---------------------------------------------------------
 5.0.5
---------------------------------------------------------
 o     "   "      .
         ,     uVS.

 o            .

 o        uVS.

---------------------------------------------------------
 5.0.4
---------------------------------------------------------
 o         
          "".
            
           .  
            .

 o          .

 o     SecureBoot.

 o      .

 o    :
   o     ,     Windows.
             ,     
          ,   .
                  Windows.
   o    v2.20  ,       ( ..   )
         ,     ""    "".

 o      "  ".
    : v2.20 mini -      .
              . 
             .
             .
     .
       .
           ,  /   .
   (!)       SecureBoot  BIOS-.
   (!)      64-     Win7.
   (!)         -   Testsigning.
   (!)         Testsigning.
   (!)           
   (!)      ,       .

 o   ""        " ".

 o   -            
      .

---------------------------------------------------------
 5.0.3
---------------------------------------------------------
 o    : .
      uVS      BSOD  : CRITICAL PROCESS DIED.
     v5.0.3      (     ).
              
      "".

 o      DDAw,     DDAL.
     DDAL  ,         
          (  ).
             .
             .
          .
     Alt+Tab     Alt     
      .
   (!)             . 
   (!)       Ctrl+Alt+Del.
   (!)       UAC.
   (!)        .
   (!)     Windows 8.

 o         
      "   ".
              
     ,         / 
     .
        .    
           (  Alt+Shift+W)    uVS.
             .
              
      (  Alt+Tab   )     
              
     .

 o        .
       .
     .

 o          
       .

 o         :
   o /  .
   o    Ctrl+Alt+Del ( CAD   ).

---------------------------------------------------------
 5.0.2
---------------------------------------------------------
 o      v5.
 
 o  cmpimg    1.05      .
   
 o  uvs_snd    1.06      .

 o       :
    o         GPU    Win10/11. 
      (  uVS     Windows         ).
    o    (VRAM).
      (!)    uVS    ,           .
      (!)     .
    o    RAM/VRAM(      ,      )/cpu/gpu
             .

 o        uVS    bReUseRemote.
            uVS -   ,     
         uVS   .

 o                
        pid.

 o          C:\Windows\SystemTemp

---------------------------------------------------------
 5.0.1
---------------------------------------------------------
 o   -           .

 o              UAC    .
   (   Win11 24H2  )
            .
         /  .

 o          .
                  "    ".
   (!)           .

 o   rest  v1.21.

---------------------------------------------------------
 5.0
---------------------------------------------------------
 o    settings.ini
   [Settings]
   ;      ,        .
    TopCount (  0-20,   5, 0 - ).

---------------------------------------------------------
 5.0.RC4
---------------------------------------------------------
 o         "Home"  Windows.
            .

 o  "   -10       "       ,
         .

 o           Zoo    (vbs/cmd  ..).

---------------------------------------------------------
 5.0.RC3
---------------------------------------------------------
 o            pid, 
   ""     "FAKE:",    "FAKE".
          "     ".
           "delfake".

 o             : 
   "   -10       "
              .

 o  uVS      VT.
       settings.ini    VTUploader.
        VTAPI      settings.ini.
             .
   (!)   VT       200Mb,
   (!)    650Mb.
   (!)      ,      ,
   (!)  uVS    32  ,     VT    .
   (!)       ,         
   (!)             .

 o        .

---------------------------------------------------------
 5.0.RC2
---------------------------------------------------------
 o          
        10   .
   (!)        DLL.
   (!)     . ( #39)

 o          .
        ,    ,
           
        .

 o        "",  
             
       .
             .

---------------------------------------------------------
 5.0.RC1
---------------------------------------------------------
 o       "     [UEFI]"
      Win10.

 o       .

 o    .

 o       4     Windows.
   o \Windows\Downloaded Program Files
   o \ProgramData\Microsoft\Windows\WER\ReportArchive   
   o \ProgramData\Microsoft\Windows\WER\ReportQueue
   o \ProgramData\Microsoft\Windows\WER\Temp
            .

 o      DDA,
        AMD  
      ,     
        ,    
      1-    , 
       1-      
       2-  ..
   (!)           , 
   (!)           
   (!)  ,     
   (!)    .

 o       Windows 11 24H2,
         Windows dism   ADK
          ,
            dism   .

 o       CDD.DLL   
     .

---------------------------------------------------------
 4.99.14
---------------------------------------------------------
 o         Win11:
          .

 o          bFixedName   
    settings.ini     0.

---------------------------------------------------------
 4.99.13
---------------------------------------------------------
 o      DDAL      .
       ,       fps  
     ( 100Mbit)   .
             
      FHD @ 60fps  2 @ 30 fps  100    70-80%  .
       95%  10%,  4 /    . G80%-G20%.
   G80%     95%,          fps.
               
       .
   (!) 95%      ,   80-90%   .
   (!)      DDA1/DDA2       DDAL.
   (!)     Windows 8.

 o          fps   5   
        .

 o             .

 o           uVS. 
         ,     .
        DLL       DLL.
            uVS,    :
   "     uVS".
         " DLL      uVS".
   (!)     Windows Vista.

 o       DLL.
       DLL      uVS.

 o      "        uVS  DLL".
         ,   Windows Vista.
           "",  
        "" ,    
     .
   (!)       uVS   
   (!)   DLL  .

 o      2.0.    
      DLL,   uVS.    
     API.       
              
   ""   .
           ,    API
    DLL     DLL.
   (!)     DLL      ,
   (!)        ,
   (!)   uVS      .
   (!)         ""   
   (!)    "        uVS  DLL".
   (!)      Windows Vista.

 o         .

 o    .

 o     .

 o    ,         .

 o        .
   
 o   -             .

 o           -    GDI
   ,        .

---------------------------------------------------------
 4.99.12
---------------------------------------------------------
o    Defender-  _ powershell - 
     Kaspersky Free.      Defender 
   .
   (!)  Defender           
   (!)         
   (!)      .
   (!)      ,     
   (!)        .

 o          /   .
   (  Windows Vista+)

 o     DLL    uVS,    
      .

 o       Windows Vista   kernelbase.dll,
       .

 o :    .

---------------------------------------------------------
 4.99.11
---------------------------------------------------------
 o        DLL    uVS.
         DLL,
    ..        .
   (        )
         " DLL      uVS".
        DLL    .
       uVS        DLL 
     . (:  Comodo, punto switcher (  UAC)  ..).
   (!)     Windows Vista.

 o             DLL.

 o   ,         uVS.
      .
   (!)    " DLL      uVS"  
   (!)  .

 o       MinimumStackCommitInBytes    IFEO  16Mb.
    #35    .

 o       CfgOptions    IFEO   .
    #35    .

 o        MitigationOptions    IFEO  
     . (   STATUS_DLL_INIT_FAILED [0xC0000142])
    #35    ,        
    .

 o    UseFilter  FilterFullPath  IFEO.

 o       ,     
     ,                .
           .
   (   : " "  "  "_"   ")

 o   #45   .
       ,     "".

 o     uVS         "crash.log".
   report_crush       .

---------------------------------------------------------
 4.99.10
---------------------------------------------------------
 o           .

 o   "    uVS"  " DLL"    
   " DLL      uVS".

 o      DLL  uVS.

 o           2 .
   ( file.txt.exe)

 o          XML- .

 o     json.
        json   .

---------------------------------------------------------
 4.99.9
---------------------------------------------------------
 o        .

 o        Chrome-based .

