Jump to content
onja

Update of Avengine/Kavbase, ARK, QSCAN, SWMON

Recommended Posts

Hello!

We are asking you to test Avengine/Kavbase, ARK, QSCAN, SWMON modules update

Update available from: http://iro.kaspersky-labs.com/

 

Release date:

13 Nov 2017 (start of targeting)

 

Update description:

SWMON

Mod:

1)      swmon.kdl          (1.5.8.1, MD5: B4490F8CBA9993297EC3E1AF7D6499B5)

2)      swmon32.dat    (1.5.8.0, MD5: 98136B7118F24B832D91019FE9F51C9E)

3)      swmon64.dat    (1.5.8.0, MD5: 36C2E8687F2A37EF9F804C842D363C7F)

4)      swmon_32.dll    (1.5.8.1, MD5: 323DC235178ED214ADAACE544E07C14E)

5)      swmon_64.dll    (1.5.8.1, MD5: 46BFFE52F4465CEBD7C29F77CD645700)

6)      swmon_drv.kdl (1.5.8.1, MD5: 3E625901CE43E15097B4AFD8794567A4)

non-mod: 

1)      swmon.kdl          (1.5.8.1, MD5: B9074218AB7C54A51ECE6C858D8A4D1F)

2)      swmon32.dat    (1.5.8.0, MD5: DEF5ABCCA41FED0F8A9BF066E4948F0D)

3)      swmon64.dat    (1.5.8.0, MD5: 378C0D4BC0CBFED93894CB0283ABC57F)

4)      swmon_32.dll    (1.5.8.1, MD5: AB353CB542735C82EFD545D96AE1A7C7)

5)      swmon_64.dll    (1.5.8.1, MD5: 36C985CC3DE07334439BB8C956687172)

6)      swmon_drv.kdl (1.5.8.1, MD5: 3392A119589CAD2936BCD279ECC27816)

 

Changes

1) Detect Vmware UM interceptor

2) New logic to detect KLHKUM (TFS 2431529)

How to test
 

Avengine/Kavbase

For Windows,Linux, FreeBSD, MacOS

avengine.dll (x86, unmod)

Version: 2.3.0.3

MD5: 7AF1FA4A7063A884E6F86067568D0DF3

avengine.dll (x86, mod)

Version: 2.3.0.3

MD5: 44721575337529DF0DECD418858E18D4

kavbase.kdl (x86, unmod)

Version: 3.3.7.10

MD5: 3BFCC8067C598D458196E9F1D6873BAC

kavbase.kdl (x86, mod)

Version: 3.3.7.10

MD5: 0C688B962B4B6491588735D4CA2E0BCB

libavengine.so (x64)

 

MD5: D560F7883FEF608AD581899972E215D1

kavbase.kdl (x64)

Version: 3.3.7.10

MD5: 45F35FC580B5F698E7CE43805378C0EE

avengine.dll (x64)

Version: 2.3.0.3

MD5: 622ED68ADFE347BD0AD6159862E36062

libavengine.dylib (x86)

 

MD5: D51D55FD723AFDADE62329CB4E1F9D44

libavengine.so (x86)

 

MD5: C335481E6B6D9BA5BDBB3938EA004BFA

libavengine.so (x86)

 

MD5: C3B0F4ED1B53156E1ED403A35B2EA745

libavengine.so (x86)

 

MD5: A50BC59DAA0DC0FBD5AC155AB83A9362

libavengine.so (x64)

 

MD5: 968C7F913A6BE4BAB6662B615EFA8A7E

libavengine.so (x64)

 

MD5: BCFDEC9E207D560D9FE28BF4165B8BDF

Changelist:

  • Fix [KES11} ODS. Some samples from collection were not disinfected
  • Add support FileMapping
  • Dump fix

Avengine: How to test

Kavbase: How to test

 

QSCAN

qscan.kdl 4.7.9.0 (md5: b15a578025d6967cf8738c39b2b814f9 )

kavsys.kdl 2.7.9.0 (md5: 12d064af3aa3677b0af1b6a84f9cd9c6 )

klark32.dat 3.7.7.0 (md5: 1a317131f2a1ad745419ef6f100db210 )

klark64.dat 3.7.7.0 (md5: 6d3ea434891eaefb9bf1bf46a0d8c6f8 )

klark32.drv 3.7.7.0 (md5: e7206b00e626749caeccb7d355cd0d6e )

klark64.drv 3.7.7.0 (md5: 3d8b3598e023d2370ce01d2d1a644830 )

klbg32.dat 10.7.6.0 (md5: a2d0e6ddaf5ec4550842e81d3c40a6a7 )

klbg64.dat 10.7.6.0 (md5: aa2292a9262e014c0fe5f2520e91e6b5 )

klbg32.drv 10.7.6.0 (md5: 03d030ba4c32686749583221450c332b )

klbg64.drv 10.7.6.0 (md5: 49dda33b5a43b6222429b9e26fa7c3fa )

