AfterDawn | News | Guides | Software downloads | Tech Support | Forums
AfterDawn.com

Version history for RogueKiller (64-bit)

<<Back to software description

Changes for v10.0.6 - v10.0.8

  • - Added detections
  • - Fixed bug of processes not killed
  • - Now process memory is scanned before path scan
  • V10.0.7 11/20/2014
  • =================
  • - Now process pages are scanned for whitelist
  • - Updated Yara engine
  • - Added detections
  • - Reverted some command line to free version: -nodriver -nokill -nopop -nothirdparty



Changes for v10.0.5.0 - v10.0.6

  • - Fixed a bug in Process module (not enough rights to get process path)
  • - Fixed a bug in AV whitelist detection
  • - Added detections



Changes for v10.0.0 - v10.0.5.0

  • - Now AV processes are whitelisted
  • - Added language separator for "Your language here"
  • - Added Injected process heuristic detection
  • - Fixed bad Zeus signature
  • - More aggressive against Poweliks processes
  • - Added detections
  • - Updated links



Changes for v9.2.8.0 - v9.3.0

  • - New Rules engine. Easier to maintain, more robust.
  • - Fixed a lot of bugs in Scanner engines.
  • - Added detections



Changes for v9.2.4.0 - v9.2.8.0

  • Added detections
  • Added scan of Search Page/Start Page for Internet Explorer
  • Added scan of Start Page for Firefox
  • TrueSight 1.0.2: Process Kill
  • TrueSight 1.0.2: Registry key Kill
  • TrueSight 1.0.2: File Kill
  • RogueKiller: Implementation of new Truesight features
  • RogueKillerCMD: Implementation of new Truesight features
  • Removed a ZeroAccess false detection
  • Fixed a bug in registry module (introduced in 9.2.5)
  • Fixed a bug in registry module (poweliks/zeroaccess trick)
  • Fixed a bug in command line parsing
  • RogueKillerCMD: Added registry value/subkey removal by index
  • Added detections



Changes for v9.2.3.0 - v9.2.4.0

  • Added detections
  • Added Key present rule
  • Added Value data rule
  • Updated Yara
  • Fixed a bug in file search module
  • Fixed a bug in honey file module
  • Fixed string limit in path module
  • RogueKillerCMD: Registry Kill



Changes for v8.8.12 - v8.8.15

  • No crash report sends debug.log and crash dump
  • Optimizations
  • Added detections
  • Fixed a bug in PE parser
  • Optimizations
  • Added detections



Changes for v8.8.11 - v8.8.12

  • Optimizations
  • Prepare for 8.9.0
  • Added Thanks for Downloading Url at first use.
  • Fixed bug in MBR fix
  • Fixed progressbar behavior



Changes for v8.8.10 - v8.8.11

  • Optimizations
  • Added lot of PUP detections
  • file path are elided in console



Changes for v8.8.9 - v8.8.10

  • Added detections
  • Changed links
  • Fixed a bug in File library
  • RogueKillerCMD 0.1.3
  • Added service list
  • Added service kill



Changes for v8.8.6 - v8.8.9

  • Fixed bugs in Hidden process detection
  • Added traces for killed processes check bug.
  • URL are now localized
  • Fixed tree process creation deadlock



Changes for v8.8.5 - v8.8.6

  • ACLs management improvement
  • Fixed FP in hook module
  • NEW! Google Chrome extensions are listed [Removal not supported yet]
  • Fixed Zekos FP with Zanga.exe
  • Fixed forum link in report



Changes for v8.8.4 - v8.8.5

  • Added debug trace for dllhost issue
  • Added rogue detections
  • Fixed duplicates in Firefox Addons list
  • Added extensions.json / extensions.sqlite in the firefox watch list
  • Now kills firefox before removing extensions



Changes for v8.8.3 - v8.8.4

  • Added ACL module.
  • Fixed bug with ACLs when replacing patched file [Black Screen - Zekos]
  • Restored Zekos signatures



Changes for v8.8.2 - v8.8.3

  • NEW! Extension removal for IE / Firefox (context menu)
  • Neutralized Zekos signatures to avoid black screen at replacement. [To be fixed]



Changes for v8.8.1 - v8.8.2

  • NEW! Miuref detection and removal
  • Added Zekos x64 detection
  • Fixed a bug in honey module
  • Fixed a bug in core module
  • Fixed a bug in driver module



Changes for v8.7.14 - v8.8.1

  • Fixed bug in registry module
  • Fixed a bug in file module
  • NEW! Zekos detection and removal.



