What's new in RogueKiller 15.16.0.0
Apr 10, 2024
- Updated to core 6.19.1
- URLEncode search paramters
- UTF8 encoding for Curl paramters
- UCheck: Internal Name support
- Reporting unserialize fix
- Fixed issue where Review notification was not properly shutdown by config
- Added Winget support for UCheck
- UCheck program refresh fixed issue where status was not Updated
- UCheck compression support for programs sending
- UCheck compression support for community manifest
- Added registry data scanning for firewall rules
- Disabled cloud upload retry logic
- Better logging on detections
- Fix for exclusions matching
- Fixed issue where detections could not be removed after a scan
- Minor fixes
New in RogueKiller 15.15.3.0 (Mar 11, 2024)
- Updated to core 6.18.3
- URLEncode search paramters
- UTF8 encoding for Curl parameters
- UCheck: Internal Name support
- Multiple scheduled scans implementation
- Scan cloud config for malpe
- Scanners cloud config implementation
- Mutiple threat names implementation
- Added ability to have multiple scheduled scans
New in RogueKiller 15.15.2.0 (Feb 19, 2024)
- Updated to core 6.18.1
- fix for UCheck exclusions
- fixed un-needed remove at reboot of drivers
- fixed potential app lock during crash dump upload
New in RogueKiller 15.15.1.0 (Feb 14, 2024)
- Fixed potential crash in account page.
New in RogueKiller 15.15.0.0 (Feb 14, 2024)
- Updated to core 6.18.0:
- Removed unneeded ACL reset
- Replaced folder ACL reset by "Add World ACE"
- Added IsInstalled verification in core
- Now using current directory's subdir for non-installed core instances
- Modular core, preparing for core optimizations
- Added UCheck bitness detection algorithm
- Added UCheck existence verification
- Removed potential crashing logs
- Added AsyncWorker for smoother UI experience
- Theme fixes
- Report UI refactoring
- Minor fixes
- Disabled shell replacement in installer ("Black screen" issue on update)
- Now opening UCheck instead of website if installed
- Consolidated Tech portable available features
- Added "fully portable" feature, if not installed will work from a current dir's subdir
New in RogueKiller 15.14.0.0 (Jan 18, 2024)
- Updated to core 6.17.2:
- Themes colors changes
- Registration page performance fixes
- Error management in UCheck APIs
- UI lib update
- Fixed issue with json decoding from array
- Better progress count
- Fix for cloud config (proxy not applied)
- Fixed potential crash in filesystem scanner
- Fixed possible hang in scan worker
- Minor fixes
- Contrast improvements
- Theme changed refreshes
- Minor color fixes
- Fonts improvements
- Now saving window geometry and restoring it at launch
- Added translator name display
- Added theme name (translation)
- Minor UI/UX changes
New in RogueKiller 15.13.1.0 (Dec 6, 2023)
- Updated to core 6.15.1
- Rkfl 0.10.6 (fixed potential handle leak)
- Better RTP logging
- Minor fixes
- Fixed possible crash on initialization
New in RogueKiller 15.13.0.0 (Nov 4, 2023)
- Updated to core 6.14.0
- Fixed notification not opening links
- Truesight 3.4, fixed vulnerabilities
- Truesight 3.4, fixed possible handle leak
- Now avoiding killing protected processes
- Minor Fixes
- Fixed minor UI issues
New in RogueKiller 15.12.2.0 (Oct 19, 2023)
- Updated to core 6.13.3
- Fixed possible crashes on logging
- Fixed potential crash on exiting core with a scan running
- Fix for explorer path parser
- Minor Fixes
- Fixed issue where signatures were not loading using import button
New in RogueKiller 15.12.1.0 (Sep 19, 2023)
- Updated to core 6.12.2
- Fixed performance issue in UCheck engine
- Fixes for UCheck portable detection
- Updater 4.1.1, fixed some download links for portable versions
- Truesight 3.3 (fixed security issue)
- Rkflt 0.10.5 (fixed security issue / fixed potential crash)
- Doclock added new services to allow list
- Minor Fixes
- Minor fix for settings revert to default
New in RogueKiller 15.12.0.0 (Aug 29, 2023)
- Added Welcome page
- Now showing UI on first launch
- Removed thanks page opening
- Minor changes for marketing page
- Updated to core 6.12.0:
- First launch UI config
- Fixed shell extension removal during uninstall
- Fixed backup config removal during uninstall
- Cloud config
- Cloud scanning no increment on rescan
- Minor Fixes
New in RogueKiller 15.11.0.0 (Jun 22, 2023)
- Updated to core 6.11.0:
- Fixed possible crash when opening EULA
- Deployed cloud config
- Added cloud config for MalPE
- Fixed potential crashes in DirectoryCounter
- Fixed issue where files removed at reboot were not triggering user notice
- Added SearchScope (Bing) search rules
- Fixed issue where ACLs protected registry keys could not be read/deleted
- Fixed minor issues for URL scanning
- Fixed issue were Cloud mitigated detections were not showing in Diag
- Minor Fixes
New in RogueKiller 15.10.0.0 (May 25, 2023)
- Updated to core 6.10.0:
- Ability to login to shop account to retrieve license keys
- Registration page re-designed
- NTFS module
- FileScanner fast enumeration during scan
- Now showing progress during filesystem scanning
- Minor Fixes
New in RogueKiller 15.9.0.0 (Apr 25, 2023)
- Updated to core 6.8.0:
- Now uploading unknown files using dedicated cloud API
- Fixed an issue where directores with specific ACLs were not removed
- Minor Fixes
- Fixed an issue where exiting after a certain scenario would lead to error message in a loop
New in RogueKiller 15.8.2.0 (Mar 22, 2023)
- Updated to core 6.7.2
- Fixed an issue where volatile licenses were eating activations
- Fixed encoding issue in installer translations
- Fixed file types filtering in archives scanning
- Minor Fixes
New in RogueKiller 15.8.1.0 (Mar 6, 2023)
- Moved scheduled scans to its own settings tab
- Added ability to choose between Standard/Quick type for scheduled scan
- Updated to core 6.7.1:
- Added client tagging on signatures check/update
- Added scheduled scan type in config
- Update checks task only executing on Premium
- RTP task not exeutes every 60 mns (prior, 15mns)
- RTP task disabled when RTP not enabled
- Minor Fixes
New in RogueKiller 15.8.0.0 (Jan 26, 2023)
- Removed wizard button
- Now outdated notice has an hyperlink
- Updated to core 6.7.0:
- Updated libraries (libyara)
- Updater translations
- Fixed issues on Windows XP
- Fixed an issue where Powershell was slow to open with Clipboard protection
- Fixed issue in exclusions where sometimes wrong target was set
- Fixed minor issue in Cloud scanner
- Minor fixes
New in RogueKiller 15.7.0.0 (Jan 17, 2023)
- Updated to core 6.6.0
- Fixed multiple issues with cloud scanning
- Minor Fixes
New in RogueKiller 15.6.5.0 (Jan 4, 2023)
- Updated to core 6.5.8
- Fixed an issue with Curl network check
- Minor Fixes
New in RogueKiller 15.6.4.0 (Dec 15, 2022)
- Fixed an issue where link open may fail under LocalSystem account
- Fix for obtaining default browser path
- Fix for Pipe exit
- Abortable scan report
- Moved some links opening to more secured method
- Minor Fixes
- Moved some links opening to more secured method
- Dynamic translations
New in RogueKiller 15.6.3.0 (Nov 15, 2022)
- Updated to core 6.5.5
- Fixed download issue in UCheck module
- Minor fixes
- Translations update
New in RogueKiller 15.6.2.0 (Oct 13, 2022)
- Updated to core 6.5.4
- Moved URL protocol to installer
- Rkflt version 0.10.4
- Fixed possible BSOD at driver Load
- Fixed possible altitude collision on Windows 11
- Minor fixes
New in RogueKiller 15.6.1.0 (Sep 13, 2022)
- Updated to core 6.5.1:
- NEW! Protocol URLs: Ability to register license from an URL
- Fixed issue where scanning whitelisted folders' content was not honored in custom scan
- DLP no longer in BETA
- Translations updated
- Fixed an issue where scan was not stopped on session log out, leading to a crash
New in RogueKiller 15.6.0.0 (Aug 22, 2022)
- Updated to core 6.5.0:
- NEW! Process injection (rkmon32 & rkmon64) [BETA]
- NEW! Clipboard protection module [BETA]
- Fixed an issue where RTP cleanup routine was not executed
- Fixed an issue where RTP signatures were not updated automatically
- Fixed an issue where RTP cache was not limited in Size
- Optimization for RTP cache on process termination
New in RogueKiller 15.5.3.0 (Jun 14, 2022)
- Updated to core 6.4.3
- Fixed a critical issue in signatures engine (some signatures were not working)
New in RogueKiller 15.5.2.0 (Jun 7, 2022)
- Updated to core 6.4.2
- Truesight 3.1 (Win10+)
- Fixed memory leaks
- Fixed missing allocations tagging
- Added -excluded-paths CLI switch
- Removed Wizard (better UX)
- Fixed a bug where update could launch during a scan
- Fixed missing label in Web addons exclusions
- Added refresh button on Account tab
New in RogueKiller 15.5.1.0 (May 16, 2022)
- Updated to core 6.4.1
- * Fixed Rkflt version 0.10.3 for 32 bits
New in RogueKiller 15.5.0.0 (May 2, 2022)
- Updated to core 6.4.0
- Rkflt version 0.10.3 (Win10+)
- Fixed memory leaks
- Fixed missing allocations tagging
- Windows 11 official support
- Logs reduction
- Minor fixes
- Added/Updated translations
- NEW: Japanese
- NEW: Dutch
- NEW: Portuguese
- NEW: Brazilian
- NEW: Polish
- NEW: Italian
- NEW: Arabic
- NEW: Japanese
New in RogueKiller 15.4.0.0 (Mar 7, 2022)
- Updated to core 6.3.3:
- Fixed potential memory leak in zip module
- Fixed issue in cloudscanner where empty batches were sent for analysis
- MalPE mitigation: Unknown cloud files are no longer considered malicious
- Added background scanner configs
- Command scanner is now able to retrieve current process directory and use it for path resolution
- Added setting to revert full scan performance (on demand + scheduled)
- New dashboard page
New in RogueKiller 15.3.0.0 (Feb 17, 2022)
- Updated to core 6.3.2:
- Added first cloudscan config
- Fixed an issue where detection was added even with a cloudscan invalidation
- Fixed an issue where Windows backup history svchost was detected as DLP
- Curl timeout increase
- Redesigned all command line arguments
- Minor fixes
- Redesigned UIs to better resize
- Background scan enabled by default
New in RogueKiller 15.2.0.0 (Jan 20, 2022)
- Cloudscanner (new module, BETA)
- New detection design (Pipeline, BETA)
- Minor fixes
- New scan progress design
- New marketing page design
- New settings page design
- New history page design
New in RogueKiller 15.1.5.0 (Dec 15, 2021)
- Updated to core 6.1.8
- Fixed potential crash
- Fixed infinite reload loop in scheduler causing UI to hang / having performance issue
- Fixed possible crashes (log formatting)
- Fixed possible crash (CLSID scanner)
- My Account UI redesign
- Registration UI redesign
- Fixed potential crash on exiting for update
- Settings redesign
New in RogueKiller 15.1.4.0 (Nov 18, 2021)
- Updated to core 6.1.7
- Fixed issue in scheduler where monthly scan was not working
- Fixed numerous UI / UX issues across the app
- Opened Exclusions to free version
- Fixed an issue where switches where slow to update
- Better wording in settings descriptions
- Added UCheck link in miniscan banner
- Fixed missiing translation on signatures download link
- Fixed refresh issue where driver was showing unloaded after registration
- Fixed refresh issue where secured storage was showing unavailable after registration
- Removed setup registration (now all inside the software)
New in RogueKiller 15.1.3.0 (Nov 9, 2021)
- Updated to core 6.1.6
- Fixed potential crash
- Fixed infinite reload loop in scheduler causing UI to hang / having performance issue
New in RogueKiller 15.1.2.0 (Nov 3, 2021)
- Fix for scheduler (fixed time not starting after sleep)
- Fixed an issue in common report view
- Fixed an issue in path parser (task scheduler)
- Fixed an issue in DLP where prefetch service was blocked
- Minor fixes
- Setup: Always force desktop icon
- UI lib update (button padding issue)
New in RogueKiller 15.1.1.0 (Oct 11, 2021)
- Added Next Scan date on dashboard
- Removed scan notifications if UI is shown
- Updated to core 6.1.4:
- Fixed an issue with scheduled scans not starting
- Added ability to cancel scan during archive scanning
- New scheduler
- Added EDGE scanner
- Minor fixes
New in RogueKiller 15.1.0.0 (Sep 6, 2021)
- New reporting
- Fixed an issue when adding exclusions
- Fixed a false detection on explorer / DocLock
- Fixed an issue with scheduled scans not starting
- Added ability to cancel scan during archive scanning
New in RogueKiller 15.0.9.0 (Aug 5, 2021)
- Fixed possible issue with information update at startup
- Re-enabled thanks page opening
- Deactivated Cloud Upload windows (later integrated into own worker)
- Added Proxy authentication settings
- Updated to core 6.0.11:
- Fixed self folder scanning issue
- Asynchronous logging
- Fixed possible deadlock
- Fixed possible infinite loop in config migration
- certificate update
New in RogueKiller 15.0.8.0 (Jul 13, 2021)
- Disabled temporarily "thanks page" opening (will be reworked later)
- Updated to core 6.0.10
- Fixed possible crashes when stopping
New in RogueKiller 15.0.7.0 (Jul 9, 2021)
- Updated to core 6.0.9
- Quarantine delete all
- Minor fixes
- Fixed issue where UI was showing inconsistent state during long initialization
- Added locks during engine initialization
- Added banner when there's too many quarantine items to display (> 1000)
New in RogueKiller 15.0.6.0 (Jul 1, 2021)
- Updated to core 6.0.8
- Fixed possible crash in pipe communication
- Fixed issue when checking for updates (signatures state not refreshed)
- Translations update
New in RogueKiller 15.0.5.0 (Jun 30, 2021)
- Fixed possible deadlock (SecuredIPC) between scheduler / signatures_changed callback
New in RogueKiller 15.0.4.0 (Jun 28, 2021)
- Updated to core 6.0.6
- Fixed another issue where dates are not saved properly in config file
- Fixed service scan request (scheduler)
- Fixed service signatures status update
New in RogueKiller 15.0.3.0 (Jun 15, 2021)
- Updated to core 6.0.5
- Fixed potential crash getting username from session ID
- Updater 4.0.1
- Fixed crash on certain cases (double download worker thread)
- Fixed crash issue when old config is present (Config migration)
- Fixed an issue where dates are not saved properly in config file
- Fixed potential crash on Initialization
New in RogueKiller 15.0.2.0 (Jun 14, 2021)
- Fixed potential crash on exporting portable config
New in RogueKiller 15.0.1.0 (Jun 14, 2021)
- Fixed potential crash on startup
New in RogueKiller 15.0.0.0 (Jun 14, 2021)
- Fixed an issue where some settings in combobox where changing on page scroll (lang, theme)
- Minor UI fixes
- Updated to core 6.0.4:
- Fixed an issue where context menu scan was not working when UI is started by the service
- Fixed potential crash in getting computer name
- Fixed issue with Windows Updates status
- Fixed issue with ucheck progress counters
- Refactored using safer memory management (smart pointers)
- Refactored with asynchronous initialization (faster to start)
- Updater 4.0
- RK DLL 4.0
- Minor fixes
New in RogueKiller 14.8.6.0 (Mar 25, 2021)
- Updated to core 5.3.5
- Fixed potential stack overflows
- Reducing Cloud.Generic FPs by ignoring some 3rd parties
- Translations update
- Minor fixes
- Augmenting contrast on detections results page
New in RogueKiller 14.8.5.0 (Feb 15, 2021)
- Updated to core 5.3.4
- Fixed possible hang on Zip
- Fixed bad licensing error message in some cases
- Now opens Update form if clicked on "new version" notification
- Now all notifications honor the "no notification" user setting
New in RogueKiller 14.8.4.0 (Jan 13, 2021)
- Fixed wrong rkflt version (0.10.0 => 0.10.1) for x64.