---------------------------------------------------------
 4.99.8
---------------------------------------------------------
 o    ,      ,
          .
   (!)       SAM.

 o   ""  :
   o  
   o  
   o  
   o  
   o  
   o  

 o     json   VT.

---------------------------------------------------------
 4.99.7
---------------------------------------------------------
 o       .
             "   ".
                 SYSTEM.
      , ..       ,  
    ,     .    ESC    
       .
   (!)    64-        32-  cmd.exe
   (!)      .

 o       / /  .
         Debugger  MonitorProcess.
                 
       .

 o  #35 ,   : "  IFEO  SilentProcessExit".
                .

 o    ""  "Defender_".

 o     "WD_Exclusion:"  "WDE:".

 o          .

 o     json.

 o   "...   "     Defender-  .


---------------------------------------------------------
 4.99.6
---------------------------------------------------------
 o     ,    .

 o     uVS:       .
          ,          .
      ,      .
          "Documents and Settings" (Users+ProgramData   )
     .       ""  ""   
       "",            .
             ,
                  HDD.
         SSD,  "Documents and Settings"    70979   452175 ,
      (  uVS    )   5%.

 o     Windows Defender-.

 o        .

 o     Windows Defender-         powershell.
      : , , .
   (!)    powershell   powershell    .

---------------------------------------------------------
 4.99.5
---------------------------------------------------------
 o                .
     Windows 8   uVS      
    uVS     Windows (WinRE)    __ .

       " uVS     ".
          "      ",
      :
      //Troubleshoot(     Windows) --> uVS

      dclone, uVS       WinRE,      ,
     uVS      , ..    uVS
       ,   uVS       .
      uVS   ,   WinRE     .
            WinRE, ..   
       VT,          " ".

 o        WinRE/WinP      , 
       uVS              
   ,   uPNP  WinRE   ,     " " WinPE
           . (    ).
   (!)  WinRE/PE       - GDI,      WinRE/PE  
   (!) Win8/Win8.1/Win11,  Win11  WinPE       BLT,       .
   (!)     WinPE   Win10  ( x86),           
   (!)       .
   (!)     WinRE    Win10,    Win10  .
   (!)     uVS     ,     Alt+Tab   .

 o   :
   o  rein/rein.x64    uVS  .
   o  usvc.x64    uVS  LocalSystem.
   o   getcpb            LocalSystem.

 o                ,
    uVS   .

 o         WinPE+ADK v10.1.26100.2454 ( 2024).
   (!)   32-  WinPE  WinPE      ADK  .
   (!)   32-    ADK  Windows 10 2004. (.   FAQ.txt)

 o     .
   ISO     UEFI, ISO    UDF ,
   ..           UEFI     UEFI.
               UDF ISO.
       ,   MBR, GPT  .
   (!)      FAT32,      ,
   (!)   . 

 o      DDA         GDI.

 o            .

 o           .

 o              .

 o           
       "uvsrdp".
   ..             uVS   .

 o      ,     
     CopyFile           
             .

 o            .
           x86   100000.

 o uVS       Windows 8.

 o      ,         
                ( 10Mbit).

 o   -            Alt+V.

 o   -          "  "
         GDI  DDA1.

 o   -               
     .

 o   -          DDA ,  
            .

 o   -          .

 o           ,     .

 o   -           ( "  ").

 o   -               .

---------------------------------------------------------
 4.99.4
---------------------------------------------------------
 o       .
            ,   
             .
   (        ,      ).

 o         uVS.
             20   (  )
      uVS.   
    fps  32-     3     uVS  FHD.
   (!)     uVS    .
   (!)          ,  uVS  
   (!)      (Winlogon).
   (!)   :          .

---------------------------------------------------------
 4.99.3
---------------------------------------------------------
 o             .
   (!)        uVS,        bReUseRemote = 1,
   (!)         uVS     
   (!)   uVS.

 o    :     .
   (!)    Vista,          .
                  .
                 
        .
        ,       .
   o    :     ,          
      . (  RAdmin         15    uVS).
   o      ,   ,     
        .
   o      , ..   P2P.
   o      NAT      uPNP.
   o    ,   VPN.
     (!)           VPN, VPN   .
   o     , ..      1  IP,   
       .

     start.exe      :
   o      .
               ,     
       (. )            . 
      : 
       o     -      IP     
         .        IP ,      
             NAT,      IP . (   [router]).
            uPNP,       .
               IP       .
           IP           . 
                  " IP"       .
           IPv4  IPv6.
         (!)           "".

       o     -            
              .        .

   o       []
     (!)           .
               ,     
        .
      3 : 
       o       - : , ,     .
       o         - :     .
       o     - :  .
           uVS,    
             Ctrl+Alt+Del.

   o       [ ]
           2- ,        
        Ctrl+Alt+Del,        .

 o                  .
            ,         
          .
             .
                (     ). 
               ,     
     .
                   
          .       .
                  C:\uVS_copyfiles\*
            .
         :        
        ,            
           .
                   .
   (!)        .
   (!)           ,
   (!)     , ..       ,   
   (!)      , ..   .
   (!)     , ..       .
   (!)          ,   
   (!)             .
   (!)            ,  
   (!)   .
   (!)   CS      .

 o   : IPv4   ,       
   IPv4       .

 o              .

 o          .

 o         .

 o        :    
     .

 o        .
         ,       . (   MM)
                  (  ),
               .
                    
    RWin.

 o uVS             uVS.

 o             .
    1:1      .
     1:1 ,          ,
         .

 o     ,  3 :
   o GDI -     ,      ,  fps.
            (    Win2k-Win7)

   o DDA1 - ,    Windows 8,   ,
             fps     .
            (!)       100Mbit,  DDA2.

   o DDA2 -          mirror ,    ,
               Windows 8,   ,  fps     .
                 fps ( 60)         .
            (    Win8+,     ).
            (!)        100Mbit,    1Gbit  
            (!) -   .
            (!)       10     DDA1,   -  2  .
    
 o        "SYN"        .
   (    )
       ,     fps    
      ,      fps    ,
       ,       
      .     (10Mbit  )   
     (   )      
   -         ,        ,
              .
        uVS      SYN  .
    SYN           .
     100Mbit   ( ),  DDA2    SYN     fps     .
    SYN   ,       uVS.
        .

 o        "MR"        ,
                    .
                   .

 o    uVS      ,     .
   (      )

 o     ,        DDA .
   (!)    :             ,
   (!)          /       .

 o    Microsoft Edge.

 o       : Chrome, Yandex, Edge.
            .
          Extension_homepageURL  .
          "  "          
    .

 o            .

 o         .

 o      GDI .

 o       ,          .

 o       

 o    COM.

 o   -      2  .

 o       (Ctrl+Z)    .

 o                
         .

 o        .
      ,     ,       
    .

 o       regedit-        
     .
   (!)      .