Changes for v8.7.13 - v8.7.14

  • NEW! web browser addons are listed (Internet Explorer | Firefox )
  • NEW! Cryptolocker pattern
  • NEW! Killed process verifier. If some processes remain, they are killed by their whole tree.
  • Added detections



Changes for v8.7.12 - v8.7.13

  • Translated Paypal Icon
  • Fixed a bug in GUI lib
  • Added PUP pattern
  • Fixed a bug in File lib (ZeroAccess detection)
  • Added addons tab



Changes for v8.7.11 - v8.7.12

  • Windows 8.1 detection
  • Fixed bug in Shortcut mode
  • Refactoring of File lib
  • Added detections
  • RogueKillerCMD 0.1.2
  • Added process list



Changes for v8.7.10 - v8.7.11

  • Fixed a bug in UI lib



Changes for v8.7.9 - v8.7.10

  • Added detections
  • RogueKillerCMD 0.1.1
  • Fixed DLL dependencies



Changes for v8.7.8 - v8.7.9

  • - Fixed a bug in regex parsing
  • - Optimization of regex
  • - Added 2 new methods for registry Read/Write
  • - NEW! Honey module now uses the Win32 API Offline method (Safer)
  • - Fixed a bug in script cleanup
  • - Fixed a bug in mbr module
  • - Added detections



Changes for v8.7.7 - v8.7.8

  • NEW! Added Zlib compression for crash dump sending
  • Improvement of args handler



Changes for v8.7.6 - v8.7.7

  • NEW! new banner
  • Fixed bugs in Registry module
  • Fixed bug in PeParser
  • Added progress window for crash report uploading
  • Now collecting FUll dumps [This can be long, be patient!]



Changes for v8.7.5 - v8.7.6

  • Changed crash feedback for sending crash dump instead of custom crash logs
  • Fixed bug in PeParser



Changes for v8.7.4 - v8.7.5

  • Added useragent in debug log sending
  • NEW! Geoloc for proxy / DNS IPs
  • Fixed bug on TaskMan value
  • NEW! -report_output and -hide switches
  • NEW! Stop button



Changes for v8.7.3 - v8.7.4

  • Added COUNTRY in user agent of statistic module



Changes for v8.7.1 - v8.7.3

  • NEW! Detection/Removal of generic name mismatches in registry key/values (API fool trick -Rootkit)
  • Fixed a bug in HiveReader module
  • Fixed a bug in Pattern module



Changes for v8.7.0 - v8.7.1

  • Fixed bugs in PeParser
  • Fixed bug in IAT/ETA hooks
  • NEW! Listview sorting



Changes for v8.6.12 - v8.7.0

  • NEW! Scan IAT/ETA of sensible processes
  • NEW! Filesystem userland antirootkit
  • Added colors to differenciate type of objects
  • Added Romanian language
  • Fixed bug in file deletion
  • Fixed bugs in Pe parser
  • Optimizations: Com library
  • Fixed bug in GUI library
  • Added detections



Changes for v8.6.11 - v8.6.12

  • Added detections
  • Added MBR infos
  • Added PUM label, and more consitent colors
  • Fixed a bug in MBR module



Changes for v8.6.10 - v8.6.11

  • Fixed a crash a startup on x64 OS



Changes for v8.6.8 - v8.6.10

  • - Fixed a bug in PeParser
  • - TrueSight 0.9.1
  • v8.6.9
  • =================
  • - Fixed a bug in PeParser
  • - Added Export parsing
  • - Fixed a bug in SSDT parsing
  • - Added detections



Changes for v8.6.7 - v8.6.8

  • - Fixed a bug in peParser
  • - Truesight v0.9



Changes for v8.6.3 - v8.6.4

  • - Fixed display bugs
  • - Added tab icons
  • - NEW! One scan can allow user to trigger each option once (Delete, HostsFix, DNSFix, ProxyFix)
  • - Fixed bug in DLL module
  • - Modified Honey display in report
  • - Fixed bugs in PeParser
  • - Fixed bug in file parser
  • - Added detections
  • - Database queries switched to UNICODE



<<Back to software description