 

Mod version:

qscan.kdl 4.7.9.0 (md5: 90390b2e6c7fd40fbbc33e9573e08edf )

kavsys.kdl 2.7.9.0 (md5: 6170921e04e1bb10d418f23f9184d061 )

klark32.dat 3.7.7.0 (md5: a93e0ffcb0e99275be761f56f3f3334b )

klark64.dat 3.7.7.0 (md5: 2bea14cee62ccfe86329bac354af45ec )

klark32.drv 3.7.7.0 (md5: 8baf27c8d2855142aab0a4597481f50d )

klark64.drv 3.7.7.0 (md5: 0bf0a65acad840f89aff23f10960e187 )

klbg32.dat 10.7.6.0 (md5: ee004c2d0e071ab215e0ec1c798022ea )

klbg64.dat 10.7.6.0 (md5: 8ab7c996eb76a49a08185ae2b1283808 )

klbg32.drv 10.7.6.0 (md5: eb35d803748376a7abc310150cce49a0 )

klbg64.drv 10.7.6.0 (md5: 3422253be14d58ad8712bf405c8fa36d )

 How to test

 

ARK

 

arkmon.kdl 1.13.5.1 (md5: 7e42de9970b9dd7f0aefb50e11193c8a )

arkmon32.dat 1.13.5.0 (md5: 59999fdb4e252541afc2908fda3416f1 )

arkmon64.dat 1.13.5.0 (md5: 26e8e9528c1d28c7a8c36d43f5538044 )

arkmon32.drv 1.13.5.0 (md5: e2ddd5659311ad1835e5756a950b02a4 )

arkmon64.drv 1.13.5.0 (md5: 53812426f96605ce7466f078bbd38a1c )

mark.kdl 5.13.5.1 (md5: 530e9c942728887785edd7f0e661de43 )

mark32.dat 5.13.5.0 (md5: 9860981c45eecf300eb98a083a028668 )

mark64.dat 5.13.5.0 (md5: 9d4dd27a56cc30bf9f8d558ecfe93ef0 )

mark32.drv 5.13.5.0 (md5: d9a173904a45413ab136f3f749b906b2 )

mark64.drv 5.13.5.0 (md5: 469c046986e9cef73a2f6234477df3ba )

 

Mod version:

arkmon.kdl 1.13.5.1 (md5: 97d95931d2094a3c18f61b06f7e53096 )

arkmon32.dat 1.13.5.0 (md5: 9def4dc24d4849ea54acd3fbb165f8fb )

arkmon64.dat 1.13.5.0 (md5: 448d0ba42b7dcfd902f878575d49cde8 )

arkmon32.drv 1.13.5.0 (md5: b1045a230a2afe3309532f14bc844ea8 )

arkmon64.drv 1.13.5.0 (md5: c4e91afa5afc23bdc8cc2f6f9400eadf )

mark.kdl 5.13.5.1 (md5: 2b335224da912bcbd9913f988d848f39 )

mark32.dat 5.13.5.0 (md5: 0327f3a5b4679fe4d27e3685af36fe6b )

mark64.dat 5.13.5.0 (md5: b3745f637c7a2b14baad45970e9e2988 )

mark32.drv 5.13.5.0 (md5: bdb97cf6511527dc7e7e0515efd77c1a )

mark64.drv 5.13.5.0 (md5: 5cbc8d07c5ac2bc9e861da676de7ead0 )

 

Changes

1)      Support for Windows 10 RS3

2)      CR 2316315 implemented

3)      Bugfixes (2397202, 2216915, 2217253, 2365844, 2369848)

4)      Modules no longer packed

 How to test

 

How to update:

Update etc

Share this post


Link to post

Hello

May I ask, does the changes for kavbase.dll include a new about 50MB kavbase.xxxxx.xxxxxxxxx.kmc database cache? It happened after the module updated.

Does it contain some certain antivirus signatures that rarely modified so that overall performance will be better?

Regards

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.