Universal Virus Sniffer (uVS)

[Jarom]

Universal Virus Sniffer (uVS) 4.0

Program jest dostępny również w języku angielskim.

Universal Virus Sniffer to narzędzie do wyszukiwania i usuwania wirusów, rootkitów, bootkitów oraz innych zagrożeń typu Zero Day. Posiada zaawansowany skaner wyszukujący szkodniki i eliminujący nieznane zagrożenia. Pracuje w trzech różnych trybach i dodatkowo współpracuje z rejestrem, w celu sprawniejszego wykrywania i usuwania wirusów oraz wszelkich błędów spowodowanych przez wirusy.

Program oferuje:
- pracę w trzech podstawowych trybach pracy - aktywny, nieaktywny i poprzez zdalne sterowanie.
- zestaw filtrów i wbudowanego analizatora do szybkiego wykrywania nieznanego zagrożenia,
- automatycznie pobiera sygnatury wirusów,
- automatycznie wykrywa aktywne pliki z wirusem,
- wykrywa i łatwo usuwa wszelkie rootkity, które uaktywniają się po uruchomieniu systemu,
- wykrywa i eliminuje zagrożenia zainfekowane w pliku rozruchowym MBR i w całym sektorze rozruchowym,
- identyfikuje strumienie plików wykonywalnych,
- tworzy kopie zapasowe danych,
- odbudowuje uszkodzone, brakujące pliki z systemu Windows.

Czytaj:

Zaloguj lub Zarejestruj się aby zobaczyć!

Źródło: instalki.pl

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Universal Virus Sniffer 4.13​

What's new in Universal Virus Sniffer 4.12​

December 27, 2021

• DNS logging:
• A section "DNS log" has been added to uVS, it contains the addresses that have been requested by processes since the system was booted,
• in the information window for each address, the process, its pid, the date of access to the DNS and the result, if any, intermediate addresses are indicated
• not included in the list. For example, when requesting the IP address of CXCS.MICROSOFT.NET, the address CXCS.MICROSOFT.NET.EDGEKEY.NET will be received,
• which in turn will refer, for example, to E3230.B.AKAMAIEDGE.NET, as a result, only the source address CXCS.MICROSOFT.NET will be included in the list,
• intermediate addresses will be filtered out.
• This section will help in identifying malware / miners and rootkits connecting to specific addresses.
• (!) After enabling the function, you need to reboot the system,
• (!) only in this case you will receive complete information from the moment the system boots.
• (!) Only for active and remote systems starting from Windows 7.
• (!) Enabling DNS logging requires an additional 512mb on the system disk, this amount is enough for 30-50 minutes,
• (!) therefore, it is recommended to analyze or create an image immediately after a reboot.
• Added support for process tracking:
• Process tracking allows you to identify the parent of any process, even if the parent process has already terminated, and
• reliably identify all files that have been launched since the start of the system.
• If tracking is enabled, then only those files that were launched with
• the moment the system starts.
• Tweak # 39 turns on tracking, tweak # 40 turns it off.
• Tweak # 39 includes tracking of command lines of completed processes, command lines are displayed in the information window.
• For Windows 8.1 / Windows Server 2012 R2 and older only.
• (!) After enabling process tracking, you need to reboot the system,
• (!) only in this case you will receive complete information about the processes from the moment the system is rebooted.
• (!) Only for active and remote systems starting from Vista (NT6.0) / Windows Server 2008.
• Added support for tracking tasks:
• The following sections have been added to the information window of the executable file that created, modified or modified tasks:
• "Creating a task", "Deleting a task", "Updating a task" in which the time of the operation, the pid of the process,
• pid and the name of the process that started the process, as well as the XML description of the task, if any.
• Tweaks # 39 / # 40 now enable / disable process and task tracking.
• (!) Only for Windows 10 build 1903 + / Windows Server 2016.
• DNS log management moved to separate tweaks, # 41 and # 42:
• DNS log works starting from Win8 (in limited form) and from Win8.1 in full.
• Disabling logging occurs instantly on all systems except Windows 10,
• in the latter case, you need to reboot the system after 42 tweaks.
• (Win7 and below are not supported).
• The history of launches of this file has been added to the information about the executable file, indicating the start and end times of the process,
• pid, user, parent process. By double-clicking the left mouse button on the file name of the parent process
• you can open its information window.
• The data is available from the moment the system was started, with process tracking enabled.
• In the context menu of a criterion, a command is available to check the entire list for a given criterion.
• New hotkey:
• Ctrl + F7 - Filter the list by user base of criteria.
• Added information about Windows start time to the log.
• lnk files are no longer deleted by the function of removing links to missing objects.
• Added new types of search criteria:
• delwmi - autoscript adds the delwmi command to the script
• deltsk - autoscript adds the deltsk command to the script
• filter - the list object receives the "Filter" status and falls into the "filtered by criteria" category.
• Removal from this category is possible when the list is updated or the status is changed to verified or suspicious.
• (!) Applicable only for objects from the main list.
• Added parsing of the notification command line to the BITS handler. (BITS v1.5 +)
• Added automatic detection of NTFS links.
• Added support for Windows 11.
• Improved the function of detecting embedded code.
• Now, when a modified code is found in the process (hollowing / dopelganging, etc.), a warning is displayed in the log.
• WLBSCTRL.DLL now automatically gets the status of a suspicious file.
• The DHCP Domain field, if available, is now displayed in the network adapter information window (under DNS).
• Added support for VT API v3.
• The log now displays information about existing window stations and a list of desktops for the default window station.
• Added hotkeys when working with the active system:
• Alt-> left and Alt-> right keys toggle the available desktops.
• Fixed bugs.

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Universal Virus Sniffer 4.14​

May 23, 2023

• Fixed a critical error when parsing parameters in task files.
• Due to a bug, uVS may crash without creating a dump.
• The default directory is now the Windows directory.
• (For directory selection windows).

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Universal Virus Sniffer 4.15​

Zaloguj lub Zarejestruj się aby zobaczyć!