDB498D8D54BD9D279AD6890671F9B2B

    Changelog:

    - AMSI support for 2018+

    - mapping cryptors detection

    - dumps fixes

    How to test

     

    How to update:

    Update etc


  10. Всем привет!

    Доступно для тестирования очередное обновление модулей Integrity Control, KLSIHK, AVZ, VLNS3, AVEngine, Kimul

    Источник обновлений: http://dnl-test.kaspersky-labs.com/test/iro/

     

    Дата релиза:

    28 Августа 2017 (начало таргетирования)

     

    Описание обновления:

    Klsihk:

    klsihk.dll 14.0.455.0  164551a8149dfd804320b94680724291 
    klsihk64.dll 14.0.455.0 7f12e3fd789855ac8e9bee18e4b9c70f
    klsihk64l.dll 14.0.455.0 05bedab5952537ab078cfaa2292f01bf

    Изменения:

    - улучшена поддержка Edge

    Как тестировать


    AVZ
                     
    •    bt.avz MD5: 823e52692a833753943d899d09aa5409
    •    tsw.avz MD5: 70d8d7e485fe517ced3424d971646b8c
    •    tsw-auto.avz MD5: 8505298ec4daac45ff05fe3e13ad4e6d


    Продукты :
    KAVKIS2009+, KES8+, KSOS2+, Pure2+, KSVLA3+, KSS, KSC (System Checker).

    Изменения:
    -          Улучшения скриптов, используемых средствами: Browser Configuration, Microsoft Windows Troubleshooting (или AVZ scan в KES).

    Как тестировать


    VLNS3

    •         vlns3_engine.dll (2.2.2.27) hash: 4f2fa8e2a8b851a9c3df860079643596
    •         vlns3_convert.dll (2.2.2.27) hash: 8985f85a77a687a668bf7fcb3be5383b

    Изменения:
    •         BF 2182691: Errors in eventlog
    •         BF 2274925:Vapm thread hangs after update when tries to get new vlns3 engine info.


    Продукты :
    •         Kaspersky Security Center 10

    Как тестировать


    Avengine 2.2.0.35

    Linux:
    x86         MD5:     437aae11b6f06e1f8bdaf7c63b5184c7
    x64         MD5:     215ee55531dbda5ff19cf764597a8177

    FreeBSD 8 (10, 11):
    x86         MD5:     e15e05c069a05e06ca65aa3466307309
    x64         MD5:     06d6e2d6a15b9174c00b1d7e0f3ab367

    FreeBSD 9:
    x86         MD5:     ea8addff131117bde4f9102f382b11fa
    x64         MD5:     65e997f99b6a22152a419b8b1842bdd3

    Изменения:
    ∙              Актуализация версии Avengine для nix и bsd
    ∙              Исправления падений

    Как тестировать


    Kimul v46 for MacOS

    78145f720a5ea1258ada2da679bb0c32 *kimul.signed.tar.gz
    306c82e494e4b7e634b33404f4929310 *kimul.tar.gz

    Изменения:
    - Изменён Bundleid для новых механизмов безопасности Apple
     

    IntegrityControl

    2.3.0.107: 
    9e71c93a2070fb2dc51117b57d0ff417 - intctrl.kdl 
    2.3.0.108 (mod) 
    caf4be75f9060457c4bef20b8e84902d - intctrl.kdl

    Изменения:
    -    Поддержка Win10

    How to test
     

    Как получить обновление:

    Update etc


  11. Hello!

    We are asking you to test Integrity Control, KLSIHK, AVZ, VLNS3, AVEngine, Kimul modules update

    Update available from: http://dnl-test.kaspersky-labs.com/test/iro/

     

    Release date:

    28 Aug 2017 (start of targeting)

    Update description:

     

    Klsihk:

    klsihk.dll 14.0.455.0  164551a8149dfd804320b94680724291 
    klsihk64.dll 14.0.455.0 7f12e3fd789855ac8e9bee18e4b9c70f
    klsihk64l.dll 14.0.455.0 05bedab5952537ab078cfaa2292f01bf

    changelog:
    Support for Edge improved

    How to test:

     


    AVZ
     
    Update description:
                    
    •    bt.avz MD5: 823e52692a833753943d899d09aa5409
    •    tsw.avz MD5: 70d8d7e485fe517ced3424d971646b8c
    •    tsw-auto.avz MD5: 8505298ec4daac45ff05fe3e13ad4e6d


    Products :
    KAVKIS2009+, KES8+, KSOS2+, Pure2+, KSVLA3+, KSS, KSC (System Checker).