---------------------------------------------------------
 4.99.2
---------------------------------------------------------
 o            .
                  .
         ,   ,       fps.
             VT.

 o  Windows 8         Desktop Duplication API + DX11,
            FPS  
       ,     
         ,     
     .      "CAPBLT" .
    fps      2  ,    .

 o        Direct2D     ,
           FPS    .
            .
   (!)   Vista SP2/Windows Server 2008 SP2.

 o     ,       ,
       ,          fps.
   (!)               .
   (!) Win+U ->    "    ".

 o            , - 
        2560x1600 .
        40%. ( 32/24  )
        25%. (  )
   (!)        uVS,       bReUseRemote = 1,
   (!)         uVS     
   (!)   uVS.

 o          32/24/16bpp   
   (  ,       ).
        24bpp (24   ), 15bpp (15 )  7bpp (7 ). 
   7bpp  -   128  .       
    ,         ,  "" .
         70%    ,  24bpp
      fps (    ),      .

 o     .

 o    "1:1",          1:1
   (  ),            ,
            .

 o    "[ ]",            
      ,            
                   ,
                   ,
              .
     RWIN     ,            
        ( Alt+Tab),           
      .

 o              
      ,     FPS    .
     uVS          Windows  
         .       uVS  
      ,      bFixedName=1  settings.ini,     
    .
         :
    o IPv4 (  TCP-IPv4,     )
    o   (   IP,       TCP-IPv6   4%)
    o     (   IP)
   (!)    IPv6, ..      IPv4  IPv6 ,     IPv6.
   (!)                 
   (!)   ICMPv6  SYSTEM.
   (!)   IPv6    WinXP.
   (!)                .

 o    settings.ini
   [Settings]
   ;  IPv6      .
     bIPv6 (  1)

 o          6  10 ( 1-10).

 o           ,    
       .

 o          Ctrl+Alt+Del ( CAD)  Windows Vista  .
         : usas.
   (!)           SAS.
   (!)      Windows Server 2008  Windows Vista,
   (!)   () sas.dll  Windows 7:
   (!) C:\Windows\System32\sas.dll  C:\Windows\SysWOW64\sas.dll ( Vista x64  )
   (!)     C:\Windows\System32  C:\Windows\SysWOW64 .
   (!)    Windows 7    STORE ( NT60  NT60x64).

 o           NTFS .
    ,        , ..      uVS,
      ,   Zoo     (     ).
                MFT.
   (        badNTFS Pro v2.21)

 o              .
       512 ,           
     ,      .

 o          .

 o              .

 o   cmd/vbs  ..  ,       #FILE#,   128kb.
                 
        .

 o     . (0 - , 1 - ).

 o       "",       .

 o  start  start_x64:      .

 o       VT.
          sigma_analysis.

 o       .
                     
     pid.
   (!)          . ( #39)

 o        .

 o           .

 o       :     .
         1024        ,  
     .          .
       v1.0.

 o        ,     50
           .

 o            Windows.

 o   -           .

 o       .

 o   -         
       .

 o   [Error: 0x80004002 -   ]  (27)   Chrome
            "regt 27"  .

 o  Windows 11    ,      - .

---------------------------------------------------------
 4.99.1
---------------------------------------------------------
 o      .

 o   ->       
    :
     o                                           ( )
     o                                     ( )
     o   [F3]                                  (    ESC)
     o      [F4]                     (    ESC)
     o   [F6]                                            (    ESC)
     o     [Alt+F7]                          (    ESC)
     o     [Ctrl+F7]                       (    ESC)
     o                            (    ESC)
     o                                   (    ESC)
     o             (    ESC)
     o         (    ESC)
    0        ( ),  
        30%.
      E- ,       P   ,
       + NVME SSD        .
           uVS       ( ).
          .
        SSD      ( 4-     4x  SATA SDD),
                  (  - 128).
    HDD   ,     (10-20%),     
      (..   )      HDD.
             1 .
   (!)     ESC    .

 o  ,     ESC:
   o      VirusTotal.com
   o       VirusTotal.com
   o        VirusTotal.com (c  )
   o      virusscan.Jotti.org
   o       virusscan.Jotti.org
   o        virusscan.Jotti.org (  )
   o       
   o   ->         

 o    "   ".
             .
      "   ",     .
             ,        .
             ,
              .
              XML  .
            , 
         ,       .
          .
     Backspace      ,    
      ESC (   )  Alt+Up (    ).
   (.    Doc\   .txt)
   (!)   Vista  . 
   (!)      .

 o           50mb,
       .

 o   : deltskname __
       .
         "\", : \Task
      : \Microsoft\
   (!)   Vista  .

 o       ,      
       .

 o    /    (       ).
       :
    o \ -    
    o DEL -  / ( )
    o ESC -  ,      .   
    o Backspace -    
    o Alt+ -    

 o                
      "". ..          .

 o  AutoHotkey              F3 
           .
                 .
         ahk .

 o           x64       1 . ,
    x86  150  . (    10  )

 o   ,    .

 o   HOSTS     2   .
       ,        .
       HOSTS,       ,       
       HOSTS  \Windows\System32\drivers\etc,    HOSTS.ICS.
          DEL.

 o    Windows API -             .
    Windows          ""   .
                    .

 o     . (ctrl+p)

 o             .

 o    EXEC32  .

 o         .

 o                 F3.

 o         .
                .
         .
      .

 o    gpudpate    .

 o        "All users"/ProgramData   .

 o   .

 o   -    x64      x64v .

 o        44 .

 o               .

 o         .

 o         Ctrl+Z    .

 o      *OperatingSystemVersion  64-   .

 o        HOSTS    .

 o        (  v4.15.4)

 o     ->         

 o    .

---------------------------------------------------------
 4.99.0
---------------------------------------------------------
 o uVS   64- ,  4.99.x        v5.0.
     v5.0         .

 o uVS   4 : uVS x86, uVS x86v, uVS x64, uVS x64v.
   v-     Vista     ,     (start.exe).
    start_x64.exe   uVS x64(v)  WinPE x64  64-     (   Win8),
    start.exe  x64   64-    x86   32- .
   "v"      15%,        v4.15.7v.
            uVS v4.15.4.
   (!)  "v"      .

 o       .
              "     ".
      ,       Vista.
         \Windows\ABR    (  ),
    (  restore  defrag)  . 
      : "yyy-mm-dd_hh-mm_shadowcopy".
          .
          defrag     ,    .
   (!)   defrag   ,              ,
   (!)     .

 o       .
    uVS              ,  
                . (      ).

 o          .

 o  uVS            .
   1.    Windows 8  ,   start.exe    "      ".
   2.    "   -> -> "
   3.         .
   4.  start.exe/start_x64.exe   uVS.
      (!)      C  D.
          : uVS    :\uvs (     D:\uvs)
            uVS    3 ,     Enter.
          1. d:
          2. cd d:\uvs
          3. start_x64.exe
   5.   Windows ( D:\Windows    ).
      Windows 7  ,         F8   .
   (!)  msconfig    ,       .
             , ..   .

 o    uVS     Windows 8/8.1.

 o     .
          WinPE x64,      ADK    Windows 11.
   (!)  x86 ISO     ADK+PE 2004  ,     ADK+PE  x86 .
     ,     uVS  FAR  .
     :
       =  .
       : 250 .
       : 4096 .
         .
           WinPE    .
          ,   (,)   :
     : %SYSTEMDRIVE%\FAR64\far.exe, C: D:
     (!)  WinPE x64    64-  , 32-     .   
    HTA  Scripting     ,      uVS.
       FMAPI.
           :
   https://learn.microsoft.com/ru-ru/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference?view=windows-11
      ADK :
   https://learn.microsoft.com/ru-ru/windows-hardware/get-started/adk-install#choose-the-right-adk-for-your-scenario

 o   #44,         \Windows\System32\config\RegBack
     Windows 10 1803     .

 o        :   ,    ..

 o        .

 o    ,             (shared, redirected...).
      32-   shared   ,   ,    .
   ..     x64  uVS             ,       
   "shared"    WOW6432Node.
    "redirected"   ,     x64   x86 .

 o   : 
   Ctrl+Shift+*  -   (      )
                      .
   Alt+Shift+I  -          (    "Default")
                       c "Default"    uVS ( uVS      - start.exe /d)  .

 o         UAC. (start.exe /d)
     LocalSystem           Vista.

 o    Alt+Shift+A      .

 o         uVS      .
            (    )    .
      bReUseRemote  settings.ini          uVS.
       bReUseRemote (  )    .

 o        " .txt"

 o     .

 o      .

 o    "."          .

 o     "       Non-ASCII "      
   _      (    F4).
         .

 o      VT          .

 o    .

 o   :     .

 o         Firefox.

 o     PROCESSOR_ARCHITECTURE.

 o      USERPROFILE, HOMEPATH, LOCALAPPDATA, APPDATA, PROCESSOR_ARCHITECTURE, PROGRAMW6432, COMMONPROGRAM6432.
       .
            .

 o  "     PEB_LDR_DATA  " .

 o     runscanner.net

 o            Google.

 o      DLL.

 o        . 

 o   -         .

 o     .

 o   .

 o      "   "     .

 o       .

 o          .

 o              .

 o         .

 o          Windows 7 x64,
              SHA1,   SHA256.

 o    .

 o   .