New in RogueKiller 14.8.3.0 (Jan 12, 2021)
- Updated to core 5.3.3
- Fix for XP compat (CancelSynchronousIo)
- Fix for disk enumeration hang
- Fix for network file resolution hang
- rkflt 0.10.1 (fixed a potential crash on USB device plug)
New in RogueKiller 14.8.2.0 (Dec 28, 2020)
- Updated to core 5.3.2
- Fixed a possible crash in scan worker
New in RogueKiller 14.8.1.0 (Dec 15, 2020)
- Updated to core 5.3.1
- Fixed licensing issue with XP
- Fixed issue in VTScanner on exit (submit on exit)
- Fixed possible memory leak in scan items
- Fixed possible memory leak in zlib module
- Fixed possible memory leak in zip module
- Fixed possible memory leak in COM module
- Fixed possible memory leak in Event module
- Fixed possible memory leak in SigCheck module
- Fixed possible stack overflox in Time module
- Fixed possible hang in Drives enumeration (async file opening)
- Added hash in event history
- Fixed an issue where filemon event took time resolving process path and could hang on certain programs (WoT block)
- Minor fixes
New in RogueKiller 14.8.0.0 (Nov 17, 2020)
- Fixed possible issue (small buffer) in filter com
- Fixed VTScanner cache, not working in some conditions
- Fixed FileMemoryScanner, archive not scanning in some conditions
- Fixed DigisigScanner, suspicious CAs
- Fixed multiple crashes in PE module
- Fixed possible crashes (SO) in registry, path modules
- Fixed possible crashes (except) in string, buffer, curl modules
- Minor fixes
- Added Chinese translation
New in RogueKiller 14.7.4.0 (Oct 22, 2020)
- Added Archives scan configuration
- Updated to core 5.1.4:
- Fixed potential issue with broken Shell extension (explorer context menu)
- Fixes for DocLock DLP FP mitigation
- Minor fixes
New in RogueKiller 14.7.3.0 (Sep 15, 2020)
- Updated to core 5.1.3:
- Fixed several memory leaks
- Leverage AME cache for DocLock classification
- Disabled RTP for portable config
- Minor fixes
- Fixed refresh issue on dashboard
New in RogueKiller 14.7.2.0 (Sep 1, 2020)
- Updated to core 5.1.2
- Fixed potential crash in digisig module for x86
New in RogueKiller 14.7.1.0 (Aug 31, 2020)
- Updated to core 5.1.1
- Fixes for Data Leak Prevention (BETA)
- Fix for digisig module (check file from cert store)
- Minor fixes
New in RogueKiller 14.7.0.0 (Aug 24, 2020)
- Updated to core 5.1.0
- RKFlt 0.10
- RogueKillerSVC 1.5
- Added Data Leak Prevention (BETA)
- Deferred Kill to post-processing
- Fixes for MalPE pre-filtering
- Minor fixes
New in RogueKiller 14.6.3.0 (Aug 10, 2020)
- Updated to core 5.0.4
- Fixed crash in PE parser
- Fixed crash in config Migration
- Minor fixes
New in RogueKiller 14.6.1.0 (Jun 17, 2020)
- Fixed Truesight digital signature
New in RogueKiller 14.6.0.0 (Jun 15, 2020)
- Updated to core 5.0.0
- Added more logs for Curl
- Proxy validation
- Trusight 3.0 (refactored with HLK validation)
- Antirootkit module re-integrated (silent mode as a 1st step)
- RogueKillerSVC: 1.4
- Minor fixes
New in RogueKiller 14.5.0.0 (May 27, 2020)
- Updated to core 4.3.4:
- MalPE AI 0.6
- DocLock: Blocking suspicious NETSH
- DocLock: Blocking suspicious WMIC
- Added default printer location
- Added ability to scan files with context menu
- Added ability to scan network paths with context menu
- Added Browser extension type for exclusions
- Minor fixes
- Added white-circled icon
- Updater 3.4.1
- Fixed a possible crash at exit
New in RogueKiller 14.4.2.0 (Apr 30, 2020)
- Updated to core 4.3.3
- Fix for crash upload (limitation by dump is present)
- RKSvc 1.3.1
New in RogueKiller 14.4.1.0 (Apr 30, 2020)
- Updated to core 4.3.2:
- Fixed pipe disconnect (retry logic)
- Fixed pipe security
- Fixed IPC cache
- Added config auto-backup/restore
- Fixed self-update task
- Fixed crash reports upload
New in RogueKiller 14.4.0.0 (Apr 1, 2020)
- Updated to core 4.3.0
- Fix for XP (libzip, openssl rebuilt)
- Added scan warnings
- Added filescanner warning on abnormally long folder scan
- Added scan warnings JSON reporting
- Size optimizations
- Removed warnings
- New advert payload
- Added some logging
- Minor fixes
New in RogueKiller 14.3.0.0 (Mar 23, 2020)
- Updated to core 4.2.0
- Libraries update (libzip / sqlite)
- New version manager (network failure proof)
- Flush DNS cache on network domain resolve error
- Fix for XP (libcurl rebuilt)
- Fixed a possible crash in PE parser (VersionInfo)
- [DocLock] Added suspicious digisig filtering => Mitigation against signed Ransomware
- [DocLock] Allowing more explorer processes
- Fixed an issue where process termination was not properly detected
- Update to rkflt 0.9.4
- Update to rksvc 1.3.0
- Update to roguekillerdll 3.2.0
- Update to roguekillerupdater 3.4.0
- Fixes for early logging
- Minor fixes
New in RogueKiller 14.2.1.0 (Feb 24, 2020)
- Updated to core 4.1.3
- Fixed url for signatures download
New in RogueKiller 14.2.0.0 (Feb 24, 2020)
- Updated libraries (openssl / libssh2 / libcurl /libyara)
- Fixed an issue in Path parser
- Update to rkflt 0.9.3
- Update to rksvc 1.2.0
- Fixed an issue where certain command lines could hang until timeout in rkflt
- Improved performances for scanning filesystem network resources
- Fixed scheduled version check
- Updated translations
New in RogueKiller 14.1.1.0 (Jan 28, 2020)
- Updated to core 4.1.1
- Service: Defer crash upload in a worker thread
- Fixed potential issue with hanging processes (including web browsers)
- Fixed EULA showing in installed mode
New in RogueKiller 14.1.0.0 (Jan 20, 2020)
- Updated to core 4.1.0
- Fixed a possible crash in Buffer module (implicitcasts)
- Fixed an issue where threat name wasn't properly parsed
- Reduced API calls frequency
- Update to rkflt 0.9.2
- Update to rksvc 1.1.0
- Fixed possible crash at exit
- DockLock: Prevent RW from rebooting
- DockLock: Prevent RW from using shadow copy removal
- DockLock: Fixed an issue where renaming whas not fully detected
- DockLock: Added RIPlace detection and blocking
- Updates libraries (jansson / cryptopp)
- Driver loading sanity check
- Added gamer mode (no notifications during full screen)
New in RogueKiller 14.0.4.0 (Jan 6, 2020)
- Fix for getting username from SYSTEM account
- Fixes for scheduler engine
- Fixed FP remediation for Proc.Svchost detections
- Fixed exclusions when path have spaces
- Minor fixes
- Added "refresh" button for custom scan paths directories tree (to use on external drives (un)plugged)
- Fixed laggy UI at startup
New in RogueKiller 14.0.3.0 (Dec 23, 2019)
- Added button to export RTP history
- Added button to export service log
- Added button to clear RTP cache
- Fixed warning about modules disabled when explicitely turned off by config
- Fixed an issue with exit warning not showing
- Updated German translation
- Updated Turkish translation
- Updated to core 4.0.4:
- Fixed Bad.Extension on Zero-filled
- Fixed heuristics in command-line scanner
- Fix for telemetry
- Fixed bad reference decrement in Yara scanner
- Fixed initialization order in worker threads
- Fixed ACLs removal in Debug module
- Fixed potential crash in Exclusions and History Events modules
- Minor fixes
New in RogueKiller 14.0.2.0 (Dec 16, 2019)
- Fixed possible crashes in logging
- Fixed an issue with processes CLI exposing pipe names (some VPN softs)
- Fixed an issue where DocLock reset was not removing old entries
- Now displaying full command line instead of process path in history/events
- Cloud upload (async) when needed
- New telemetry data
- Minor fixes
- Updated German translation
New in RogueKiller 14.0.1.0 (Dec 13, 2019)
- Updated to core 4.0.1
- Added ability to reset doclock folders to default
- Improved doclock remove all folders call
- Fixed possible crashes
- minor fixes
- Fixed an issue where self-exit displayed a warning
- Added ability to reset doclock folders to default
New in RogueKiller 14.0.16.0 (Dec 10, 2019)
- Updated to core 4.0.0
- Real Time Protection
- Malware Protection module
- Documents Protection module
- Real Time Protection settings and UI changes
- Minor fixes
New in RogueKiller 13.5.6.0 (Nov 7, 2019)
- Updated to core 3.2.16
- Fixed possible crash when exiting during a scan
- Minor fixes
New in RogueKiller 13.5.5.0 (Oct 23, 2019)
- Updated to core 3.2.15
- Fixed common folders/files ACLs
- RogueKillerDLL 2.4
- Using Restart Manager whenever possible
- Added registry setting to force debug logging
- Fixed an issue where folders were not properly quarantined and removed
- Added Critical flag manipulation before processes termination
- Fixed an issue where exclusions were not working with shortcuts
- Minor fixes
- Fixed an issue with licensing button notifications
New in RogueKiller 13.5.4.0 (Oct 14, 2019)
- Updated to core 3.2.13
- Fixed a possible deadlock and crash in scheduler/advert
New in RogueKiller 13.5.3.0 (Oct 11, 2019)
- Fixed an issue where Marketing request wasn't properly processed (notifications loop)
- UCheck engine duplicates handle
- Minor fixes
New in RogueKiller 13.5.2.0 (Oct 7, 2019)
- Updated to core 3.2.10
- Fixed an issue where advert tasks were re-added (and cleared) on network issues
New in RogueKiller 13.5.0.0 (Sep 25, 2019)
- Updated to core 3.2.8
- MalPE model 0.4
- Minor fixes
- Improved binaries replacement in installer
New in RogueKiller 13.4.4.0 (Sep 16, 2019)
- Updated to core 3.2.6
- Minor fixes
- Fix for notifications (bug: under taskbar)
- Fixed possible crash at startup
New in RogueKiller 13.4.3.0 (Aug 20, 2019)
- Fixed an issue in WinTrust (part 2)
- Fixed possible deadlock while enumerating processes
- Fixed SearchStrings method
- Signatures 20190819_114745
- Added new Scan locations
- Fixed an issue with ACLs where config files may not be properly saved
- Fixed portable_license CLI parameter
- Fixed low privilege Shell extension registration
New in RogueKiller 13.4.2.0 (Aug 10, 2019)
- Updated to core 3.2.1
- Fixed scheduler reload
- Fixed a possible deadlock in scheduler
New in RogueKiller 13.4.1.0 (Aug 8, 2019)
- Fixed an issue with Shell extension on x64
New in RogueKiller 13.4.0.0 (Aug 8, 2019)
- Fixed MalPE threshhold
- Fixed Wintrust scan (slow)
- Added signatures package integrity check
- Fixed MalPE detection name (negatives values sometimes)
- Fixed issue with Bad.Extension detection
- Added Shell extension (Explorer context menu entry)
- Added Shell extension setting
New in RogueKiller 13.3.2.0 (Jul 15, 2019)
- Updated to core 3.2.0
- Signed files are whitelisted by default
- Fixed an issue in scheduler
- MalPE V2
New in RogueKiller 13.3.1.0 (Jul 1, 2019)
New in RogueKiller 13.3.0.0 (Jul 1, 2019)
- Updated to core 3.1.0
- Fixed an issue where GetErrorMode API isn't present on XP
- New machine ID (less prone to changes on Windows install)
- Technician trial (if applicable)
- Scheduler V2
- Reviews notifications
- Better notifications
- Added Machine ID on Account page
New in RogueKiller 13.2.2.0 (Jun 10, 2019)
- Updated to core 3.0.11
- Fixed startup registration issue when laptop on battery
- Fixed warning message at startup when floppy drive exists
- Fixed file not closing after zip operations