    New features & fixed issues:
    -          Improvements in scripts used by tools : Browser Configuration, Microsoft Windows Troubleshooting (or AVZ scan in KES).

    How to test :

     


    VLNS3
     
    Update description:
    •         vlns3_engine.dll (2.2.2.27) hash: 4f2fa8e2a8b851a9c3df860079643596
    •         vlns3_convert.dll (2.2.2.27) hash: 8985f85a77a687a668bf7fcb3be5383b

    Changes:
    •         BF 2182691: Errors in eventlog
    •         BF 2274925:Vapm thread hangs after update when tries to get new vlns3 engine info.


    Products :
    •         Kaspersky Security Center 10

    How to test:

     


    Avengine 2.2.0.35


    Linux:
    x86         MD5:     437aae11b6f06e1f8bdaf7c63b5184c7
    x64         MD5:     215ee55531dbda5ff19cf764597a8177

    FreeBSD 8 (10, 11):
    x86         MD5:     e15e05c069a05e06ca65aa3466307309
    x64         MD5:     06d6e2d6a15b9174c00b1d7e0f3ab367

    FreeBSD 9:
    x86         MD5:     ea8addff131117bde4f9102f382b11fa
    x64         MD5:     65e997f99b6a22152a419b8b1842bdd3

    Changelist:
    ∙               Actualization version of Avengine for nix and bsd
    ∙               Crash fix

    How to test:

     


    Kimul v46 for MacOS

    78145f720a5ea1258ada2da679bb0c32 *kimul.signed.tar.gz
    306c82e494e4b7e634b33404f4929310 *kimul.tar.gz

    Changelist:
    Changed Bundleid for new Apple security mechanism


    Integrity Control

    2.3.0.107: 
    9e71c93a2070fb2dc51117b57d0ff417 - intctrl.kdl 
    2.3.0.108 (mod) 
    caf4be75f9060457c4bef20b8e84902d - intctrl.kdl

    Changelog:
    -    Win10 support

    How to test:

    How to update:

    Update etc


  12. Hello!

    We are asking you to test Integrity Control, KLSIHK, AVZ, VLNS3, AVEngine, Kimul modules update

    Update available from: http://dnl-test.kaspersky-labs.com/test/iro/

     

    Release date:

    28 Aug 2017 (start of targeting)

    Update description:

     

    Klsihk:

    klsihk.dll 14.0.455.0  164551a8149dfd804320b94680724291 
    klsihk64.dll 14.0.455.0 7f12e3fd789855ac8e9bee18e4b9c70f
    klsihk64l.dll 14.0.455.0 05bedab5952537ab078cfaa2292f01bf

    changelog:
    Support for Edge improved

    How to test:
    https://forum.kaspersky.com/index.php?/topic/357379-faq-testing-of-klsihk/


    AVZ
     
    Update description:
                    
    •    bt.avz MD5: 823e52692a833753943d899d09aa5409
    •    tsw.avz MD5: 70d8d7e485fe517ced3424d971646b8c
    •    tsw-auto.avz MD5: 8505298ec4daac45ff05fe3e13ad4e6d


    Products :
    KAVKIS2009+, KES8+, KSOS2+, Pure2+, KSVLA3+, KSS, KSC (System Checker).

    New features & fixed issues:
    -          Improvements in scripts used by tools : Browser Configuration, Microsoft Windows Troubleshooting (or AVZ scan in KES).

    How to test :
    https://forum.kaspersky.com/index.php?/topic/334482-faq-testing-avz-bases-update/


    VLNS3
     
    Update description:
    •         vlns3_engine.dll (2.2.2.27) hash: 4f2fa8e2a8b851a9c3df860079643596
    •         vlns3_convert.dll (2.2.2.27) hash: 8985f85a77a687a668bf7fcb3be5383b

    Changes:
    •         BF 2182691: Errors in eventlog
    •         BF 2274925:Vapm thread hangs after update when tries to get new vlns3 engine info.