---------------------------------------------------------
 4.15.7
---------------------------------------------------------
 o     : "Not a cryptographic message or the cryptographic message is not formatted correctly"
      .

 o    .

---------------------------------------------------------
 4.15.6
---------------------------------------------------------
 o   -        uVS,
           DLL.

 o        Win2k.

---------------------------------------------------------
 4.15.5
---------------------------------------------------------
 o      USERPROFILE, HOMEPATH, LOCALAPPDATA, APPDATA.
             lnk .
      lnk    ,       
         .

 o        .

 o     rundll32.

 o  start.exe.
   o  .
   o    ,   "   ".
   o  :      uVS   "  "  . 

---------------------------------------------------------
 4.15.4
---------------------------------------------------------
 o  .

 o     "  "       
     .
          "->   ".
              (   Windows).
         , PID      (.  ).
               ,   
               .
   (!)          ( #39).
   (!)      .

 o    ,   v4.15.4      uVS.
   :
    o          (->   [Alt+D])
    o     (->   )
      (!)          ( #39).
    o    .

 o  cmpimg    1.04      .

 o  uvs_snd    1.05      .

 o         "v"  uVS,      Vista.
          uVS      Vista.

 o         Win2k   " ".
   (!)   uVS _  Win2k,  Win2k    .

 o     TCPIPv6 .

---------------------------------------------------------
 4.15.3
---------------------------------------------------------
 o    uvsv     Vista.
         uVS c  v  : 4.15.3v.
           .
      Vista     4.15.3.

 o       .

 o           .
         GPU.

 o           .

 o            .

 o    -    :
   o        ( lclz).
   o          .

---------------------------------------------------------
 4.15.2
---------------------------------------------------------
 o       .
       unload        " ".

 o          .
   (    )

---------------------------------------------------------
 4.15.1
---------------------------------------------------------
 o     uVS v4.15+    HTA.
      WMI.
      8.

 o    "Defender: ".
       Windows Defender-. (, , , ).
   (!)       .

 o    :   BCD.
    BCD (    )               ,
           nVidia,  3D    ..
     BCD:   ,      msconfig,      
     ,      "" .

 o       BCD.
          (   ).

 o  start.exe:
   o     setting.ini
   o         .
   o           .

 o   #43 [Win7]    msconfig.
    Windows 7  . 
       BCD,    msconfig-    .
        /   msconfig-,    10      
     .           msconfig-.
   (!)               ,    
   (!)    msconfig             .

 o         restore  defrag   ABR v1.20.

 o        " ". (   areg)

 o     ,     .

 o    VT  "First Seen In The Wild"   -   .

 o     .

 o     .

 o        .

 o        .

 o    .

---------------------------------------------------------
 4.15
---------------------------------------------------------
 o      ,        .

 o    . 
     sreg  vreg  .

 o      Windows   / ,
       "uvs_regback"    ,
               .

 o   -           :
   security, drivers, components.      ABR v1.10.

 o   -           .

 o    settings.ini
   [Settings]
   ;    
     FontHeight (  10)

 o    settings.ini
   [Settings]
   ;    
     FontName (  Tahoma)

---------------------------------------------------------
 4.14.1
---------------------------------------------------------
 o           .
   : \DEVICE\HARDDISKVOLUME1\EFI\MICROSOFT\BOOT\RECOVERY.EXE
            .
           ,  .
       .
   (        Windows)

---------------------------------------------------------
 4.14
---------------------------------------------------------
 o         .
   -  uVS      .

 o      Windows.
   (   ).

---------------------------------------------------------
 4.13
---------------------------------------------------------
 o   Windows 10 2004 ADK    .
   (!)    Windows PE x86,     x64,    32-   .
         :
   o    Windows ADK  Windows 10  2004 (adksetup.exe)
     o  
     o   (USMT)
     o     Windows
   o Windows  PE  ADK  2004 (adkwinpesetup.exe)
   (        /ISO)
   (!)    Windows ADK   "Could not acquire privileges; GLE=0x514"
         adksetup    ,      uVS,   LocalSystem.

 o  ,              .

---------------------------------------------------------
 4.12.3
---------------------------------------------------------
 o     .

 o     "  HKCR".
          CLSID (   ).
                 .
     : 
    o  #37       
    o           HKCR.

 o     .

 o       .
       ,         .
    ABR   1.10,      uVS . 
    o   ABR             .
    o   defrag         .

 o           .

 o            ( 2 ).

 o        reg-    .

 o      1(Win8  8.1)  2(  ). (   3-  Win10/Win11).

 o        .

---------------------------------------------------------
 4.12.2
---------------------------------------------------------
 o     ,       .

 o            "".

 o                 #BINOBJ#,
       Actions   .
                                                  
---------------------------------------------------------
 4.12.1
---------------------------------------------------------
 o     .

 o      hosts,        hosts.

 o     :
   o uvs_snd.exe
   o cmpimg.exe

---------------------------------------------------------
 4.12
---------------------------------------------------------
 o           .

 o   STORE  Windows 11.

 o  STORE    Windows 11.

---------------------------------------------------------
 4.11.13
---------------------------------------------------------
 o         .

---------------------------------------------------------
 4.11.12
---------------------------------------------------------
 o   BITS     . (BITS v1.5+)

 o    NTFS .

---------------------------------------------------------
 4.11.11
---------------------------------------------------------
 o   Windows 11.

---------------------------------------------------------
 4.11.10
---------------------------------------------------------
 o     .
          (hollowing/dopelganging  ..)    .

 o     ,      CLSID    .

---------------------------------------------------------
 4.11.9
---------------------------------------------------------
 o  #39        ,      .
     Windows 8.1/Windows Server 2012 R2  .

 o WLBSCTRL.DLL      .

 o      (  DNS)    DHCP Domain   .

---------------------------------------------------------
 4.11.8
---------------------------------------------------------
 o  DNS     , #41  #42.
   DNS     Win8 (  )   Win8.1  . 
            Windows 10,
          42 .
   (Win7    ).

---------------------------------------------------------
 4.11.7
---------------------------------------------------------
 o  39  40      DNS .
    uVS   "DNS ",    ,       ,
          ,  pid,    DNS  ,   ,  
      .    IP  CXCS.MICROSOFT.NET    CXCS.MICROSOFT.NET.EDGEKEY.NET,
           E3230.B.AKAMAIEDGE.NET,         CXCS.MICROSOFT.NET,
      .
        /      .
   (!)      ,
   (!)            .
   (!)         Windows 7.
   (!)   DNS    512mb   ,     30-50 ,
   (!)          .