- Added automatic updates setting
- New Automatic update system (silent with notifications and scheduler)
- Fixed last scan date (taken from config and not history)
New in RogueKiller 13.2.1.0 (May 22, 2019)
- Updated to core 3.0.10
- Fixes for scheduler (grace period)
- Added button to cleanup crash information
- New registration form
- New account form
- Fixed issue with dashboard not reflecting scan status
New in RogueKiller 13.2.0.0 (May 14, 2019)
- Updated to core 3.0.9
- Bug fixes:
- Updated signatures
- UCheck engine update
- Fix for hidden.proc
- Free users can now download signatures package automatically
New in RogueKiller 13.1.10.0 (Apr 25, 2019)
- Added notifications setting
- Updated to core 3.0.8
New in RogueKiller 13.1.9.0 (Mar 27, 2019)
- Fixed marketing notification, now won't show at startup after first time
- Updated to core 3.0.7
- Fixed crash in notifications engine
- Fixed COM initialization in real time services
- Fixed Scanner queue initialization
- MSHTA and WScript detections
- Minor Bug fixes
New in RogueKiller 13.1.8.0 (Mar 12, 2019)
New in RogueKiller 13.1.7.0 (Mar 5, 2019)
- Updated to core 3.0.5
- Fixed WebScanner mitigation
- Disabled PUM.StartMenu for RogueKiller
- Fixed Appdata scan duplicate
- Fixed LocalAppdata scan duplicate
- Fixed an issue with renewal links
New in RogueKiller 13.1.6.0 (Feb 25, 2019)
- Updated to core 3.0.4
- Added Firefox registry addons search
- Fixed registry items duplicates on scan
- Fixed translations
- Removed tray icon in portable version
- Fixed freeze on custom scan selection
- Fixed autostart minimize on Free version
- Fixed autostart initial state
- Minor fixes
New in RogueKiller 13.1.5.0 (Feb 18, 2019)
- Updated to core 3.0.3
- Added ability to read encrypted signatures packages (AV detection mitigation)
New in RogueKiller 13.1.4.0 (Jan 30, 2019)
- Updated to core 3.0.2
- Fixed a crash in ZIP module
- Fixed an issue in Folder creation (preventing creating working directory when executing from non system drive)
- Now VT.Unknown is not treated as a threat anymore
- Now updater runs installer with /silent
- Updated shop links to use download API
- Updated marketing notification from every 1 hour to every 3 hours
New in RogueKiller 13.1.3.0 (Jan 24, 2019)
- Improvment: Installer now kills existing processes before replacing the files
- Fixed: Support form not sending proper Program name
- Updated: Signatures, package 20190121
- Improvment: Pricing table is clearer
- Improvment: Exit button icon
- Fixed: Renewal link for FR
New in RogueKiller 13.1.2.0 (Jan 23, 2019)
- Fixed: Translations (French, Spanish, German)
- Fixed: notifications showing under taskbar in certain conditions
- Refactored notifications (removed useless ones)
- Added marketing table (easier to understand Premium features and differences with Free version)
- Hiding filters in report view (useless for RogueKiller)
New in RogueKiller 13.1.1.0 (Jan 22, 2019)
- Updated to core 3.0.1
- Fixed: a crash in PE parser when file is driver protected
- Fixed: renewal link for Technician
- New: Added better notifications
- Fixed: Translations (French, Spanish, German)
- Fixed: Custom filesytem locations selection
- Fixed: Notifications on multiple monitors
New in RogueKiller 13.1.0.0 (Jan 21, 2019)
- Updated to core 3.0.0
- Ability to download signatures from YED server
- Now using Scheduled task to run as admin at startup
- Now ignoring excluded items from scanner
- New: Added Scheduled scans (Premium)
- New: Added Automatic signatures updates from adlice.com YED server (Premium)
- New: Added Manual signatures packages loading
- New: Added setting to run at startup
- New: Added exclusions settings and option
New in RogueKiller 13.0.22.0 (Jan 15, 2019)
- Added service detection by name
- Added signatures
New in RogueKiller 13.0.21.0 (Jan 7, 2019)
- Improved support for high DPI screens (V2)
- Added signature
- Added support for .lic file (registration)
New in RogueKiller 13.0.20.0 (Dec 31, 2018)
- Updated to core 2.2.2
- Fixed an issue with installer and updater/DLL - Part 2
- Fixed possible crash on File IO operations
New in RogueKiller 13.0.19.0 (Dec 26, 2018)
- Updated to core 2.2.1
- Fixed an issue with installer and updater/DLL
New in RogueKiller 13.0.18.0 (Dec 24, 2018)
- Added signatures
- Updated to core 2.2.0
- Added link to threat page on Quarantine items
- Added buttons to quarantine / report page
- Fixed multiple dates
- Added dashboard shortcuts
- Minor themes fixes
- Improved support for high DPI screens (V2)
New in RogueKiller 13.0.17.0 (Dec 17, 2018)
- Added signatures
- Updated to core 2.1.0
New in RogueKiller 13.0.16.0 (Dec 10, 2018)
New in RogueKiller 13.0.15.0 (Dec 4, 2018)
- Updated to core 2.0.25
- Fixed a issue in Filescanner where LNK arguments were not expanded for variable environment
- Added signatures
New in RogueKiller 13.0.14.0 (Nov 28, 2018)
- Updated to core 2.0.24
- Fixed a crash in scanner engine when scanning a file locked by driver
New in RogueKiller 13.0.13.0 (Nov 26, 2018)
New in RogueKiller 13.0.12.0 (Nov 22, 2018)
- Updated to core 2.0.23
- Fixed an issue in Curl, leading to download aborts on file sharing issue
- Improved Curl file download, now retaining file handle on write (Windows Defender slow download fix)
- Added UCheck mini-scan setting (Premium)
- Improved support for high DPI screens
New in RogueKiller 13.0.11.0 (Nov 19, 2018)
- Updated to core 2.0.22
- Added UCheck mini-scan
- Added Registry heuristic scanner
- Added signatures
New in RogueKiller 13.0.10.0 (Nov 15, 2018)
- Updated to core 2.0.21
- Fixed an issue in the path parser
- Minor fixes and enhancements
- Added signatures
New in RogueKiller 13.0.9.0 (Nov 12, 2018)
- Updated to core 2.0.20
- Added German translation
- Minor fixes and enhancements
New in RogueKiller 13.0.6.0 (Nov 2, 2018)
- Fixed a potential crash in VirusTotal engine
- Updated to core 2.0.16
New in RogueKiller 13.0.5.0 (Nov 1, 2018)
- Minor fixes
- Updated to core 2.0.15
New in RogueKiller 13.0.4.0 (Oct 31, 2018)
- Fixed a crash in Unzip engine
- Fixed a crash that occured at startup with Agent enabled
- Fixed installer UUID (reverted to RK12 UUID)
- Fixed telemetry setting
- Fixed premium settings
- Updated to core 2.0.14
- Added: Activations manager screen (List/Remove)
New in RogueKiller 13.0.3.0 (Oct 30, 2018)
- First official release
- Added signatures
New in RogueKiller 13.0.2.0 (Oct 30, 2018)
- Added Comments and Forum Url fields for CloudRemoval
- Updated scan rules
- Updated CloudRemoval payload
- Updated to core 2.0.13
- Updater 3.1 (fixes an issue in Config file readonly)
- RKDLL 2.2 (fixes an issue in Config file readonly)
- Added detections
New in RogueKiller 13.0.1.0 (Oct 30, 2018)
- Update to core 2.0.12
- Fixed minor bugs
New in RogueKiller 13.0.0.0 (Oct 30, 2018)
- Update to core 2.0.11
- Fixed minor bugs
New in RogueKiller 12.13.1.0 (Sep 17, 2018)
New in RogueKiller 12.13.0.0 (Sep 11, 2018)
- Fixed a critical memory leak in core (buffer)
- Added detections
New in RogueKiller 12.12.34.0 (Sep 4, 2018)
New in RogueKiller 12.12.33.0 (Aug 27, 2018)
New in RogueKiller 12.12.30.0 (Aug 6, 2018)
New in RogueKiller 12.12.29.0 (Jul 31, 2018)
New in RogueKiller 12.12.28.0 (Jul 24, 2018)
New in RogueKiller 12.12.27.0 (Jul 19, 2018)
New in RogueKiller 12.12.26.0 (Jul 9, 2018)
New in RogueKiller 12.12.25.0 (Jul 2, 2018)
New in RogueKiller 12.12.23.0 (Jun 19, 2018)
- Fixed a crash in Curl module
- Fixed Win32 API usage that broke XP compatibility
New in RogueKiller 12.12.22.0 (Jun 18, 2018)
New in RogueKiller 12.12.21.0 (Jun 11, 2018)
New in RogueKiller 12.12.20.0 (Jun 4, 2018)
New in RogueKiller 12.12.19.0 (May 28, 2018)
New in RogueKiller 12.12.18.0 (May 22, 2018)
New in RogueKiller 12.12.17.0 (May 14, 2018)
New in RogueKiller 12.12.16.0 (May 4, 2018)
New in RogueKiller 12.12.15.0 (Apr 30, 2018)
New in RogueKiller 12.12.14.0 (Apr 23, 2018)
New in RogueKiller 12.12.13.0 (Apr 16, 2018)
New in RogueKiller 12.12.12.0 (Apr 9, 2018)
New in RogueKiller 12.12.11.0 (Apr 3, 2018)
New in RogueKiller 12.12.10.0 (Mar 26, 2018)
New in RogueKiller 12.12.9.0 (Mar 19, 2018)
- Added detections
- Update Korean translation
New in RogueKiller 12.12.8.0 (Mar 12, 2018)
New in RogueKiller 12.12.7.0 (Mar 5, 2018)
New in RogueKiller 12.12.6.0 (Feb 26, 2018)
New in RogueKiller 12.12.5.0 (Feb 19, 2018)
New in RogueKiller 12.12.4.0 (Feb 12, 2018)
New in RogueKiller 12.12.2.0 (Jan 29, 2018)
New in RogueKiller 12.12.1.0 (Jan 22, 2018)
- Fixed possible crash in PE parser
- Added detections
New in RogueKiller 12.12.0.0 (Jan 15, 2018)
- Fixed possible hang while processing file MD5
- Fixed Chrome extension removal
- Fixed Chrome configuration removal
- Added detections
New in RogueKiller 12.11.30.0 (Dec 27, 2017)
New in RogueKiller 12.11.29.0 (Dec 27, 2017)
- Added detections
- Fixed Windows Defender FP
New in RogueKiller 12.11.28.0 (Dec 11, 2017)
New in RogueKiller 12.11.27.0 (Dec 4, 2017)
- Fixed potential issue with "device not found, insert disk" messages
- Added detections
New in RogueKiller 12.11.26.0 (Nov 27, 2017)
New in RogueKiller 12.11.24.0 (Nov 13, 2017)
New in RogueKiller 12.11.232.0 (Nov 6, 2017)
New in RogueKiller 12.11.22.0 (Oct 30, 2017)
New in RogueKiller 12.11.21.0 (Oct 23, 2017)
- Added detections
- Updated translations
- Fixed a bug in JSON export
New in RogueKiller 12.11.21.0 (Oct 23, 2017)
- Added detections
- Updated translations
- Fixed a bug in JSON export
New in RogueKiller 12.11.19.0 (Oct 9, 2017)
New in RogueKiller 12.11.17.0 (Sep 25, 2017)
- Added detections
- Updated translations
New in RogueKiller 12.11.16.0 (Sep 18, 2017)
New in RogueKiller 12.11.13.0 (Sep 11, 2017)
- Added detections
- Added msiexec handler to pathparser
New in RogueKiller 12.11.12.0 (Aug 28, 2017)
New in RogueKiller 12.11.12.0 (Aug 28, 2017)
New in RogueKiller 12.11.11.0 (Aug 21, 2017)
- Added detections
- Dutch translation update
New in RogueKiller 12.11.10.0 (Aug 14, 2017)
- Added detections
- Fixed issue with uploader (please note this will apply to next update)
New in RogueKiller 12.11.9.0 (Aug 3, 2017)
- Added detections
- Fixed POST requests with proxy
- Fixed Upload timeout (crash upload/support form)
New in RogueKiller 12.11.8.0 (Jul 25, 2017)
- Fixed proxy persitence in Free mode
- Fixed a bug in MalPE
- Added detections
- Updated translations
New in RogueKiller 12.11.7.0 (Jul 17, 2017)
- Added detections
- Added Proxy configuration
New in RogueKiller 12.11.6.0 (Jul 10, 2017)
New in RogueKiller 12.11.5.0 (Jul 3, 2017)
New in RogueKiller 12.11.4.0 (Jun 26, 2017)
- https://virustotal.com/en/file/826281aca401f2c5ec90e261e02c9ad55f5e8376c0468b9e6a85c21b219d1c04/analysis/1498479619/
New in RogueKiller 12.11.3.0 (Jun 19, 2017)
- Added detections
- Minor fixes
New in RogueKiller 12.11.2.0 (Jun 12, 2017)
New in RogueKiller 12.11.1.0 (Jun 5, 2017)
- Added detections
- Fixed possible bug in MalPE scanner
- Forced VT mitigation for MalPE scanner to avoid FPs
New in RogueKiller 12.11.00.0 (May 29, 2017)
- Added detections
- NEW! MalPE module (BETA)