    Products :
    •         Kaspersky Security Center 10

    How to test:
    https://forum.kaspersky.com/index.php?/topic/311132-faq-testing-of-vlns3_enginedll/


    Avengine 2.2.0.35


    Linux:
    x86         MD5:     437aae11b6f06e1f8bdaf7c63b5184c7
    x64         MD5:     215ee55531dbda5ff19cf764597a8177

    FreeBSD 8 (10, 11):
    x86         MD5:     e15e05c069a05e06ca65aa3466307309
    x64         MD5:     06d6e2d6a15b9174c00b1d7e0f3ab367

    FreeBSD 9:
    x86         MD5:     ea8addff131117bde4f9102f382b11fa
    x64         MD5:     65e997f99b6a22152a419b8b1842bdd3

    Changelist:
    ∙               Actualization version of Avengine for nix and bsd
    ∙               Crash fix

    How to test:
    https://forum.kaspersky.com/index.php?/topic/310312-faq-testing-of-avenginedll/


    Kimul v46 for MacOS

    78145f720a5ea1258ada2da679bb0c32 *kimul.signed.tar.gz
    306c82e494e4b7e634b33404f4929310 *kimul.tar.gz

    Changelist:
    Changed Bundleid for new Apple security mechanism


    Integrity Control

    2.3.0.107: 
    9e71c93a2070fb2dc51117b57d0ff417 - intctrl.kdl 
    2.3.0.108 (mod) 
    caf4be75f9060457c4bef20b8e84902d - intctrl.kdl

    Changelog:
    -    Win10 support

    How to test:
    https://forum.kaspersky.com/index.php?/topic/336524-faq-testing-integrity-control-update/
     

    How to update:

    Update etc


  13. This is a mini-FAQ for IntegrityControl update testing.

     

    Test collection:

    Attached

     

    Supported products:

    KAVKIS 2018 TR

    KAVKIS 2017 TR

    KAVKIS 2016 MR1

    KAVKIS 2016 TR

    KAVKIS 2015 MP 2

    KAVKIS 2015 MP 1

    KAVKIS 2015 TR

    KAVKIS 2014

    KAVKIS 2013

     

    OS coverage:

    The products should be tested with supported OSes.

     

    VM or real PC?

    If you can, it is better to perform tests on physical computers (not VMWare or Virtual PC).

    Also it would be useful to test with different hardware configurations: CPU, HDD controllers, motherboards etc.

     

    Before testing:

    Enable complete memory dump:

    XP: http://support.kaspersky.com/general/dumps/6200

    Vista: http://support.kaspersky.com/general/dumps/2142

    Win7: http://support.kaspersky.com/general/dumps/7989

    Win8+: http://support.kaspersky.com/general/dumps/10659

     

    What to pay attention for:

    - speed of browser while surfing the Internet

     

    Short test plan:

    1. During update, please launch a lot of applications to emulate the situation in which dumps occurred.

    2. Check Reports of Updater: it should say that update was successful, report a problem otherwise.

    3. Do not reboot your computer; make sure that modules versions are correct

    4. Perform the following tests:

     

    A. SafeBrowser test

    1. Install ProxyCap on your test PC (pcap529_x64.msi or pcap529_x86.msi corresponding to your OS) (you can find the installer here http://www.proxycap.com/download.html ). Reboot

    2. Unload product, in system32 and (if exists) in sysWOW64 rename pcapwsp.dll to pcapwsp_old.dll and place there pcapwsp.dll from archive with test tools. Reboot.

    3. Start product, add link to some online-bank to SafeMoney and run protected browser (IE, Chrome, FireFox, Edge)

    4. By means of ProcessExplorer check that pcapwsp.dll is not loaded into process iexplore.exe

    5. (optional) Uninstall ProxyCap

     

    B. Behavior of IntegrityControl while typical use of OS

    1. Surf the Internet within protected browser

    2. Unload product, compare performance

     

    Pay attention to:

    1. Performance of product and system

    I. Memory usage

    II. Processor time usage

    2. Product failures

    3. OS Failures.

    tools_IntCtrl.zip


  14. Всем привет!