---------------------------------------------------------
 4.11.6
---------------------------------------------------------
 o    .
       ,  ,       :
   " ", " ", " "     , pid ,
   pid    ,    XML     .
    #39/#40  /    .
   (!)   Windows 10  1903+/Windows Server 2016.

---------------------------------------------------------
 4.11.5
---------------------------------------------------------
 o    . 
         ,      ,  
      ,      .
         "   "    ,   
     .
    #39  ,  #40 . 
   (!)       ,
   (!)              .
   (!)         Vista (NT6.0)/Windows Server 2008.

 o                 ,
   pid, ,  .          
       .
        ,    .

 o             .

 o   :
   Ctrl+F7 -      .

 o        Windows.

---------------------------------------------------------
 4.11.4
---------------------------------------------------------
 o  lnk         .

 o   VT   VT .
   (      )

 o     :
   delwmi -      delwmi
   deltsk -      deltsk
    -     ""     "  ".
                          .
            (!)       .

---------------------------------------------------------
 4.11.3
---------------------------------------------------------
 o       VT.

 o     .

---------------------------------------------------------
 4.11.2
---------------------------------------------------------
 o   VT API v3.

 o    runscanner.net

 o          .

 o                 .

 o        :
   Alt->left  Alt->right     .

---------------------------------------------------------
 4.11.1
---------------------------------------------------------
 o   -    uVS         .

 o         .

 o     RWIN     .

---------------------------------------------------------
 4.11
---------------------------------------------------------
 o   -      .

---------------------------------------------------------
 4.1.9
---------------------------------------------------------
 o      ,     .

 o    38-        .

---------------------------------------------------------
 4.1.8
---------------------------------------------------------
 o       -          SOFTWARE.

 o      :
   1) Dism /Online /Cleanup-Image /StartComponentCleanup
        ComponentCleanup.
         .

---------------------------------------------------------
 4.1.7
---------------------------------------------------------
 o         .
   : cmd.exe /C start /D "C:\xxx\1" /B x1.cmd   
   x1.cmd    C:\xxx\1\x1.cmd       ,     ,
            x1.cmd   .

 o     DnsPolicy.           / dns-.
          .

---------------------------------------------------------
 4.1.6
---------------------------------------------------------
 o      :
   1) Dism /Online /Cleanup-Image /ScanHealth
        ScanHealth.
           .

   2) Dism /Online /Cleanup-Image /CheckHealth
        CheckHealth.
         scanhealt  

   2) Dism /Online /Cleanup-Image /RestoreHealth
        RestoreHealth.
         .

       uVS.
          ,       .

 o  80/443          - http://dsrt.dyndns.org:8888

 o         bitcoin ,        ,
     /              
     ,         14- .

---------------------------------------------------------
 4.1.5
---------------------------------------------------------
 o       .

 o      ""     /     .

 o      "ReleaseId"  Windows.
   : Windows 10 Pro 1809

---------------------------------------------------------
 4.1.4
---------------------------------------------------------
 o     (DLL)  pid ,        .

 o    .

---------------------------------------------------------
 4.1.3
---------------------------------------------------------
 o   startf,       Windows 10.

---------------------------------------------------------
 4.1.2
---------------------------------------------------------
 o   OFFSGNSAVE            .

 o        .

 o        Windows 10 (Alt+I).

 o   WMI    __TimerInstruction.

 o     chklst  delvir            1 .

---------------------------------------------------------
 4.1.1
---------------------------------------------------------
 o                   ,
      bNetFastLoad        .

 o            (     ).
       Windows 10.

---------------------------------------------------------
 4.1
---------------------------------------------------------
 o       .

 o      .

 o    .

 o    VT.

---------------------------------------------------------
 4.0.23
---------------------------------------------------------
 o      .

 o    ""     .

---------------------------------------------------------
 4.0.22
---------------------------------------------------------
 o    .
    CPU/GPU    10 .
    : Alt+D
           . (   pid=4    uVS)
   (      pid,    ,     /  , ASA   ) 
         .

 o   wmi event/task        .

 o     >60%  1     "".

---------------------------------------------------------
 4.0.21
---------------------------------------------------------
 o    WorkingDirectory   CommandLineEventConsumer.

 o     WMI        /.
    : delwmi  deltsk

 o     ,       .

 o     >50%  1     "".

---------------------------------------------------------
 4.0.20
---------------------------------------------------------
 o        ,       Windows.

---------------------------------------------------------
 4.0.19
---------------------------------------------------------
 o         GPU   __ .
       >15%        "".
       GPU    "GPU".
   ,    GPU     GPU    .
   GPU   1-,            .
        .
   (!)    GPU   Windows Vista  .

 o     .

 o          "[suspended]".   

---------------------------------------------------------
 4.0.18
---------------------------------------------------------
 o         CPU   __ .
   "CPU" =   .
   "CPU 1 core" =     1 .

 o uVS           .

 o   -             .

 o   -          uVS   .
   (        ).

 o   (    ASA)        *\CLSID.
        "  ".
   (!)    ,   ,      (Win10)     .

---------------------------------------------------------
 4.0.17
---------------------------------------------------------
 o   /   DisplayName, Description, Owners.

 o        uVS.

---------------------------------------------------------
 4.0.16
---------------------------------------------------------
 o       :        "\".

 o        icsuspend     "->      ".

---------------------------------------------------------
 4.0.15
---------------------------------------------------------
 o       .
     64-  ,     Windows Vista  ,  Win2k/WinXP  .

 o      .

 o   : ->       (      DLL)
      Windows Vista  .
    : icsuspend

 o     " "/" "  .

---------------------------------------------------------
 4.0.14
---------------------------------------------------------
 o           (   32-  ).
         :
   Injected thread detected in process _ [PID], tid=TID
             DLL.

 o URL         .

 o   bFakeName
   [Settings]
   ;            .
     bFakeName (  0)

---------------------------------------------------------
 4.0.13
---------------------------------------------------------
 o         VT.

 o     .

 o      Firefox x86/x64.

---------------------------------------------------------
 4.0.12
---------------------------------------------------------
 o      ( Vista+)
      "".

 o        .

---------------------------------------------------------
 4.0.11
---------------------------------------------------------
 o     whois  nic.ru

 o   #38 -   DisallowedCertificates

 o     browser.startup.homepage  perfs.js (Firefox).

---------------------------------------------------------
 4.0.10
---------------------------------------------------------
 o        . 
   (             )

---------------------------------------------------------
 4.0.9
---------------------------------------------------------
 o          .
   ( x64 )

---------------------------------------------------------
 4.0.8
---------------------------------------------------------
 o    ABR (http://dsrt.dyndns.org/files/abr.zip)
        ABR.

 o        .

---------------------------------------------------------
 4.0.7
---------------------------------------------------------
 o      .
                .

 o         "DRIVERS"  "COMPONENTS".
     ,            __      Windows.
        (   )      Windows.
   (!)    ERUNT    Windows Vista                   Windows.
   (!)   Windows\System32\config\RegBack (  Windows 10)   "DRIVERS"  "COMPONENTS",        .

 o         ,  .
        .  
             .

 o         ,  .

 o      .

 o   WMI     .
   (Getting IWbemLocator instance failed  )

 o      :  Del     .

 o           .

---------------------------------------------------------
 4.0.6
---------------------------------------------------------
 o    WOW64        32-  .

 o        . (   )

---------------------------------------------------------
 4.0.5
---------------------------------------------------------
 o     com-.

 o         .

 o     F3/F7          .