- NEW! RogueKillerAdmin V2 compatible
- DEPRECATED: RogueKillerAdmin V1
New in RogueKiller 12.10.10.0 (May 22, 2017)
New in RogueKiller 12.10.9.0 (May 15, 2017)
New in RogueKiller 12.10.8.0 (May 8, 2017)
- Added detections
- Fixed a bug in settings where Offline registry setting wasn't saved
New in RogueKiller 12.10.7.0 (May 2, 2017)
- Added detections
- Fixed a possible crash in COM module
- Fixed a possible crash in Path parser
New in RogueKiller 12.10.6.0 (Apr 24, 2017)
- Added detections
- Updated translations
New in RogueKiller 12.10.4.0 (Apr 10, 2017)
New in RogueKiller 12.10.3.0 (Apr 3, 2017)
New in RogueKiller 12.10.2.0 (Mar 27, 2017)
New in RogueKiller 12.10.1.0 (Mar 21, 2017)
New in RogueKiller 12.10.0.0 (Mar 14, 2017)
- Added detections
- Now using common translations
- Fixed UI error where the "Pause" button was not reset after a scan
- Fixed a bug in the MBR scan
- Fixed minor bugs
New in RogueKiller 12.9.9.0 (Feb 27, 2017)
- Added detections
- Added warning when no element is selected prior to removal
- Fixed a bug in detection labels
- Fixed a bug in VT module
New in RogueKiller 12.9.8.0 (Feb 21, 2017)
New in RogueKiller 12.9.7.0 (Feb 6, 2017)
- Added detections
- Updated translations
New in RogueKiller 12.9.6.0 (Jan 30, 2017)
New in RogueKiller 12.9.5.0 (Jan 23, 2017)
New in RogueKiller 12.9.4.0 (Jan 17, 2017)
- Fixed FP on Mozilla Maintenance Service
New in RogueKiller 12.9.3.0 (Jan 16, 2017)
- Added detections
- Fixed licensing machine ID
New in RogueKiller 12.9.2.0 (Jan 9, 2017)
- Added detections
- Fixed critical bug in File module leading to a crash when scanning big files (> 2GB)
New in RogueKiller 12.9.1.0 (Jan 2, 2017)
- Added detections
- Various fixes
New in RogueKiller 12.9.0.0 (Dec 26, 2016)
- Added detections
- Signatures reorganization with YaraEditor database
- Donation text rewording
- Fixed big files scan
- Switched Yara fast mode ON
- Fixed tasks working dir recognition
New in RogueKiller 12.8.6.0 (Dec 19, 2016)
New in RogueKiller 12.8.5.0 (Dec 12, 2016)
New in RogueKiller 12.8.4.0 (Dec 5, 2016)
- Added detections
- RogueKillerDLL 1.0.3
- Fixed a bug in licensing, where it was impossible to remove license if about to expire
New in RogueKiller 12.8.3 (Nov 28, 2016)
New in RogueKiller 12.8.2 (Nov 28, 2016)
- Added detections
- Updated translations
New in RogueKiller 12.8.1 (Nov 28, 2016)
- Added detections
- Fixed update page translations
- Fixed eula page translations
- Fixed machine identification method
New in RogueKiller 12.8.0 (Nov 28, 2016)
- Added detections
- NEW! Chrome configuration scanner
- Added Print Providers scanner
New in RogueKiller 12.6.4.0 (Sep 26, 2016)
- Added detections
- Fixed a bug in LNK cleanup
- Added powershell path parser
New in RogueKiller 12.6.3.0 (Sep 19, 2016)
- Added detections
- NEW! Firewall rules scanner
New in RogueKiller 12.6.2.0 (Sep 12, 2016)
- Added detections
- Fixed a bug in LNK cleanup
- Added powershell path parser
New in RogueKiller 12.6.1.0 (Sep 7, 2016)
- Fixed missing resources (leading to a crash)
New in RogueKiller 12.6.0.0 (Sep 5, 2016)
- Added detections
- Updated translations
- Fixed a bug where patched files were not fixed on removal
- Added warning when license is expired or about to expire
- NEW! WMI Scanner
New in RogueKiller 12.5.2.0 (Aug 29, 2016)
- Added detections
- Updated translations
New in RogueKiller 12.5.1.0 (Aug 29, 2016)
- Fixed a bug in Yara module
New in RogueKiller 12.5.0.0 (Aug 22, 2016)
- Added detections
- Added file exclusion for forged files
- Fixed a bug where big files were detected as VT.Unknown
- Updated scanner to use Yara 3.5: https://github.com/VirusTotal/yara/releases/tag/v3.5.0
- Fixed (Yara 3.5): Processes scan doesn't use all memory/cpu
- Improvements (Yara 3.5): Scan is faster
New in RogueKiller 12.4.4.0 (Aug 16, 2016)
- Added detections
- Updated translations
New in RogueKiller 12.4.3.0 (Aug 16, 2016)
New in RogueKiller 12.4.2.0 (Aug 1, 2016)
New in RogueKiller 12.4.1.0 (Jul 28, 2016)
- Added detections
- Shortcuts scanner now cleans them instead of removing
New in RogueKiller 12.4.0.0 (Jul 18, 2016)
- Added detections
- Added Feed fallback (no more blank thing when website is slow)
- Added Shortcuts scanner
- Added Tasks scanner (by name/path)
- Updated translations
- Moved IRP scan to expert mode
- Fixed a bug where LNK pointed by tasks where not resolved
- Added registry Classes scanner
- (Premium) Added -noremove switch, to ignore detections
New in RogueKiller 12.3.8.0 (Jul 11, 2016)
- Added detections
- New feed version, with licensing filtering
- Registry scanner enhancement: Now stops the service before removing a service key
- Fixed a bug where Processes files were marked as missing
- Fixed VT score display
New in RogueKiller 12.3.7.0 (Jul 4, 2016)
- Added detections
- Updated internal links
- Updated translations
New in RogueKiller 12.3.6.0 (Jun 27, 2016)
- Fixed a bug leading to app being quit when a message is closed while in tray.
- Now displaying warnings on "Expert settings" turned on.
New in RogueKiller 12.3.5.0 (Jun 22, 2016)
- Fixed all links, now using a file provider API.
New in RogueKiller 12.3.4.0 (Jun 20, 2016)
- Added folder children exclusion scanner rule
- Signatures normlization
- Fixed a bug leading to hosts file not being scanned
New in RogueKiller 12.3.3.0 (Jun 13, 2016)
- Added detections
- Updated translations
- Fixed a bug where HTML reports were'nt readable on Chrome
New in RogueKiller 12.3.2.0 (Jun 6, 2016)
- Fixed possible crash on Intel files scan
- Refactor of marketing page
- Fixed a bug in VirusTotal upload leading to files not being sent for analysis
- Minor UI improvments
New in RogueKiller 12.3.1.0 (May 30, 2016)
- Added detections
- Updated translations
New in RogueKiller 12.3.0.0 (May 23, 2016)
- NEW! (Premium) Themes
- NEW! Clear theme
- NEW! Naked theme
- NEW! Dark theme
- Modified stats payload
- Update form: Now displays a warning when Updater is not present
- Update form: Now opens direct link to setup for Premium user in case Updater not present
New in RogueKiller 12.2.1.0 (May 16, 2016)
- Added detections
- Fixed transfer progress reset
- Updated translations
- Fixed UI hangs bug in old GUI
New in RogueKiller 12.2.0.0 (May 10, 2016)
- Added detections
- Updated translations
- Fixed a bug preventing from starting the scan on machines with 1 CPU
- Added a Quit button (useful when you want to skip close to tray)
- Fixed links in About tab
- Fixed check for updates (was not showing outdated when update arrives after the program is started)
New in RogueKiller 12.1.6.0 (May 9, 2016)
- Added detections
- Updated translations
- Improvement of path parsing module, added "cmd start x" method.
New in RogueKiller 12.1.5.0 (May 3, 2016)
- Added detections
- Update form now shows changelog
- Fixed RKAdmin link in updater
New in RogueKiller 12.1.4.0 (Apr 25, 2016)
- Added detections
- Fixed forged files dump to VT
- Now displays a warning when using wrong bits version
- Now shows GeoIP results
- Fixed an issue in updater where RogueKillerCMD wasn't recognized
New in RogueKiller 12.1.3.0 (Apr 18, 2016)
- Fixed default check state in installer
- Fixed a bug that allowed check state modification of non-removable items
- Updater now uses cloud link
- Feed now uses cloud link
- Fixed a bug in GeoIP module
- Fixed a potential crash in MBR reading
New in RogueKiller 12.1.2.0 (Apr 11, 2016)
- Added detections
- Updated translations
New in RogueKiller 12.1.1.0 (Apr 4, 2016)
- Added detections
- Updated translations
- Now file replacements are made with sfc.exe on Vista+
- Added button to remove trial
- Fixed a bug in Chrome scanner preventing the scan from starting
New in RogueKiller 12.1.0.0 (Mar 29, 2016)
- Added detections
- NEW! Tools menu
- NEW! Hosts File Tools menu (Premium)
- Updated translations
- Fixed a bug in context menu actions
New in RogueKiller 12.0.3.0 (Mar 21, 2016)
- Added detections
- Added indonesian language
- Added more translators names
- Fixed a bug in AutoStart/AutoDelete
- Fixed a bug preventing to quit on Update
- Added a link to Lost license form
New in RogueKiller 12.0.2.0 (Mar 14, 2016)
- Added detections
- Added crash dump form
- Fixed a bug that showed steps not supposed to run
- Updated translations / Fixed typos
- Added Data column in scan results
- Fixed Autoscan
- Fixed Autoremove
- Now scan progress live detection shows in red when an item is detected
- Fixed a bug that led to driver state being wrong in reports
New in RogueKiller 12.0.1.0 (Mar 7, 2016)
- New user interface
- Added detections
New in RogueKiller 11.0.14.0 (Feb 29, 2016)
- introducing expert mode
- moved IAT scanning into expert mode
New in RogueKiller 11.0.13.0 (Feb 22, 2016)
- moved signatures loading at the beginning of the scan
- core preparation for V12
- Added detections
New in RogueKiller 11.0.12.0 (Feb 15, 2016)
- Added detections
- Fixed a bug in Files module
- Fixed a bug in Web module
New in RogueKiller 11.0.11.0 (Feb 8, 2016)
New in RogueKiller 11.0.10.0 (Feb 1, 2016)
- Added detections
- Updated translations
New in RogueKiller 11.0.9.0 (Jan 25, 2016)
- Added detections
- Updater 2.1
- Updater can now serves installable version
- Updater can now skip licensing page if already registered
New in RogueKiller 11.0.8.0 (Jan 19, 2016)
- Added detections
- TrueSight v2.0.2 (fixed digital certificate for SHA1)
- Added Turkish language
- Updated translations
New in RogueKiller 11.0.7.0 (Jan 11, 2016)
- Added detections
- Added ADS whitelisting/blacklisting
New in RogueKiller 11.0.6.0 (Jan 4, 2016)
- Added detections
- Using new licensing API
New in RogueKiller 11.0.5.0 (Dec 28, 2015)
- Added detections
- Now setup will verify license key when entered
New in RogueKiller 11.0.4.0 (Dec 21, 2015)
New in RogueKiller 11.0.3.0 (Dec 14, 2015)
- Added detections
- Added translations in setup
- Updated translations
New in RogueKiller 11.0.2.0 (Dec 7, 2015)
- Fixed a bug in Buffer search
New in RogueKiller 11.0.1.0 (Dec 7, 2015)
- Added detections
- Fixed a possible bug in scanner
- Fixed a possible issue in COM module
New in RogueKiller 11.0.0.0 (Nov 30, 2015)
- Added rating link in marketing window
- Now detects ADS (Alternate Data Streams)
- Qt 5.5
- Moved Prescan into Scan
- Now IAT scan is able to scan Microsoft Edge
- Better hooks report for kernel hooks
- Truesight v2
- Now kernel hooks are scanned on userland
New in RogueKiller 10.11.7.0 (Nov 23, 2015)
- Added detections
- Fixed a possible hang issue on HTTP calls (timeout broken)
- setup improvements, ability to deploy both version (32/64 bits)
- setup improvements, banner and translations
- fixed a possible crash in junctions data parsing
New in RogueKiller 10.11.6.0 (Nov 16, 2015)
- Added detections
- Fixed a bug that closed the app when closing child window when minimized in tray
- added -reportpath command line parameter
- UI tweaks
New in RogueKiller 10.11.5.0 (Nov 9, 2015)
New in RogueKiller 10.11.4.0 (Nov 2, 2015)
- Added detections
- Fixed a bug in licensing engine, leading to a lost of configuration sometimes.