     

    Доступно для тестирования очередное обновление модулей SystemWatcher, Avengine, KJIM, VLNS3, ETW-config

    Источник обновлений: http://dnl-test.kaspersky-labs.com/test/iro/

     

    Дата релиза:

    31 июля 2017 (начало таргетирования)

     

    Описание обновления:

     

    ________________________________________

     

    AVEngine:

     

    avengine.dll (x86, unmod)

    Version: 2.2.0.33

    MD5: FA549C237E9080B9B3E9E1146017E1D1

    avengine.dll (x86, mod)

    Version: 2.2.0.33

    MD5: 9EA5ED48F3F2654D479FC8EB1D1493AC

    libavengine.dylib (x86)

     

    MD5: 58867E5E3A63ADA0B0E58504430280A5

     

    Список изменений:

    - Фикс 10-секундной задержки запросов в KSN

    - Добавление причины отказа KSN в AsyncObjectFlagz

    _______________________________________

     

    KJIM

    kjim.kdl (x86, unmod)

    Version: 5.29.0.2

    MD5: A765CF4C5B328C75C592077C6DBC9D54

    kjim.kdl (x86, mod)

    Version: 5.29.0.2

    MD5: 8CCC613C025BB6FAEA13B0B4F5A3B3EB

    kjim.kdl (x64)

    Version: 5.29.0.2

    MD5: 81AB02C730BB401793BC96EA83A4C8BC

     

    Список изменений:

    - Улучшение эмуляции

    ________________________________________

     

    VLNS3

     

    файл: vlns3_engine.dll(2.2.2.27) hash: 4f2fa8e2a8b851a9c3df860079643596

    файл: vlns3_convert.dll(2.2.2.27) hash: 8985f85a77a687a668bf7fcb3be5383b

    vlns3_engine.esm hash: 6E6CB7A64D0772D40B491C0780B453AF 

     

    Список изменений:

    - Фикс зависания на попытке получить информацию о движке

    - Переключение на стандартные контракты обновлений

    ________________________________________

     

    SystemWatcher

     

    Unmod:

    -          klavasyswatch.dll           Version: 2.3.6.2178        MD5: 64260BE186CB064EE836D245CC4E3003

    -          klswapiproxy.kdl            MD5: 88B91145D22C5C8F82CE1216B24174A6    

    -          sw2.xms                             MD5: 76D2E35E9D8E4D61FFBA3E97D1FCBDA0

    -          rollback.dll                        Version: 2.0.0.1241        MD5: 222A7E8B6427DCC127680C50E7CA534F

    -          pdm.kdl                              MD5: 3487F3BEED41C12DD1C11A7F6EB5E6AF  

    -          klifpp.xms                         MD5: 9A131F4BB106495D14C74C2C873B4BE1

    -          pdm.vds                             MD5: 87C13424C02569BB70DE3A2466DEA87A                  

     

    Mod:

     

    -          klavasyswatch.dll           Version: 2.3.6.2179        MD5: 57938CF243DC32CC8697A8B160E57184

    -          klswapiproxy.kdl            MD5: F50FDB2363A8631D2B9138ACA11712F7

    -          sw2.xms                             MD5: BF503B2DC10DA63EFEE7B3D1321CD4EE

    -          rollback.dll                        Version: 2.0.0.1242        MD5: F7D767BF6336CA9D92397397115FF3DD

    -          pdm.kdl                              MD5: 0F1B8914EA2CC954F80B06043727ECC9

    -          klifpp.xms                         MD5: C47C06836EB3E06A30C8C1E2F2CEAA08   

     

    Список изменений

    - Поддержка ETW-конфига

    - Противодействие запуску вредоносного кода, не имеющего образа в виде файла на локальном диске (Fileless malware)

    - Поддержка линуксовой подсистемы в виндоус 10

    - Багфикс

     

    ________________________________________

     

    ETW-config

     

    etw_event_processor.xms  64051ab1fc1ccd2e7a6c2004a1e7dc05

    Список изменений

    - поддержка новых событий

    - багфикс

     