---------------------------------------------------------
 4.0.4
---------------------------------------------------------
 o       Firefox.

 o        Firefox.

---------------------------------------------------------
 4.0.3
---------------------------------------------------------
 o     WMI,    .

---------------------------------------------------------
 4.0.2
---------------------------------------------------------
 o      .

 o    WMI      .

 o       WMI       MOF .

---------------------------------------------------------
 4.0.1
---------------------------------------------------------
 o    "WMI:  ".

---------------------------------------------------------
 4.0
---------------------------------------------------------
     v3.87,        :

 o   ,           ,
           .

 o  ,        :
   o     (delref)
   o         (delall)
   o    (unload)
   o      (delnfr)
     ,     ,       .

 o             " ".
           .
   (!)    __   uVS.
   (!)         id     .   ,
   (!) ..       ,    :  ,
   (!)        .
   (!)      (delvir)           .
   (!)        .
   (!)      "apply"         ,
   (!)           ,   ,
   (!)   "apply"          .

 o         " ".

 o      .
         uVS, ..       .
               .
   (!)         / ,  
   (!)          , ..  uVS       .
   (!)             Ctrl+Z    
   (!)    .  ""    ,         Ctrl+Z.
   (!)          "". (   "")

      .
---------------------------------------------------------
 4.00 RC 2
---------------------------------------------------------
 o       .

 o       Chrome.
   (   WinXP)

---------------------------------------------------------
 4.00 RC 1
---------------------------------------------------------
 o      .

 o    ,            .

 o        __    c:\windows\prefetch

---------------------------------------------------------
 4.00 Beta 13
---------------------------------------------------------
 o         
   . (, guid-  ..    )

 o      ASCII     .

 o   -        *.tmp (  )
     -  windows           
              .

---------------------------------------------------------
 4.00 Beta 12
---------------------------------------------------------
 o            " ".

---------------------------------------------------------
 4.00 Beta 11
---------------------------------------------------------
 o      .

 o       .
   (    )

 o        .

---------------------------------------------------------
 4.00 Beta 10
---------------------------------------------------------
 o          .

 o       addsgn.

 o     Del       -> .

 o   .

 o             unload  del.

 o           .

---------------------------------------------------------
 4.00 Beta 9
---------------------------------------------------------
 o      "  ",          delvir .

 o  " "  " "       addsgn/bl/zoo.

 o   "  "      addsgn/bl/zoo        
       bAutoZooOnF7/bAutoBLOnF7/bAddComment.

 o     .

 o          .

 o       .

---------------------------------------------------------
 4.00 Beta 8
---------------------------------------------------------
 o     .
      (     )         
   "  ".

 o    "addsgn"   "".
   ADDSGN    ,          = 7.
   (     unload(1), delref(2), del(4))

 o  "      "     , 
         1 .

 o         uVS.
          ,         .

 o            Alt+W  Alt+J.
           VT  JT.

 o  bWebVT   .
      VT      VTAPI       VTAPIKey  settings.ini

 o                  "delvir".

 o   "  ".
         ""      ,        
      ,        ,     ,
       .

 o       ,         .

---------------------------------------------------------
 4.00 Beta 7
---------------------------------------------------------
 o     cmd.exe

 o       Yandex Browser.
   (  UTF-8)

 o   ,  chklst  delvir        addsgn.

 o    ,     "DLL   ".
       " "      F3.

 o   ImgAutoClean
   [Settings]
   ;     deltmp+delnfr (delnfr        ImgDelnfrUnwind=1)
     ImgAutoClean (  0)

---------------------------------------------------------
 4.00 Beta 6
---------------------------------------------------------
 o     .
      .   

 o   cmpimg  v1.02

 o   uvs_snd  v1.02

 o                 .

 o    ,     5 ,     
            . (   "").

 o      RWin, -  Windows   
    uVS        .

 o      uVS (x)     ,      RWin
       uVS (  bReUseRemote=1).

 o      64-  .

 o       ,          ( bReUseRemote=1).

---------------------------------------------------------
 4.00 Beta 5
---------------------------------------------------------
 o          "",
      uVS,       .

 o      .
         uVS, ..       .
               .
   (!)         / ,  
   (!)          , ..  uVS       .
   (!)             Ctrl+Z    
   (!)    .  ""    ,         Ctrl+Z.
   (!)          "". (   "")

 o                .
            .
   (!)        ImgDelnfrUnwind  0.

 o           .

 o     :  delvir                .

---------------------------------------------------------
 4.00 Beta 4
---------------------------------------------------------
 o   uVS      "  ".

 o       Ctrl+Shift+Del.

 o     (      V400c).

 o  ImgDelnfrUnwind  .    1.

 o      del/delref/delall        .

 o   deldir/deldirex     .

 o   deltmp       delref   .

 o       (delall)   .wsf, .vbs, .js      unload  wscript.exe
   (!)      ,       ,   
   (!)    delall     __ .

---------------------------------------------------------
 4.00 Beta 3
---------------------------------------------------------
 o     RWin,     
       uVS      __.
            uVS       .

 o        .

 o     Del -        .
      .
   (!)     ->.

 o     ZOO,             ,
         /.
   (!)        delall  .

 o       Shift+Space  MBR/VBR/IPL.

 o           .
   (!)     .

 o      V400c.

 o          .

---------------------------------------------------------
 4.00 Beta 2
---------------------------------------------------------
 o           .

 o      ,  " "    .

 o               .

---------------------------------------------------------
 4.00 Beta 1
---------------------------------------------------------
 o   ,           ,
           .

 o  ,        :
   o     (delref)
   o         (delall)
   o    (unload)
   o      (delnfr)
     ,     ,       .

 o             " ".
           .
   (!)    __   uVS.
   (!)         id     .   ,
   (!) ..       ,    :  ,
   (!)        .
   (!)      (delvir)           .
   (!)        .
   (!)      "apply"         ,
   (!)           ,   ,
   (!)   "apply"          .

 o         " ".

 o    "apply"       .

 o       .

 o        .

 o  ImgDelnfrUnwind     .

 o    delnfr        .

---------------------------------------------------------
 3.87.10
---------------------------------------------------------
 o   .hta .

 o       .

 o         .

---------------------------------------------------------
 3.87.9
---------------------------------------------------------
 o    .
    Google Chrome   Chrome/Yandex.

 o       Chrome.
   (    ,   )

 o   -     ( )       .

---------------------------------------------------------
 3.87.8
---------------------------------------------------------
 o     ->      RegBack   
     \System32\config\uVSRegBack       \System32\config\RegBack
    UvsRegBack         ,       
            .
      Windows Vista  
   (!)          .
   (!)     .

---------------------------------------------------------
 3.87.7
---------------------------------------------------------
 o    TaskCache,   CLASSID.

 o   NON-ASCII      Chrome.

 o  bWebVT     .

 o     Firefox  Chrome.
             .

---------------------------------------------------------
 3.87.6
---------------------------------------------------------
 o    "  ".
   ( ,    1 )

 o         .

---------------------------------------------------------
 3.87.5
---------------------------------------------------------
 o                ,      SMB 2/3  Windows.
              uVS        .
   HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Lanmanworkstation\Parameters
     o FileNotFoundCacheLifetime : DWORD 0
     o DirectoryCacheLifetime    : DWORD 0
       Lanmanworkstation.
                -   .

 o  37-  " \\    ".
            REG_SZ  REG_SZ_EXPAND.

 o          .

 o           .
    bFixedName    .