- Fixed a bug in processes module where main module was not good
- Fixed a bug in processes module where Updater was crashing if a very long command line was passed
New in RogueKiller 10.11.3.0 (Oct 26, 2015)
- Added detections
- Added warning when driver is not loaded
- Fixed Microsoft Security Client as legit parent for svchost
- (Premium) Added Premium label in reports
- Updated translations
- (Premium) Added information for external scanner (tab in settings)
- (Premium) Now application closes in tray and persist
- (Premium) Now able to start a scan from the tray icon
- Fixed a bug where services/windows were not scanned
- Fixed a bug where filesystem was not properly scanned
New in RogueKiller 11.0.0.0 Beta 5 (Oct 20, 2015)
- Rewritten all kernel code. From scratch.
- Kernel Hooks detections are now made on userland side, in common with IAT hooks detection. Easier to maintain, more efficient.
- Minified amount of code on Kernel side for safier code.
- Driver is now aware of Windows 8/8.1/10.
New in RogueKiller 10.11.2.0 (Oct 20, 2015)
- Fixed a crash in Buffer module
- Moved rebranding to Premium Technician
New in RogueKiller 10.11.1.0 (Oct 19, 2015)
- Added detections
- Moved rebranding to Premium documented features
- Fixed an issue with IAT scan progress (progress reset after process scan)
- Updated translations
- NEW! (Premium Technician) Added an option to limit time validity of portable config files
- Improved performance of filesystem scanner (scan is now much faster)
- Whitelisted Chrome sandbox IAT hooks
- Added timeout for file shortcut resolution (improves performance of filesystem scanner)
New in RogueKiller 10.11.0.0 (Oct 12, 2015)
- Added detections
- Added filter on VirusTotal internal submit (no user file)
- Improved shellcode module detection in inline hooks module
- Fixed memory growth while scanning filesystem
- IAT scan is now much faster because only scanning windows DLLs table
- Table-based hooks have cleaner display in logs (module!export)
- Fixed a bug in modules enumeration on 64 bits
- Excluded wow64cpu enter from inline hooks detection
- Now inline hooks architecture detection relies on import module architecture instead of process
- RogueKillerCMD: Added -dont_ask switch (to eliminate all user interactions and use default actions)
New in RogueKiller 10.10.9.0 (Oct 5, 2015)
- Fixed bug in Disk module
- Fixed bug in IAT parser
New in RogueKiller 10.10.8.0 (Oct 5, 2015)
- Added detections
- Now Updater restarts application using same command line parameters
New in RogueKiller 10.10.7.0 (Sep 28, 2015)
New in RogueKiller 10.10.6.0 (Sep 21, 2015)
- Fixed bug in Disk module
- New social icons
- RogueKillerCMD: Added build number, licensing state
New in RogueKiller 10.10.5.0 (Sep 14, 2015)
New in RogueKiller 10.10.4.0 (Sep 4, 2015)
- Added detections
- Updated links
- (Premium) Added notification when license is about to expire
- Fixed bug in Disks module
New in RogueKiller 10.10.3.0 (Aug 31, 2015)
- Added detections
- Now all legit antirootkit entries are hidden
- fixed a bug in Process module
- internal reorganization
New in RogueKiller 10.10.2.0 (Aug 24, 2015)
- Added Detections
- NEW! Added Processes list to json report
- NEW! (Premium) Added -vtupload yes/no command line parameter
- Updated EULA to reflect licensing terms
- Updated translations
- Added help button in "?" menu
- Fixed way of reading disk serial
- Fixed a bug in VT scanner
New in RogueKiller 10.10.1.0 (Aug 17, 2015)
- Added detections
- (Premium) Added message when Updater is not present and program is outdated
- Updated translations
- Added link to public Trello board
- Added version check in about form
- NEW! VirusTotal choice for upload
- NEW! (Premium) VirusTotal choice setting
- Fixed automatic updates when Updater is not present
- NEW! EULA will show up again if a new version is present
- Extended injection signature search to 4 sections (instead of 1), to better identify injection code.
- Now infection urls for antirootkit point to non technical posts
- Resized main and about forms
- (Premium) Added more information in licensing server check
- (Premium) Prepared for annual subscription switch
New in RogueKiller 10.10.0.0 (Aug 11, 2015)
- Added detections
- Compatibility with Windows10
- Added error message when key has wrong pattern
- Updated translations
- NEW! File Scanner is more aggressive, and will search in a lot more locations
- Fixed a bug in honey module
- Fixed a bug in logging module
New in RogueKiller 10.9.4.0 (Jul 30, 2015)
- Added detections
- Fixed file scan when path contains unicode characters
- Fixed offline licensing issue (License was not recognized when no internet available). Now once registered (with internet on) it works offline.
- NEW! (Premium) Tray icon phase 1.
New in RogueKiller 10.9.3.0 (Jul 21, 2015)
- Fixed a crash when scanning Digital Certificate of some files
- Fixed a FP when LNK files have unicode characters in path (OneNote 2010 - Capture d’écran et lancement.lnk)
New in RogueKiller 10.9.2.0 (Jul 20, 2015)
- Added detections
- NEW! HTML reports
- NEW! HTML Open button
- NEW! TXT Open button
- NEW! HTML log setting + command line parameter
- Fixed timeout for Curl operations (max 5 seconds)
- NEW! signature database is now pre-compiled, will load much faster
- Updated Yara engine to 3.4
- Refactored Digisig engine, better performances
- Added more information in Json log for killed processes
- Fixed a bug where x64 processes names are not found when using x86 version
- Fixed path whitelist priority on VT blacklist (processes scanner)
- Updated translations
- Fixed an issue where Floppy drives become very noisy during scan
New in RogueKiller 10.9.1.0 (Jul 9, 2015)
- Added detections
- NEW! Added Open Text button in Json log viewer.
- NEW! Korean language
- Updated translations
- Fixed Scan randomly performed.
- NEW! Command line parameter: -reportformat [txt|json]
- NEW! Report format setting
- Merged Txt report generation with Txt export
New in RogueKiller 10.9.0.0 (Jul 6, 2015)
- Separate database for RogueKillerCMD / Updater
- NEW! Updater is now generic (cannot be used by double click anymore, takes command line)
- NEW! RogueKillerCMD can now use automatic updates
- NEW! RogueKillerCMD has now a version check
- NEW! RogueKiller has now accessibility (JAWS compatibility)
- Added detections
- -autodelete implicit has been removed from -hide
- Fixed a bug in RogueKillerCMD where command line isn't handled correctly
- NEW! RogueKiller now uses JSON as root format for reporting
- NEW! RogueKiller can open JSON logs into a new window
- NEW! JSON logs can be exported in RAW text format
- Updated translations
- NEW! setup now embeds RogueKillerCMD
- Fixed a bug in tasks scanner
- Fixed certificate timestamp
New in RogueKiller 10.8.7.0 (Jun 29, 2015)
- Removed AV.Killer definition (too many FPs)
- Fixed a bug in mstring module, leading to infinite loop in certain circumstances
- Now tasks scanner scans arguments too
- Added detections
New in RogueKiller 10.8.6.0 (Jun 22, 2015)
- Adjusted AV.Killer definition
New in RogueKiller 10.8.5.0 (Jun 22, 2015)
- Added detections
- NEW! External Scanner
- Fixed a bug in Process Scanner
- Fixed a bug in File Search
- Fixed a bug in Registry Scanner
- Now process paths are expanded
- Fixed a bug in VT module
- Fixed a bug in -autoscan
New in RogueKiller 10.8.4.0 (Jun 16, 2015)
- Added Skype to exclusions for RunPE detections
New in RogueKiller 10.8.3.0 (Jun 15, 2015)
- Added detections
- NEW! RunPE heuristic detection
- (Premium) Removed Paypal/Premium images
- Refactored settings form
- NEW! (Premium) - autoupdate command line parameter + setting
- Updated translations
- Fixed a bug in VT module
- Fixed a bug in WebServer (Not starting sometimes)
New in RogueKiller 10.8.2.0 (Jun 9, 2015)
- Using Licensing 2.0
- Added detections
New in RogueKiller 10.8.1.0 (Jun 3, 2015)
- Fixed a bug in Licensing
- Fixed a bug in VirusTotal module
- Now portable license generated file is read-only
- Added GUI indicators when using portable license
- Added detections
- Extension checker optimizations
New in RogueKiller 10.8.0.0 (Jun 1, 2015)
- Updated database
- Fixed a bug in reporting
- Disabled PUM.DesktopIcons (too confusing, and not critical)
- Disabled PUM.Orphan (too confusing, not critical)
- Better unit testing
- Initialization optimizations
- Updated translations
- NEW! (Premium) Web service
- NEW! Web service /info url (get version info)
- NEW! Web service /scan/new url (start new scan)
- NEW! Web service /scan/status url (get scan status)
- NEW! Web service /report/last url (get last report)
- NEW! (Premium) -pupismalware command line parameter + setting
- NEW! (Premium) -pumismalware command line parameter + setting
- Reverted portable fixed location in rk_config.ini
- Fixed error message when too many instances
- Setup now adds RogueKiller bin folder to %PATH%
- Updated userland certificate
- NEW! Promotional nag.
New in RogueKiller 10.7.0.0 (May 25, 2015)
- New configuration module, not compatible with old one. Able to use read-only medium for portable license.
- NEW! no more rk_config.ini for technician license.
- NEW! command line parameter: -portable-license
- Updated languages
New in RogueKiller 10.6.5.0 (May 20, 2015)
- Fixed a bug with KnownDLLs detection when value name starts with underscore (_)
New in RogueKiller 10.6.4.0 (May 18, 2015)
- NEW! Preferred language is now saved
- Added detections
- Fixed processes scan aggressiveness
- NEW! Logo can now be rebranded
- Fixed a bug in Extensions Checked
- Fixed a bug in CLSID scanner
- Fixed Orphan detection level + vendor name => PUM.Orphan
- Fixed License fallback state
- Added new autostart locations
- Added Transfert progressbar
New in RogueKiller 10.6.3.0 (May 18, 2015)
- Added detections
- Fixed a bug in File Search module
- Increased feed rotation time
- Better UI information
- Deactivated VT IP scan (too many FPs)
New in RogueKiller 10.6.2.0 (May 4, 2015)
- NEW! Breaking news banner
- External libs update + optimizations (Zlib, SQLite, udis86)
- Fixed a bug in Tab navigation
New in RogueKiller 10.6.1.0 (Apr 27, 2015)
- Now VT file scan has minimum/maximum size
- Refactored PUP/PUM classification to be clearer and more consistent
- Fixed VT file scanner scanning LNK files instead of target
- Now VT unknown s classified as PUP
- Now VT cache has outdated date (fixed to 5 days)
- Now VT scanner rescans pending items at initialization
- Added detections
New in RogueKiller 10.6.0.0 (Apr 20, 2015)
- Added detections
- Moved version check before Prescan
- Fixed a bug in IAT scanner, where call stack was not recorded correctly
- Fixed a bug in IAT scanner, where unknown module was not displayed
- Fixed a bug in RogueKiller OLD GUI, where config file was not read properly
- Fixed ShowLegitHooks command/setting
- Fixed slow UI when a lot of entries are added to a table
- Fixed a bad items insertion when sorting was enabled
- Fixed a bug in MBR (GPT) module
- Fixed missing Premium info when internet access is broken
- Fixed a bug in libcurl library (X64)
- Added new method to detect IAT inline hooks
- New:
- VT Scan on registry, tasks, files, mbr, web browsers and antirootkit scans.
- VT scan no more in beta
- VT scan now scans all processes
- VT scan has local caching
New in RogueKiller 10.5.10.0 (Apr 14, 2015)
- Added detections
- Now can register Premium with command line parameter: -register
- Now displays remaining activations for Premium
- All communications are now using SSL (HTTPS)
- RogueKillerCMD: Added better colors
- RogueKillerCMD: Now can recognize RogueKiller's command line parameters
New in RogueKiller 10.5.9.0 (Apr 7, 2015)
- Added detections
- Now logs are sorted by date
- Now can attach last log even if a scan was not performed in the same session
- Fixed a bug where registration form cannot upload last report
- Removed Post Delete message asking for Premium buying when a user is already registered
- Now file scanner shows unscanned files (for progression), so that software doesn't give an impress of being stuck
New in RogueKiller 10.5.8.0 (Mar 30, 2015)
- Added detections
- Fixed a bug where config isn't reset after removing the license.
- Fixed NoPop configuration bug
- Added all command line parameters in Settings
- Updated translations
- Now registration Id/Key are trimmed to avoid copying/writing spaces before/after them (and have wrong key error message)
- Fixed updater now recognizing License on Windows 8 (now needs admin rights to be launched).
- Updated EULA to reflect VirusTotal integration rules.