    ________________________________________

     

    FAQ по тестированию:

    SystemWatcher

    Avengine

    VLNS3

    Обновление, таргетирование итд


  15. Hello!

     

    We are asking you to test SystemWatcher, Avengine, KJIM, VLNS3, ETW-config modules update

    Update available from: http://dnl-test.kaspersky-labs.com/test/iro/

     

    Release date:

    31 july 2017 (start of targeting)

     

    Update description:

     

    ________________________________________

     

    AVEngine:

     

    avengine.dll (x86, unmod)

    Version: 2.2.0.33

    MD5: FA549C237E9080B9B3E9E1146017E1D1

    avengine.dll (x86, mod)

    Version: 2.2.0.33

    MD5: 9EA5ED48F3F2654D479FC8EB1D1493AC

    libavengine.dylib (x86)

     

    MD5: 58867E5E3A63ADA0B0E58504430280A5

     

    Changelist:

    - Fix 10+ seconds delay for ksn requests

    - Add reason of KSN failure to AsyncObjectFlagz

    _______________________________________

     

    KJIM

    kjim.kdl (x86, unmod)

    Version: 5.29.0.2

    MD5: A765CF4C5B328C75C592077C6DBC9D54

    kjim.kdl (x86, mod)

    Version: 5.29.0.2

    MD5: 8CCC613C025BB6FAEA13B0B4F5A3B3EB

    kjim.kdl (x64)

    Version: 5.29.0.2

    MD5: 81AB02C730BB401793BC96EA83A4C8BC

     

    Changelist:

    Emulation improvements

    ________________________________________

     

    VLNS3

     

    файл: vlns3_engine.dll(2.2.2.27) hash: 4f2fa8e2a8b851a9c3df860079643596

    файл: vlns3_convert.dll(2.2.2.27) hash: 8985f85a77a687a668bf7fcb3be5383b

    vlns3_engine.esm hash: 6E6CB7A64D0772D40B491C0780B453AF 

     

    Changelist:

    - :Vapm thread hangs after update when tries to get new vlns3 engine info.

    - Switch to standart update contract

    ________________________________________

     

    SystemWatcher

     

    Unmod:

    -          klavasyswatch.dll           Version: 2.3.6.2178        MD5: 64260BE186CB064EE836D245CC4E3003

    -          klswapiproxy.kdl            MD5: 88B91145D22C5C8F82CE1216B24174A6    

    -          sw2.xms                             MD5: 76D2E35E9D8E4D61FFBA3E97D1FCBDA0

    -          rollback.dll                        Version: 2.0.0.1241        MD5: 222A7E8B6427DCC127680C50E7CA534F

    -          pdm.kdl                              MD5: 3487F3BEED41C12DD1C11A7F6EB5E6AF  

    -          klifpp.xms                         MD5: 9A131F4BB106495D14C74C2C873B4BE1

    -          pdm.vds                             MD5: 87C13424C02569BB70DE3A2466DEA87A                  

     

    Mod:

     

    -          klavasyswatch.dll           Version: 2.3.6.2179        MD5: 57938CF243DC32CC8697A8B160E57184

    -          klswapiproxy.kdl            MD5: F50FDB2363A8631D2B9138ACA11712F7

    -          sw2.xms                             MD5: BF503B2DC10DA63EFEE7B3D1321CD4EE

    -          rollback.dll                        Version: 2.0.0.1242        MD5: F7D767BF6336CA9D92397397115FF3DD

    -          pdm.kdl                              MD5: 0F1B8914EA2CC954F80B06043727ECC9

    -          klifpp.xms                         MD5: C47C06836EB3E06A30C8C1E2F2CEAA08   

     

    Changelist:

    - support of ETW-config

    - detection of fileless malware

    - Win10 Linux Subsystem support

    - Bugfix

     

    ________________________________________

     

    ETW-config

     

    etw_event_processor.xms  64051ab1fc1ccd2e7a6c2004a1e7dc05

    Changelist:

    -          new events and bugfixes

     

    How to test:

    FAQ about testing:

    SystemWatcher

    Avengine

    VLNS3

    Update etc

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.