---------------------------------------------------------
 3.87.4
---------------------------------------------------------
 o     BITS.
       ""
   (!)      .
   (!)        NT\SYSTEM,     uVS  LocalSystem.
   (!)   (?) BITS        ,   LocalSystem  .

 o       "  ".
   (  BP)

 o     MSIE   .

 o         bReUseRemote=1
   (  )

---------------------------------------------------------
 3.87.3
---------------------------------------------------------
 o     cmd.exe

 o   : BP
            .
       Windows   ?  *.
   :
     %APPDATA%\*.exe
     trojan*.*
     c:\auto*.???

 o   fHeight
   [Settings]
   ;     
     fHeight (  9)

 o   fWeight
   [Settings]
   ;  () 
     fWeight (  300)

 o   fFaceName
   [Settings]
   ;  
     fFaceName (  Tahoma)

---------------------------------------------------------
 3.87.2
---------------------------------------------------------
 o         .

 o     URL  MSIE.

---------------------------------------------------------
 3.87.1
---------------------------------------------------------
 o          
    .

 o          ]VT.
      "Signed file, verified signature"    
      (  )      .
              .
   (    (  ), .  bWebVT)

 o          VT.
   ( &nbsp; &amp; &quot;)

 o   SearchScope  MSIE.

 o   #36   Microsoft Edge

---------------------------------------------------------
 3.87
---------------------------------------------------------
 o     (ASA)    .

---------------------------------------------------------
 3.86.11
---------------------------------------------------------
 o       .

---------------------------------------------------------
 3.86.10
---------------------------------------------------------
 o   uVS.

 o   .

---------------------------------------------------------
 3.86.9
---------------------------------------------------------
 o    .

 o    "verified"      
     .

---------------------------------------------------------
 3.86.8
---------------------------------------------------------
 o      .

 o      - .
               .

 o  STORE   dnsapi.dll

---------------------------------------------------------
 3.86.7
---------------------------------------------------------
 o   uVS.

 o       .

---------------------------------------------------------
 3.86.6
---------------------------------------------------------
 o   "  .txt"    
    uVS     .

 o   bFixedName
   [Settings]
   ;  uVS   ,      .
     bFixedName (  0)

 o   bReUseRemote
   [Settings]
   ;   uVS        .
   ; (!)     bFixedName    .
   ;           .
   ;      bNetFastLoad  
   ;     .
   ;     /c  start.exe     
   ;    .
   ;           .
     bReUseRemote (  0)

 o     uVS    .

 o        .

 o            uVS.

 o    RWin    
       uVS      __.
      RWin    Alt+Tab,
     uVS     Alt+Tab.
   (!)        RWin   .

---------------------------------------------------------
 3.86.5
---------------------------------------------------------
 o     Google Chrome.

 o      richedit2.

---------------------------------------------------------
 3.86.4
---------------------------------------------------------
 o        VT.

---------------------------------------------------------
 3.86.3
---------------------------------------------------------
 o     .

 o      .
   "        ".

 o    settings.ini
   [Settings]
   ;  VT API   . ( )
     bWebVT (  1)

---------------------------------------------------------
 3.86.2
---------------------------------------------------------
 o       .

---------------------------------------------------------
 3.86.1
---------------------------------------------------------
 o      Win10.

 o   ,     
    ,     .

 o         Win10.

---------------------------------------------------------
 3.86
---------------------------------------------------------
 o         uVS
   c  uvs_full_dump_3.86.dmp,    .
          - , 
       ,        
     .

 o    JT.

---------------------------------------------------------
 3.85.27
---------------------------------------------------------
 o   .
     uVS    Windows Explorer  .
     Run    ,  ..    ,
     uVS   Windows .
           .
   (!)      Windows 10.
   (!) -    Win10 uVS    .

 o     A.

---------------------------------------------------------
 3.85.26
---------------------------------------------------------
 o   Windows 10 TP  Windows 10 RTM.
    Win 10   NT 6.3,   6.4  10.0 .

 o      Windows 10.

 o       
    uVS.

 o    DefaultGateway   .
   (  DNS & IP)

 o  .  Ctrl+Alt+A
       Alt+A,       .

 o  .  Ctrl+Alt+Shift+A
       Alt+Shift+A,       .

 o       .

---------------------------------------------------------
 3.85.25
---------------------------------------------------------
 o       
     .

---------------------------------------------------------
 3.85.24
---------------------------------------------------------
 o    .

 o     areg (  ).

 o      
      (Vista+).

---------------------------------------------------------
 3.85.23
---------------------------------------------------------
 o       job .

 o        27- .

---------------------------------------------------------
 3.85.22
---------------------------------------------------------
 o        27- .

 o      .
   
---------------------------------------------------------
 3.85.21
---------------------------------------------------------
 o  2    : deldir  deldirex.
   (!)    .
   
---------------------------------------------------------
 3.85.20
---------------------------------------------------------
 o        .
             
    . (   )
       unicode/ansi/utf-8.
     -  ,    .
   (!)        .
   (!)         
         hosts.

 o       Google Chrome.
            .

 o resource.pak  Google Chrome     
          .

---------------------------------------------------------
 3.85.18
---------------------------------------------------------
 o    resource.pak  Google Chrome.

 o     Chrome   .

 o        .
   (!)        
          . ..     
          .

---------------------------------------------------------
 3.85.17
---------------------------------------------------------
 o    Google Chrome.

---------------------------------------------------------
 3.85.15
---------------------------------------------------------
 o    Opera.

 o    Opera    .

 o   UTF-8      .

 o         FireFox.

---------------------------------------------------------
 3.85.14
---------------------------------------------------------
 o        FireFox.

 o  27     .

---------------------------------------------------------
 3.85.13
---------------------------------------------------------
 o      .

 o        Sun Java.

 o    Firefox    .

---------------------------------------------------------
 3.85.12
---------------------------------------------------------
 o       FireFox  
      .
         .

 o       FireFox.

---------------------------------------------------------
 3.85.11
---------------------------------------------------------
 o      FireFox.

---------------------------------------------------------
 3.85.10
---------------------------------------------------------
 o    Win2k.

---------------------------------------------------------
 3.85.9
---------------------------------------------------------
 o  27- .
         
      uVS  LocalSystem.
   (!)     .

 o     Google Chrome,    .

---------------------------------------------------------
 3.85.8
---------------------------------------------------------
 o  27-      Google Chrome.
        .
   (!)   uVS   .

---------------------------------------------------------
 3.85.7
---------------------------------------------------------
 o      VT.

 o      .

 o      ,  
         "".

 o    settings.ini
   [Settings]
   ;    public API VirusTotal
   ;      
     VTAPIKey2
     VTAPIKey3
     VTAPIKey4

---------------------------------------------------------
 3.85.6
---------------------------------------------------------
 o         VT.

 o     rundll32

---------------------------------------------------------
 3.85.5
---------------------------------------------------------
 o    WinXP.
   uVS  Win2k  .

---------------------------------------------------------
 3.85.4
---------------------------------------------------------
 o      VT   public API.
           
     ( ..    ).

 o    settings.ini
   [Settings]
   ;    public API VirusTotal
     VTAPIKey

---------------------------------------------------------
 3.85.3
---------------------------------------------------------
 o   #35   Image File Execution Options

 o       .

 o         .

---------------------------------------------------------
 3.85.2
---------------------------------------------------------
 o        .

---------------------------------------------------------
 3.85.1
---------------------------------------------------------
 o      .

 o     .