New in RogueKiller 10.5.7.0 (Mar 23, 2015)
- Fixed a crash when starting the application
New in RogueKiller 10.5.6.0 (Mar 23, 2015)
- Added detections
- Fixed bug forbidding technician licenses to use command line
- Added Persian translation
- Fixed a possible hang on service termination
- Added progress text on progressbar during the scan
- NEW! VT scan on Processes (beta, only premium, disabled by default)
- NEW! VT scan on Services (beta, only premium, disabled by default)
- RogueKillerCMD : removed tutorial opening in case of an infection
New in RogueKiller 10.5.5.0 (Mar 16, 2015)
- Added detections
- PREMIUM: Added more settings options
- Unhidden premium options, added Nag message
- Updated translations
- Moved Scan choices to settings
New in RogueKiller 10.5.4.0 (Mar 12, 2015)
- Added detections
- Added credits for translators (About)
- Now service scanner is aware of ServiceDll path
- Updated translations
- Now Premium registration email is trimmed (remove spaces before and after the email)
New in RogueKiller 10.5.3.0 (Mar 10, 2015)
- Fixed a bug in Path module where all shortened path were not properly expanded (Ex: LogMe~ => LogMeIn Rescue Applet)
New in RogueKiller 10.5.2.0 (Mar 9, 2015)
- PREMIUM: Technician License can now use portable config file
- Added Premium logo
- Fixed a bug when opening website
New in RogueKiller 10.5.1.0 (Mar 5, 2015)
- Using new licensing system
- Added detections
New in RogueKiller 10.5.0.0 (Mar 2, 2015)
- NEW! Now RogueKiller is available with an installer
- PREMIUM: Separate updater
- PREMIUM: Trial of 30 days per machine
- Added detections
- Fixed a crash in jansson library
New in RogueKiller 10.4.3.0 (Feb 23, 2015)
New in RogueKiller 10.4.2.0 (Feb 23, 2015)
New in RogueKiller 10.4.1.0 (Feb 19, 2015)
New in RogueKiller 10.4.0.0 (Feb 18, 2015)
- Uniformization of whitelists/blacklists (we dropped a lot of detections, this can lead to false positives... but they will be fixed as people report them)
- Fixed a bug in LNK signature detection
- Fixed a buf in Time module
- NEW! Better CLSID scanner
- NEW! Now MBR scanner is EFI compatible
- Updated italian translation
- Fixed a bug in Path module
New in RogueKiller 10.3.0.0 (Feb 16, 2015)
- Added detections
- New command line flag: -showlegithooks (Shows legit hooks that are normally hidden)
- Big improvements in the IAT hooks engine; Preparation of refactoring for the kernel hooks.
- Big improvements in Extension Checker module
- Arabic translation
- Updated translations
- Updated Yara engine to 3.3
New in RogueKiller 10.2.0.0 (Jan 19, 2015)
- Added detections
- Updated Italian translation
- Added German translation
- Added Chinese traditional translation
- Fixed a bug in Registry scanner where .DEFAULT hive is not scanned
- Added MBR signature for FinFisher
- Added MBR signature for TDL4
- Added MBR signature for Rovnix
- Fixed some bugs in MBR scanner
- Improved low level disk access library
- Added VBR (Volume Boot Record) scanner
New in RogueKiller 10.1.2.0 (Jan 6, 2015)
- Added detections
- Updated Spanish translation
- Added Italian translation
- Added hook signatures engine
New in RogueKiller 10.1.1.0 (Dec 23, 2014)
- Added Dutch translation
- Added Italian translation
- Added sanity check for website opening
New in RogueKiller 10.1.0.0 (Dec 11, 2014)
- Added detections
- Fixed mbamservice false positive
New in RogueKiller 10.0.9.0 (Dec 8, 2014)
- Fixed Xpaj false positive with DiskCryptor MBR
- Added DiskCryptor MBR signature
- Added detections
- TrueSight 1.0.4: Better shellcode module detection
- IAT Hooks: Better shellcode module detection
New in RogueKiller 10.0.8.0 (Nov 20, 2014)
- Added detections
- Fixed bug of processes not killed
- Now process memory is scanned before path scan
New in RogueKiller 10.0.7.0 (Nov 20, 2014)
- Now process pages are scanned for whitelist
- Updated Yara engine
- Added detections
- Reverted some command line to free version: -nodriver -nokill -nopop -nothirdparty
New in RogueKiller 10.0.6.0 (Nov 13, 2014)
- Fixed a bug in Process module (not enough rights to get process path)
- Fixed a bug in AV whitelist detection
- Added detections
New in RogueKiller 10.0.5.0 (Nov 11, 2014)
- Now AV processes are whitelisted
- Added language separator for "Your language here"
- Added Injected process heuristic detection
- Fixed bad Zeus signature
- More aggressive against Poweliks processes
- Added detections
- Updated links
New in RogueKiller 10.0.4.0 (Oct 29, 2014)
- Added link to translations in language menu
- Added Delay IAT in PE module
- Added Delay IAT hooks in antirootkit
- Now IAT hooks are printed to UI as they are scanned
- Removed ctfmon from sensitive processes
- Now detects Zeus variants
- Now informative texts are not elided
- Better choices (currency/amount) for Paypal form
- Removed unused resources
- Improvements in quarantine module
- Now DNS entries show country IP in text report
- PREMIUM: Added quarantine handler
- Added detections
New in RogueKiller 10.0.3.0 (Oct 22, 2014)
- New user-agent: Now sends extended vendor names for real time monitoring
- Added detections
New in RogueKiller 10.0.2.0 (Oct 16, 2014)
- Added detection of services hidden from SCM and from registry
- Dropped command line support in free version
- Removed EAT hooks (useless)
- Improved IAT hooks scanner (now scans all modules instead of main module)
- Fixed a bug in driver library (driver could not load under certain circumstances)
- Added Czech translation
- Added tooltip with detection level (for colorblind people)
- Added detections
New in RogueKiller 10.0.1.0 (Oct 10, 2014)
- Improvements in Process library
- Added COM integrity check to disable COM calls when server is corrupted (Poweliks)
- Fixed Poweliks rule
- Added detections
- Fixed Bug in registry module
- Fixed a bug in logging
New in RogueKiller 10.0.0.0 (Oct 8, 2014)
- Major UI changes
- Added support for future Premium version
- Added support for ShellIconOverlayIdentifiers and ShellServiceObjectDelayLoad keys
- Now CLSIDs are scanned for path and memory
- Added detections
New in RogueKiller 9.3.0.0 (Oct 6, 2014)
- New Rules engine. Easier to maintain, more robust.
- Fixed a lot of bugs in Scanner engines.
- Added detections
New in RogueKiller 9.2.13.0 (Sep 25, 2014)
- Fixed a bug in registry module introduced in 9.2.12
- Fixed a bug in process engine that forbids svchost processes to be killed
- Added detections
New in RogueKiller 9.2.12.0 (Sep 25, 2014)
- TrueSight: 1.0.3: Fixed a Kernel stack overflow leading to a BSoD
- Better handling of multistring registry value/key names (ZeroAccess/Poweliks)
- Added Poweliks detections
- Added detections
New in RogueKiller 9.2.11.0 (Sep 18, 2014)
- Added detection to new Poweliks variant
- Fixed a bug of infinite wait when COM objects are broken
New in RogueKiller 9.2.10.0 (Sep 9, 2014)
- Fixed a bug in Yara scanner
- Fixed a bug in language module
- Fixed a crash dump uploader (due to surlatoile.org move to https)
- Added service binary path in report
New in RogueKiller 9.2.9.0 (Sep 1, 2014)
- Updated Yara to 3.1.0
- Added detections
- Firefox PUM.HomePage is using domain whitelist
New in RogueKiller 9.2.8.0 (Aug 16, 2014)
New in RogueKiller 9.2.7.0 (Aug 16, 2014)
- Added scan of Search Page/Start Page for Internet Explorer
- Added scan of Start Page for Firefox
- TrueSight 1.0.2: Process Kill
- TrueSight 1.0.2: Registry key Kill
- TrueSight 1.0.2: File Kill
- RogueKiller: Implementation of new Truesight features
- RogueKillerCMD: Implementation of new Truesight features
New in RogueKiller 9.2.6.0 (Aug 7, 2014)
- Removed a ZeroAccess false detection
- Fixed a bug in registry module (introduced in 9.2.5)
New in RogueKiller 9.2.5.0 (Aug 7, 2014)
- Fixed a bug in registry module (poweliks/zeroaccess trick)
- Fixed a bug in command line parsing
- RogueKillerCMD: Added registry value/subkey removal by index
- Added detections
New in RogueKiller 9.2.4.0 (Jul 25, 2014)
- Added detections
- Added Key present rule
- Added Value data rule
- Updated Yara
- Fixed a bug in file search module
- Fixed a bug in honey file module
- Fixed string limit in path module
- RogueKillerCMD: Registry Kill
New in RogueKiller 9.2.3.0 (Jul 14, 2014)
- Fixed a bug in file module
- Added detections
New in RogueKiller 9.2.2.0 (Jul 11, 2014)
- Fixed a bug in task scanner
- Fixed a bug in path parser
- Fixed a bug in registry module
- Fixed a bug in install module
- Unknown MBRs are dumped in %programdata%/RogueKiller/Debug
- Added detections
New in RogueKiller 9.2.1.0 (Jul 9, 2014)
- Fixed a bug in logging
- Fixed unicode hosts file read/write
- Fixed empty hosts lines scan
- Truesight 1.0.1
- Truesight now suspends TDL4 threads before MBR fix
- Removed debug messages from Truesight
- Fixed pcalua detection in task scanner
- Added links
New in RogueKiller 9.2.0.0 (Jul 7, 2014)
- Truesight 1.0 (no more in beta)
- Truesight loads in X64
- Truesight rewriten from scratch (increased stability, code compatibility)
- Truesight now detects Filters (regular, reverse)
- Added detections
- Added translations
- Fixed regression about vendor url opening
- Fixed bug about duplicate registry entries on x86
New in RogueKiller 9.1.0.0 (Jun 23, 2014)
- Added detections
- Fixed a problem of ProgramFiles/ProgramFilesX86/ProgrameFilesW6432 var env parsing
- Binaries are now digitally signed.
- updated translations
New in RogueKiller 9.0.3.0 (Jun 17, 2014)
- Fixed encoding bug in quarantine handler
- Fixed crash window opening when no dump is available
- Fixed duplicated files in common startup folder on XP
- Detection of WinPE. Now LivePE/LiveUSB scan is faster and more accurate.
- Fixed reboot query
- Improved replacement method
- Fixed DNS whitelisting
- Added Zekos signatures
- Now file replacement engine looks for same file version before replacing.
- Fixed a bug in startup honey module
- Fixed a bug in mbr module
New in RogueKiller 9.0.2.0 (Jun 4, 2014)
- Fixed a bug in registry scanner
- Fixed a bug in Buffer lib
- Added chrome extensions removal
- Fixed service repair
- Added single instance mutex
- Fixed a bug when trying to quit
- Added detections
- Added Necurs link
- Added pathparser special rules (rundll32, wscript)
- Fixed a bug in file parsing
- Fixed a bug in Honey module
New in RogueKiller 9.0.1.0 (Jun 2, 2014)
- Fixed a bug in logging
- Fixed a bug in File lib
- Fixed a bug in GUI
- Optimizations in String parser
- Added detections
- Fixed a bug in addons detection
- Fixed a bug in forged file detection
- Fixed a bug in service scanner
- Now malware hooks are Orange
New in RogueKiller 9.0.0.0 (May 29, 2014)
New in RogueKiller 9.0.0.0 Beta 3 (May 29, 2014)
- CLI commands -nodriver -autoscan -autodelete -autoquit -autoeula -hideui
- Added detections
- Fixed EULA
- Added service repair
- Added check for updates
- Changed driver icon
- Added reboot notification
- Added pending detections notification on quit
New in RogueKiller 9.0.0.0 Beta 2 (May 29, 2014)
- Fixed a bug in MBR log
- Fixed a bug in Service log
- Fixed a bug in log (RTL characters removed, ZeroAccess)
- Replaced SUSP PATH label by Suspicious.Path
- Removed Chrome.exe IAT/EAT scan
- Fixed 3 bugs in IEAT/EAT display (process is displayed / legit entries are hidden / fixed size of function in console display)
- Now suspicious services registry keys are not prechecked (to avoid confusion with true malware)
- Disabled Forged files removal (except if contains malware signature), due to some false positives
- Fixed a bug in Registry subkey removal (ZeroAccess)
- Fixed a bug in File replacement (added ACL copy before replace, Zekos)
- Fixed a bug in ListView sorting (was too slow)
- Added detections
New in RogueKiller 9.0.0.0 Beta 1 (May 29, 2014)
- Added crash handler window
- Reports are now translated
- Added missing translations
- Added hover event for Facebook / Paypal links
- Added fancy Facebook button
- Replaced old icons by high res icons
- Added detections
- Fixed a bug in ComManager
New in RogueKiller 9.0.0.0 Alpha 5 (May 29, 2014)
- Brand new high res icon!
- Now sending statistics to adlice.com webserver database
- PUM color detection is now Dark Gray
- Added web browser scan
- Added stop button (during scan only)
New in RogueKiller 9.0.0.0 Alpha 4 (May 29, 2014)
- Added context menu select/unselect all
- replaced old MBR display by a listview
- added MBR scan
- fixed carriage return bug in reports
- fixed bad driver decryption
- added Hooks scanner
New in RogueKiller 9.0.0.0 Alpha 3 (May 29, 2014)
- Fixed a bug when exiting with file menu
- Added hosts fix button (hosts tab)
- Fixed window names bug (massive false positive)
- Added true version number comparison for version checker
- Fixed elided text bug
- Added report footer
- Now general progressbar is used as progression
- Now displays fine progression
- Added file scanner
New in RogueKiller 9.0.0.0 Alpha 2 (May 29, 2014)
- Fixed a crash in Yara scanner on some processes
- Fixed a bug in Hidden processes detection
- Fixed a bug in report module, prescan results were removed from reports
- Fixed display bug (wrong X64 display in title)
- Fixed crash handler, now crash dumps will be located in %ProgramData%/RogueKiller/Debug
- Fixed display bug. After removal, status of items was not updated.
- Added Hosts file support
- Added Hosts file line removal
- Removed Proxy, DNS and Shortcut buttons/tabs
New in RogueKiller 9.0.0.0 Alpha 1 (May 29, 2014)
- Rewritten engine from scratch ( RKSdk V1 )
- Moved to Yara scanner
- Fixed a lot of bugs
New in RogueKiller 8.8.15 (Mar 27, 2014)
- No crash report sends debug.log and crash dump
- Optimizations
- Added detections
New in RogueKiller 8.8.14 (Mar 26, 2014)
- Fixed a bug in PE parser
- Optimizations
- Added detections
New in RogueKiller 8.8.13 (Mar 25, 2014)
- Optimizations
- Now scans IAT/EAT on x64 operating systems
- Now scans non-PE files (example: .bat)
- Addded detections
New in RogueKiller 8.8.12 (Mar 20, 2014)
- Optimizations
- Added Thanks for Downloading Url at first use.
