Autor Thema: RogueKiller (Gelesen 34400 mal)

SiLæncer · « **Antwort #45 am:** 07 August, 2014, 13:09 »

Whats new: >>

Removed a ZeroAccess false detection
Fixed a bug in registry module (introduced in 9.2.5)

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #46 am:** 15 August, 2014, 17:01 »

Whats new: >>

V9.2.8 08/15/2014
=================
- Added detections

V9.2.7 08/15/2014
=================
- Added scan of Search Page/Start Page for Internet Explorer
- Added scan of Start Page for Firefox
- TrueSight 1.0.2: Process Kill
- TrueSight 1.0.2: Registry key Kill
- TrueSight 1.0.2: File Kill
- RogueKiller: Implementation of new Truesight features
- RogueKillerCMD: Implementation of new Truesight features

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #47 am:** 01 September, 2014, 12:18 »

Whats new: >>

Updated Yara to 3.1.0
Added detections
Firefox PUM.HomePage is using domain whitelist

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #48 am:** 09 September, 2014, 12:15 »

Whats new: >>

Fixed a bug in Yara scanner
Fixed a bug in language module
Fixed a crash dump uploader (due to surlatoile.org move to https)
Added service binary path in report

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #49 am:** 18 September, 2014, 18:00 »

Whats new: >>

Added detection to new Poweliks variant
Fixed a bug of infinite wait when COM objects are broken

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #50 am:** 23 September, 2014, 12:25 »

Whats new: >>

- TrueSight: 1.0.3: Fixed a Kernel stack overflow leading to a BSoD
- Better handling of multistring registry value/key names (ZeroAccess/Poweliks)
- Added Poweliks detections - Added detections

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #51 am:** 25 September, 2014, 13:30 »

Whats new: >>

- Fixed a bug in registry module introduced in 9.2.12
- Fixed a bug in process engine that forbids svchost processes to be killed
- Added detections

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #52 am:** 06 Oktober, 2014, 13:27 »

Whats new: >>

- New Rules engine. Easier to maintain, more robust.
- Fixed a lot of bugs in Scanner engines.
- Added detections

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #53 am:** 08 Oktober, 2014, 14:00 »

Whats new: >>

- Major UI changes
- Added support for future Premium version
- Added support for ShellIconOverlayIdentifiers and ShellServiceObjectDelayLoad keys
- Now CLSIDs are scanned for path and memory
- Added detections

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #54 am:** 10 Oktober, 2014, 19:00 »

Whats new: >>

Improvements in Process library
Added COM integrity check to disable COM calls when server is corrupted (Poweliks)
Fixed Poweliks rule
Added detections
Fixed Bug in registry module
Fixed a bug in logging

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #55 am:** 16 Oktober, 2014, 14:00 »

Whats new: >>

Added detection of services hidden from SCM and from registry
Dropped command line support in free version
Removed EAT hooks (useless)
Improved IAT hooks scanner (now scans all modules instead of main module)
Fixed a bug in driver library (driver could not load under certain circumstances)
Added Czech translation
Added tooltip with detection level (for colorblind people)
Added detections

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #56 am:** 22 Oktober, 2014, 12:17 »

Whats new: >>

New user-agent: Now sends extended vendor names for real time monitoring
Added detections

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #57 am:** 29 Oktober, 2014, 18:00 »

Whats new: >>

Added link to translations in language menu
Added Delay IAT in PE module
Added Delay IAT hooks in antirootkit
Now IAT hooks are printed to UI as they are scanned
Removed ctfmon from sensitive processes
Now detects Zeus variants
Now informative texts are not elided
Better choices (currency/amount) for Paypal form
Removed unused resources
Improvements in quarantine module
Now DNS entries show country IP in text report
PREMIUM: Added quarantine handler
Added detections

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #58 am:** 11 November, 2014, 12:20 »

Whats new: >>

Now AV processes are whitelisted
Added language separator for "Your language here"
Added Injected process heuristic detection
Fixed bad Zeus signature
More aggressive against Poweliks processes
Added detections
Updated links

http://tigzy.geekstogo.com/roguekiller.php

SiLæncer · « **Antwort #59 am:** 13 November, 2014, 14:30 »

Whats new: >>

- Fixed a bug in Process module (not enough rights to get process path)
- Fixed a bug in AV whitelist detection
- Added detections

http://tigzy.geekstogo.com/roguekiller.php

Neuigkeiten:

Autor Thema: RogueKiller (Gelesen 34400 mal)

SiLæncer

RogueKiller 9.2.6.0

SiLæncer

RogueKiller 9.2.8.0

SiLæncer

RogueKiller 9.2.9.0

SiLæncer

RogueKiller 9.2.10.0

SiLæncer

RogueKiller 9.2.11.0

SiLæncer

RogueKiller 9.2.12.0

SiLæncer

RogueKiller 9.2.13.0

SiLæncer

RogueKiller 9.3.0.0

SiLæncer

RogueKiller 10.0.0.0

SiLæncer

RogueKiller 10.0.1.0

SiLæncer

RogueKiller 10.0.2.0

SiLæncer

RogueKiller 10.0.3.0

SiLæncer

RogueKiller 10.0.4.0

SiLæncer

RogueKiller 10.0.5.0

SiLæncer

RogueKiller 10.0.6.0