- Fixed bug in MBR fix
- Fixed progressbar behavior
New in RogueKiller 8.8.11 (Mar 14, 2014)
- Optimizations
- Added lot of PUP detections
- File path are elided in console
New in RogueKiller 8.8.10 (Feb 28, 2014)
- Added detections
- Changed links
- Fixed a bug in File library
- RogueKillerCMD 0.1.3:
- Added service list
- Added service kill
New in RogueKiller 8.8.9 (Feb 24, 2014)
- Added double check for current version
- Added double post for autofeedback
- Changed sur-la-toile.com domain for new one surlatoile.org (fixed statistics and version check)
New in RogueKiller 8.8.8 (Feb 19, 2014)
- URLs are now localized
- Fixed tree process creation deadlock
New in RogueKiller 8.8.7 (Feb 11, 2014)
- Fixed bugs in Hidden process detection
- Added traces for killed processes check bug.
New in RogueKiller 8.8.6 (Feb 7, 2014)
- ACLs management improvement
- Fixed FP in hook module
- NEW! Google Chrome extensions are listed [Removal not supported yet]
- Fixed Zekos FP with Zanga.exe
- Fixed forum link in report
New in RogueKiller 8.8.5 (Feb 3, 2014)
- Added debug trace for dllhost issue
- Added rogue detections
- Fixed duplicates in Firefox Addons list
- Added extensions.json / extensions.sqlite in the firefox watch list
- Now kills firefox before removing extensions
New in RogueKiller 8.8.4 (Jan 28, 2014)
- Added ACL module.
- Fixed bug with ACLs when replacing patched file [Black Screen - Zekos]
- Restored Zekos signatures
New in RogueKiller 8.8.3 (Jan 24, 2014)
- Extension removal for IE / Firefox (context menu)
- Neutralized Zekos signatures to avoid black screen at replacement. [To be fixed]
New in RogueKiller 8.8.2 (Jan 17, 2014)
- NEW! Miuref detection and removal
- Added Zekos x64 detection
- Fixed a bug in honey module
- Fixed a bug in core module
- Fixed a bug in driver module
New in RogueKiller 8.8.1 (Jan 14, 2014)
- Fixed bug in registry module
- Fixed a bug in file module
- NEW! Zekos detection and removal.
New in RogueKiller 8.7.14 (Dec 27, 2013)
- NEW! web browser addons are listed (Internet Explorer | Firefox )
- NEW! Cryptolocker pattern
- NEW! Killed process verifier. If some processes remain, they are killed by their whole tree.
- Added detections
New in RogueKiller 8.7.13 (Dec 18, 2013)
- Translated Paypal Icon
- Fixed a bug in GUI lib
- Added PUP pattern
- Fixed a bug in File lib (ZeroAccess detection)
- Added addons tab
New in RogueKiller 8.7.12 (Dec 16, 2013)
- Windows 8.1 detection
- Fixed bug in Shortcut mode
- Refactoring of File lib
- Added detections
- RogueKillerCMD 0.1.2:
- Added process list
New in RogueKiller 8.7.11 (Dec 5, 2013)
New in RogueKiller 8.7.10 (Dec 4, 2013)
- Added detections
- RogueKillerCMD 0.1.1:
- Fixed DLL dependencies
New in RogueKiller 8.7.9 (Nov 25, 2013)
- Fixed a bug in regex parsing
- Optimization of regex
- Added 2 new methods for registry Read/Write
- NEW! Honey module now uses the Win32 API Offline method (Safer)
- Fixed a bug in script cleanup
- Fixed a bug in mbr module
- Added detections
New in RogueKiller 8.7.8 (Nov 14, 2013)
- NEW! Added Zlib compression for crash dump sending
- Improvement of args handler
New in RogueKiller 8.7.7 (Nov 11, 2013)
- NEW! new banner
- Fixed bugs in Registry module
- Fixed bug in PeParser
- Added progress window for crash report uploading
- Now collecting Full dumps
New in RogueKiller 8.7.6 (Oct 28, 2013)
- Changed crash feedback for sending crash dump instead of custom crash logs
- Fixed bug in PeParser
New in RogueKiller 8.7.5 (Oct 22, 2013)
- Added useragent in debug log sending
- NEW! Geoloc for proxy / DNS IPs
- Fixed bug on TaskMan value
- NEW! -report_output and -hide switches
- NEW! Stop button
New in RogueKiller 8.7.4 (Oct 16, 2013)
- Added COUNTRY in user agent of statistic module
New in RogueKiller 8.7.3 (Oct 15, 2013)
- Detection/Removal of generic name mismatches in registry key/values (API fool trick -Rootkit)
- Fixed a bug in HiveReader module
- Fixed a bug in Pattern module
New in RogueKiller 8.7.2 (Oct 10, 2013)
- Fixed memory leak in sigcheck
- Fixed bug in PeParser
- Fixed bug in File module
- Added RECYCLER suspicious path (DorkBot)
- Added TaskManager key monitoring
New in RogueKiller 8.7.1 (Oct 3, 2013)
- Fixed bugs in PeParser
- Fixed bug in IAT/ETA hooks
- Listview sorting
New in RogueKiller 8.7.0 (Sep 30, 2013)
- NEW! Scan IAT/ETA of sensible processes
- NEW! Filesystem userland antirootkit
- Added colors to differenciate type of objects
- Added Romanian language
- Fixed bug in file deletion
- Fixed bug in Pe parser
- Optimizations: Com library
- Fixed bug in GUI library
New in RogueKiller 8.6.12 (Sep 19, 2013)
- Added detections
- Added MBR infos
- Added PUM label, and more consitent colors
- Fixed a bug in MBR module
New in RogueKiller 8.6.11 (Sep 11, 2013)
- Fixed a crash a startup on x64 OS
New in RogueKiller 8.6.10 (Sep 9, 2013)
- Fixed a bug in PeParser
- TrueSight 0.9.1
New in RogueKiller 8.6.9 (Sep 3, 2013)
- Fixed a bug in PeParser
- Added Export parsing
- Fixed a bug in SSDT parsing
- Added detections
New in RogueKiller 8.6.8 (Sep 2, 2013)
- Fixed a bug in peParser
- Truesight v0.9
New in RogueKiller 8.6.7 (Aug 28, 2013)
- Fixed display issue
- Fixed problem in Registry module
- Added Rogue.AntiSpy-LSP pattern (Live Security Professional)
- Added detections
New in RogueKiller 8.6.6 (Aug 19, 2013)
- Ability to resize the application (but still flickering when resized...)
- Fixed display issue in safe mode
- Removed Hosts scan if file is bigger than 1MB
- Added detections
- Fixed bug in removal
New in RogueKiller 8.6.5 (Aug 5, 2013)
- Added support for new ZeroAccess variant (RTL)
- Added AutoRun value support in PE mode
- Fixed bug for rebooting query
- Fixed bug in file/folder deletion
- Removed unauthorized characters in report
- Updated links
New in RogueKiller 8.6.4 (Jul 30, 2013)
- Fixed display bugs
- Added tab icons
- NEW! One scan can allow user to trigger each option once (Delete, HostsFix, DNSFix, ProxyFix)
- Fixed bug in DLL module
- Modified Honey display in report
- Fixed bugs in PeParser
- Fixed bug in file parser
- Added detections
- Database queries switched to UNICODE
New in RogueKiller 8.6.3 (Jul 17, 2013)
- Added detections
- Fixed bugs
- Added crash feedback link into crash window
New in RogueKiller 8.6.2 (Jul 2, 2013)
- Modified links
- Fixed bugs
- Added Turkish translation
- Added switches -autoscan, -autoaccepteula, -autoquit and -autodelete for automation of the flow
New in RogueKiller 8.6.1 (Jun 17, 2013)
- Fixed bugs
- Improved filename parsing
New in RogueKiller 8.6.0 (Jun 14, 2013)
- Rewrote whole engine
- NEW! Added icons in lists
- NEW! Added colors for Hosts lines detection
- Report: Splitted in object coherency (Tasks, Startup folders, registry)
- NEW! Honey module (previous PE module rewriten from scratch)
- NEW! .ini file for configuration storing
- NEW! Firefox malware detection module
- Added signatures
- Added ZeroAccess infection => Windows Defender repair
- Added disclaimer on Shortcut fix option
- Added hosts malicious lines identification in report
- Translations updated
- Added drivers to the patched files list to check
- Added service repair option (Tools/Repair services)
- Added Aho-Corasick algorithm for fast signature matching. Improved signature finding speed.
- NEW! Opera module - Added Proxy configuration
New in RogueKiller 8.5.4 (Mar 18, 2013)
- Detection of malicious Hosts file lines
- Adding signatures
New in RogueKiller 8.5.3 (Mar 13, 2013)
- Fixed bugs
- Adding signatures
New in RogueKiller 8.5.2 (Feb 23, 2013)
- MAJ detection Necurs.A
- MAJ update database
- Fixed a bug in the module database
New in RogueKiller 8.5.1 (Feb 13, 2013)
- MAJ detection Necurs.
- Update database
- Fixed a bug in the module database
New in RogueKiller 8.5.0 (Feb 9, 2013)
- Better care of ZeroAccess
New in RogueKiller 8.4.4 (Feb 2, 2013)
- Italian Language
- PE Module: Bug fixing
- Detection ZeroAccess - Improvements
New in RogueKiller 8.4.3 (Jan 9, 2013)
New in RogueKiller 8.4.2 (Dec 31, 2012)
- Improvement to the PE module
New in RogueKiller 8.4.1 (Dec 27, 2012)
- Fixed a bug in the PE module
- Spanish Language
New in RogueKiller 8.4.0 (Dec 12, 2012)
- Code optimizations for the x64 package
- X64 version available
- Fixed a bug in the Tasks module
- Fixed a bug in the Hooks module
New in RogueKiller 8.3.2 (Dec 7, 2012)
- Support for MBR Fix for TDL4
New in RogueKiller 8.3.0 (Nov 17, 2012)
- Migration of the database
- Fixed bugs
New in RogueKiller 8.2.3 (Nov 7, 2012)
- Preparation SQLite
- Optimization Module parsing
- Fixed a bug detection process path x64
- WL dll
- HPStatusBL.dll
- Fixed a bug in Crypt
New in RogueKiller 8.2.2 (Nov 6, 2012)
- Window BL
- Micorsoft Security Essential Pro 2013
- Windows 8 Defender 2013
- MESP.exe
- Added a whitelist by way
- Corection a bug in the module blacklist
- Change link FR tutorial
- Dutch translation
- Add the date and manner in the name of the report
- Executable UPX packed-default
New in RogueKiller 8.2.1 (Nov 6, 2012)
- DNS WL
- 24.222.0.95
- Driver WL
- avgtpx86.sys / * AVG * /
- regguard.sys / * RegRun * /
- Whitelist
- cdloader2.exe
- magicJack.exe
- AmazonCloudDrive.exe
- V0220Mon.exe
- msnotif.exe
- LGMLauncher.exe
- Communicator.exe
- Fixed a bug in debug
- Modifications Module importance
- Adaptation of the driver for Windows 8
- Retrieve names SSDT userland API Compatibility (Win8)
New in RogueKiller 8.2.0 (Oct 23, 2012)
- Truesight v0.7
- Fix German language
- Various bug fixes
- Whitelist
- sys32/pcalua.exe
- LogMeInSystray.exe
- Dashlane.exe
- DNS Whitelist
- * 86.64.145.14
- 129.250.35.251
- Driver WL
- SbFw.sys / * GFI * /
- Window BL
- File Restore (FakeHDD)
New in RogueKiller 8.1.1 (Oct 4, 2012)
- Traditional Chinese translation
- Fixed minor bugs
- Add color to differentiate the listviews type detection
- Fixed a bug in the module Blacklist
- Window BL
- XP Defender 2013
- Vista Defender 2013
- Win 7 Defender 2013
New in RogueKiller 8.1.0 (Sep 28, 2012)
- Support change language at runtime
- Fixed a bug in the module processes
- Added a plug MBR (for testing)
- Adding a link "website" in the report header
New in RogueKiller 8.0.5 (Sep 24, 2012)
- Launch switch management
- Added switch "-nodriver" that prevents the loading of the driver
- Added switch "-nokill" that prevents the kill process (certain processes cause a BSOD to kill, it is better to attack their registry key)
- Adding a category "Extern Hive" in the report => Listing hives External found
- Fixed a bug in hives Extern
- Bugfix
New in RogueKiller 8.0.4 (Sep 19, 2012)
- Encryption of files in quarantine (Use Cryptonic with key "RogueKiller" to decipher)
- Optimization of the web module
- Added API suppression off when a key is protected
- Fixed a bug in HiveReader
New in RogueKiller 8.0.3 (Sep 13, 2012)
- Correction d'un bug dans le module HiveReader
- Correction d'un bug dans le module Registry
- Correction d'un bug dans le module File ASSO
- Correction d'un bug dans le module Proxy FF
- Prise en charge des rootkits maxSST (fix désactivé car non testé)
- Deactivation of "Patched" module (not really used, to many false positives)
- Whitelist DLL:
- tv_w32.dll
- Whitelist:
- %Windir%/HelpPane.exe
- TeamViewer.exe
- tv_w32.exe
- TeamViewer_Desktop.exe
- ibsvc.exe
New in RogueKiller 8.0.2 (Aug 31, 2012)
- Fichiers particuliers:
- \\RECYCLER\\[ANYFOLDER]\\$********************************\\n
- \\RECYCLER\\[ANYFOLDER]\\$********************************\\@
- \\RECYCLER\\[ANYFOLDER]\\$********************************\\L
- \\RECYCLER\\[ANYFOLDER]\\$********************************\\U
- Incproc HJ:
- {fbeb8a05-beee-4442-804e-409d6c4515e9}
New in RogueKiller 8.0.1 (Aug 30, 2012)
- Whitelist:
- c2c_service.exe
- procexp.exe
- Driver WL:
- RapportCerberus$ (trusteer)
- Truesight v0.6:
- Surveillance de DriverEntryIO
New in RogueKiller 8.0.0 (Aug 27, 2012)
- Monitoring HKEY_LOCAL_MACHINE \ \ SYSTEM \ \ CurrentControlSet \ \ Services \ \ Tcpip \ \ Parameters: DataBasePath (HOSTS)
- Various improvements
- Added a cartridge information on infection
- Redesign of some windows
- Whitelist
- StatBar.exe
- % windir% \ ^ ^ Service.exe
New in RogueKiller 7.6.6 (Aug 11, 2012)
- Search files replacement in case of patched files.
- Replacement of patched files mode DELETE
New in RogueKiller 7.6.5 (Aug 4, 2012)
- Fixed a bug in peParser (PE x64)
- Added Signature:
- ZeroAccess (services.exe x64)
New in RogueKiller 7.6.4 (Jul 17, 2012)
- Added a blacklist for register values
- BlacklistValue
- Update (POLICE)
- Add to blacklist patterns (POLICE)
- fest0r_ot.exe
- Schnarch.exe
- Whitelist DLL
- cleanup.dll (MMFA)
- Windows BL
- File Recovery
New in RogueKiller 7.6.3 (Jul 9, 2012)
- Fixed a bug in HiveReader (management register values unicode)
- Add to blacklist patterns (POLICE)
- roper0dun.exe
- rasmxs.exe
- SCardDlg.exe
- TapiSysprep.exe
- 0_0u_l.exe
New in RogueKiller 7.6.2 (Jul 2, 2012)
- Adding a module kill / relaunch the process including the removal of particular files (explorer.exe is killed / revived)
- Fixed a bug in the detection of specific files
- Monitoring of key: HKCR \ \ CLSID \ \ {42aedc87-2188-41fd-b9a3-0c966feabec1} \ \ InprocServer32 (ZeroAccess)
- Blacklist
- sys32 / n
- Share files blacklist
- windows\\Installer\\{********-****-****-****-************}\\L
- localAppdata\\{********-****-****-****-************}\\L
- sys32\\config\\systemprofile\\Local Settings\\Application Data\\{********-****-****-****-************}\\L
- sys32\\config\\systemprofile\\Local Settings\\Application Data\\{********-****-****-****-************}\\U
- sys32\\config\\systemprofile\\Local Settings\\Application Data\\{********-****-****-****-************}\\@
- sys32\\config\\systemprofile\\Local Settings\\Application Data\\{********-****-****-****-************}\\n
New in RogueKiller 7.6.1 (Jun 28, 2012)
- Adding a module file verification systems (ASLR + search for signatures)
- Checking the file services.exe
- Adding Signature ZeroAccess (services.exe)
- Bug fixes (Module Window)
New in RogueKiller 7.6.0 (Jun 26, 2012)
- Adding a user contract (EULA)
- Changing the module files Particular consideration for reasons of comparison by removing + mask
- Share files blacklist
- Part files blacklist
- windows\\Installer\\{********-****-****-****-************}\\n
- windows\\Installer\\{********-****-****-****-************}\\@
- windows\\Installer\\{********-****-****-****-************}\\U
- localAppdata\\{********-****-****-****-************}\\n
- localAppdata"\\{********-****-****-****-************}\\@
- windows\\Assembly\\GAC\\Desktop.ini
- windows\\Assembly\\GAC_32\\Desktop.ini
- windows\\Assembly\\GAC_64\\Desktop.ini
- Drivers WL
- avgidsshimx.sys (AVG)
New in RogueKiller 7.5.4 (Jun 8, 2012)
- Monitoring of key: HKCR \ \ CLSID \ \ {F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} \ \ InprocServer32 (ZeroAccess)
- Add to blacklist patterns (POLICE) pkg0u.exe
New in RogueKiller 7.5.3 (Jun 5, 2012)
- Improved interface
- Review of translations
- Update detection ZeroAccess (Sirefef)
- Add to blacklist patterns (POLICE):
- krussel3.exe
- AMD_cpx.exe
- Apple_Store.exe
- cs8v0k.exe
New in RogueKiller 7.5.2 (May 31, 2012)
- Improved redirection module paths
- Whitelist:
- SpotifyWebHelper
- windows% / ALCMTR.exe
- Add to blacklist patterns (POLICE):
- ArchiverforWin.exe
- game_client.exe
- WinArchiver.exe
New in RogueKiller 7.5.1 (May 28, 2012)
- Monitor HKLM \ SYSTEM \ ControlSet001 \ Control \ SafeBoot: AlternateShell
- Monitoring of x64 registry key to the SHELL
- Add to blacklist patterns (POLICE)
- k8h0pp.exe
- Temp # #. exe
- ServiceVBOX.exe
New in RogueKiller 7.5.0 (May 25, 2012)
- Added ability to use RogueKiller under PE environment.
- Ability to scan the windows in hives external connection of SD.
- Fixed a bug in ntreg
- Added desktop suspect in paths
- Add to blacklist patterns (POLICE):
- k8h00.exe
- VboxServs.exe
New in RogueKiller 7.4.5 (May 19, 2012)
- Integration library ntreg
- Add to blacklist patterns (POLICE)
- ch8l0.exe
- p0j99p.exe
- spoolsrv.exe
- FSnapshot_x86.exe
- BSI.bund.exe
- GboxService.exe
- InfoServices_a.exe
- ksprskylabs1.exe
New in RogueKiller 7.4.4 (May 8, 2012)
- Adding pattern detection POLICE
- "# {1}. # {12 +}. Exe
- wpbt # {1}. dl {2}
- hnszs # {1}. exe
- a.bat ms ****
- ram_reserver64.exe
- itunes_service # {2}. exe
- syncservicex86.exe
- EPUhelpers.exe
- DNS_Servicex86.exe
New in RogueKiller 7.4.3 (May 4, 2012)
- Implementation patterns for detection process, key RUN, SHELL, Startup
- Fixed a bug in HiveReader
- Code Optimizations
- TrueSight: Securisation code
New in RogueKiller 7.4.2 (May 3, 2012)
- Fixed a bug in HiveReader
New in RogueKiller 7.4.1 (May 3, 2012)
- Whitelist E_FATIHJL.EXE
- Added pattern GEMA
- Added pattern POLICE
- Fixed a bug in readMBR
- Fixed a bug in SSDT
New in RogueKiller 7.4.0 (May 2, 2012)
- Fixed a bug in the debug mode
- Add license ExceptionHandler => automatic management of crashes (in part). When a crash occurs, a window opens and prompts the user to send it automatically.
- BL Window:
- Data Recovery (FakeHDD)
- Language support:
- German
New in RogueKiller 7.3.4 (May 2, 2012)
- Add license SigCheck, allowing the search for signatures in binary files.
- Search for signatures in the process
- Fixed a bug in readMBR (reorganization of the priority of signatures)
- Fixes in the resources of language.
New in RogueKiller 7.3.3 (Apr 23, 2012)
- Taking into account the value Start_TrackProgs (Recent Programs menu)
- Fixed a bug in HiveReader
- Changing ACLs before checking RUN key (bug virus Mounted)
- Language support:
- Greek
- Portuguese
New in RogueKiller 7.3.2 (Mar 20, 2012)
- Fixed a bug in startup
- Added monitoring of folder "Common Startup"
- TrueSight v0.5: Code Optimizations
- SHIFT language Czech / Slovak
- Added checkbox "AntiRootkit" which disables the functionality of the module TrueSight
New in RogueKiller 7.3.1 (Mar 20, 2012)
- Fixed a bug in faked mode
- Added a checkbox to disable the module faked (the scanning takes time)
- Whitelist:
- Skype.exe
- FixCamera.exe
- firefox.exe
- plugin-container.exe
- Driver WL
- Crypto.sys / * SafeNet * /
- mfehidk.sys / * McAfee * /
- wpsdrvnt.sys / * Symantec * /
New in RogueKiller 7.3.0 (Mar 9, 2012)
- TrueSight v0.4
- Ability to inline hooks.
- TrueSight: Detection of IRP hooks (Major and Inline) on a given driver -> Atapi.sys
- Ability to inline IRP hooks (may cause a BSOD in some cases, this function needs to be improved. For use only as a last resort).
- Added a confirmation messagebox asking if no deletion was performed
- TrueSight: Bypass function driver for Windows 8 (not compatible for now)
- TrueSight: Code Optimizations
- Detection of Windows 8
- Fixed a bug in HiveReader (value / key with accents)
- Adding a module for detecting faked files (experimental)
- Applied sys32/drivers
- Fixed a bug in SHELL
- Fixed a bug in STARTUP
- Fixed a bug in WEB
- Module Startup: Ability to see the records of all sessions (instead of the current)
- Monitoring the HKCU \ ... \ Advanced: Start_ShowRun
New in RogueKiller 7.2.1 (Mar 1, 2012)
- TrueSight v0.3
- Detection of inline hooks (SSDT functions only)
- Fixed a bug in HiveReader
- Driver WL
- avipbb.sys / * Avira * /
- avkmgr.sys / * Avira * /
- BL Window
- Smart Fortress 2012
- Windows Shield Tool
- Windows PRO Scanner
- Basic Windows Antivirus
- Windows Guard Stability
- Windows Firewall Constructor
New in RogueKiller 7.2.0 (Feb 27, 2012)
- Added option in the tab FixMBR MBR. This option becomes available if an MBR infection is found.
- Possibility to fix the MBR with a bootstrap standard MBR (XP, Vista)
- Adding a module for direct reading of hives => detection key / hidden values of the API
- MBR detection Toshiba
- Lenovo MBR detection
- Standard MBR detection
- KIWI Image MBR detection system
- Whitelist:
- Spotify.exe
- jusched.exe (global)
- BL Window:
- Windows Functionality Checker
- Windows Smart Warden
- Home Malware Cleaner
- Windows Smart Partner
- antivirus Protection
- Windows Telemetry Center
- Catalyst Windows Perfomance
- Strong Malware Defender
New in RogueKiller 7.1.0 (Feb 15, 2012)
- Passage of Unicode code logic (instead of ANSI)
- Bug fixes
- Added language support:
- Czech
- Slovak
- Updated detections whistler MBR / Sinowal
- MBR detection myBIOS
- Detection of MBR floodés by NOP
- Blacklist window
- Security Scanner
- Internet Security
- Internet Security 2012
- Rogue ProgFile
- \ \ PCSpeed Service \ \
- \ \ everyclear \ \
New in RogueKiller 7.0.4 (Feb 8, 2012)
- Fixed a bug making the buttons disappear in some low screen resolutions
New in RogueKiller 7.0.3 (Feb 7, 2012)
- Changing the module LL2 => less access error alone, mostly on x64 OS
- Fixed a bug in the workflow of secondary modes
- Blacklist
- InetAccelerator.exe (Gendarmerie2)
New in RogueKiller 7.0.2 (Feb 7, 2012)
- Bug fixes displays (Line breaks over) in the edition of
- Fix MBR in Module => partition size updated (1 KB = 1024 bytes)
- Whitelist : adawarebp.exe, DropBox.exe
- Rogue ProgFiles
- BoanCatch
- pcupgrade
- best-pc
- PCMaster Antispyware
- InfoSeven
- comdoumi
- Added pattern Rogue.ViusDoctor, Rogue.Zaxar
- BL Window
- Smart Antivirus Protection
- Malware Protection Center
New in RogueKiller 7.0.1 (Feb 7, 2012)
- Fixed a bug in MBR => type scores updated
- Fixed a bug in MBR => Calculation of partition sizes updated
- Upgrade to 5 PhysicalDrive Max
- Added name of physical disks
New in RogueKiller 7.0.0 (Feb 7, 2012)
New in RogueKiller 6.2.4 (Jan 13, 2012)
- Add HKEY_USERS \ \ Software \ \ Classes \ \ pezfile \ \ shell \ \ open \ \ command
- Added HKEY_USERS \ \ Software \ \ Classes \ \. Exe \ \ shell \ \ open \ \ command
- Added HKEY_USERS \ \ Software \ \ Classes \ \ exefile \ \ shell \ \ open \ \ command
- Fixed a bug in the backup REG
- Added option: WhyIGotInfected? => Opening page Wigi
- Opening of links to the manipulations of blogspot based on the detected infections (ZeroAccess, FakeRean)
New in RogueKiller 6.2.3 (Jan 9, 2012)
- Whitelist smad.exe
- Whitelist Dll
- BatInfEx.dll
- BatLogEx.dll
- Driver Whitelist
- hookcentre.sys /*Gdata*/
- Window Blacklist
- System Check
- Rogue ProgFiles
- \\InfoSafe\\
- \\CleanerCom\\
- \\MicroVaccine\\
- \\PC-Spider\\
- \\CYAK\\
- \\PcVirusDoctor\\
- \\VDoctor Professional\\
- \\CheckSpeed\\
New in RogueKiller 6.2.2 (Jan 9, 2012)
- Detection MBR Code TestDisk
- Detection MBR Code HP tatoué
- Detection MBR Code Whistler
- Distinction entre Vista / 7 MBR Code
- Detection MBR Code Linux
- Correction of a bug in the backup REG modul