---------------------------------------------------------
 3.85
---------------------------------------------------------
 o            .

 o    ->[Windows 8]       

 o        .

 o   :
   o ->[Windows 8]    Microsoft
   o ->[Windows 8]    Microsoft

 o   :
   31. [Win8]    Microsoft
   32. [Win8]    Microsoft
   33. [Win8]    
               ,
                 .
   34. [Win8]    

---------------------------------------------------------
 3.84.4
---------------------------------------------------------
 o      delref.

 o        .

 o    ->[Windows 8]    Microsoft

 o    ->[Windows 8]    Microsoft

---------------------------------------------------------
 3.84.3
---------------------------------------------------------
 o     ImgAutoAltF7.

 o     .
      DLL      uVS.

 o    Alt+Z
       Zoo.

---------------------------------------------------------
 3.84.2
---------------------------------------------------------
 o       .
             2-  32-.
           ESC,   
      .
 o     JT   ProxyUser:ProxyPassword.
 o    c  Microsoft   ProxyUser:ProxyPassword.

---------------------------------------------------------
 3.84.1
---------------------------------------------------------
 o     ,        .

 o           .
      .

 o        .

---------------------------------------------------------
 3.84
---------------------------------------------------------
 o         
   "  DLL  uVS"     uVS
      DLL.

 o    "-> reg-    ..."
    Reg-    .    
          regedit.exe
      4-  :
     HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet
     HKEY_LOCAL_MACHINE\SYSTEM
     HKEY_LOCAL_MACHINE\SOFTWARE
     HKEY_CLASSES_ROOT
   (!)    HKEY_CURRENT_USER  HKEY_USERS  .
   (!) HKEY_CLASSES_ROOT   .   HKLM\Software.
   (   ).

 o     .

 o      BOX.

 o        Ctrl+A
          .

 o    settings.ini
   [Settings]
   ;      
     ProxyUser

 o    settings.ini
   [Settings]
   ;      
     ProxyPassword

 o    settings.ini
   [Settings]
   ;      ""    .
   ; (     )
     ImgAutoHideVerified (  0)

---------------------------------------------------------
 3.83.3
---------------------------------------------------------
 o    Win2k.
           WinXP.

---------------------------------------------------------
 3.83.2
---------------------------------------------------------
 o                 .
   (        /       )

 o     ""  .URL .

 o    report_crash.exe
       uVS  report_crash.exe   
         uVS   .
        ,    ""   
                .

---------------------------------------------------------
 3.83.1
---------------------------------------------------------
 o       delref,
   uVS         
     .

 o     #FILE#     .
    UTF-16/UTF-8 .

---------------------------------------------------------
 3.83
---------------------------------------------------------
 o         "".
 
 o    LNK ,   
     .     Windows Vista-8.1,    ,
          LNK . 

 o    ,    
       ( __ ).

 o         "".

 o      regedit-  explorer-  x64 .
   (    ).

 o      v383c  
       uVS.

 o   delall, delref,       delvir  delnfr,
         . ..    
   delall    ,  delref  .

 o    settings.ini
   [Settings]
   ;       delall  delref.
     bProtectKnown (  1)

---------------------------------------------------------
 3.83 BETA 31
---------------------------------------------------------
 o        LNK .
   (      txt )

 o          
     . (, guid-  ..) 

 o         .
   (  ).

 o  STORE  Win8.1

 o     Win8.1

 o    .

 o   Ctrl+T,  .
      #1,2,3,9,28,29  .
      .
         ImgAutoTweak
     "Settings"  settings.ini (    )

---------------------------------------------------------
 3.83 BETA 30
---------------------------------------------------------
 o         .

---------------------------------------------------------
 3.83 BETA 29
---------------------------------------------------------
 o        DLL.
         .
      v3.83 BETA 16.

---------------------------------------------------------
 3.83 BETA 28
---------------------------------------------------------
 o         
   . (, guid-  ..)
   (!)      .

 o        .

 o     "...".

 o LNK     "...".

 o      LNK .
    win8.1      LNK ,    
   ,     .

 o     Windows  Win8.1  .

 o  LNK    .

 o         LNK 
     uVS        LS.

 o      Win8  Win8.1

---------------------------------------------------------
 3.83 BETA 27
---------------------------------------------------------
 o       .
   (!)    ,    s-1-5-18 (LS).

 o      Start Menu .

 o    url   .

 o  LNK       ,
         -   .

 o  28       "" LNK.

 o    32-   .

 o      LNK .

 o       #FILE#     .
   (   ,   )

---------------------------------------------------------
 3.83 BETA 26
---------------------------------------------------------
 o       ..     .

 o       .

 o   29,   .

---------------------------------------------------------
 3.83 BETA 25
---------------------------------------------------------
 o       ""  " ...".

 o    ,      
       .
   (!)    100% ,     ,  
   .

 o   28:   url  exe    
        .     .

 o      .

---------------------------------------------------------
 3.83 BETA 24
---------------------------------------------------------
 o  CMD/BAT/VBE/VBS         
      #FILE#. ( 2k ).

 o      .

 o      .

 o    FireFox,      .

---------------------------------------------------------
 3.83 BETA 23
---------------------------------------------------------
 o       :
   1.    :
    o     *\CLSID 
    o   (    )
    o     ,  ..    .
    o        (    )
    o   App Paths. (    )
   2.      / .

 o  cmpimg    1.01
             
           .

 o      . 
   (   )

 o     32-    64-  .

 o    "exec32"  "exec",   
    .

---------------------------------------------------------
 3.83 BETA 22
---------------------------------------------------------
 o      .

 o         .

 o          .

 o     .

 o     .

 o    ,  .    
   .

---------------------------------------------------------
 3.83 BETA 21
---------------------------------------------------------
 o        .

---------------------------------------------------------
 3.83 BETA 20
---------------------------------------------------------
 o        .

---------------------------------------------------------
 3.83 BETA 19
---------------------------------------------------------
 o    .
      ,     
    ,      .
           
          .
     "  ",      .
            .
       wdsl,     
     unicode .   -  ,  .
      ,   .
             ,   .
     .       
       .

 o    settings.ini
   [Settings]
   ;     .
     bUseWDSList (  0)

 o         .

 o    .   .

---------------------------------------------------------
 3.83 BETA 18
---------------------------------------------------------
 o      .

 o    settings.ini
   [Settings]
   ;        
   ;      ->  ->...
   ;  : .BAT.CMD.LNK.VBS
     Add2ListExt (   )

 o        
       LinkInfo.

---------------------------------------------------------
 3.83 BETA 17
---------------------------------------------------------
 o       :
   ->      

 o        .

---------------------------------------------------------
 3.83 BETA 16
---------------------------------------------------------
 o        DLL,
         .

---------------------------------------------------------
 3.83 BETA 15
---------------------------------------------------------
 o   LNK     .

 o       WinPE-EnhancedStorage 
     wim .     
   Win8.

 o   Windows ADK 8.1     WinPE 5.0
     WinPE   5.1   
   : http://technet.microsoft.com/en-us/library/dn613859.aspx

---------------------------------------------------------
 3.83 BETA 14
---------------------------------------------------------
 o      Windows ADK 8.1

 o   LNK      EnvironmentVariableDataBlock.

 o    .

 o   deldir  deldirex    
     .

 o  30- :     GameUX.
            
     cc   C:\Windows\system32\rundll32.exe C:\Windows\system32\gameux.dll...

---------------------------------------------------------
 3.83 BETA 13
---------------------------------------------------------
 o    LNK ,     
   LNK ,     com .
   (!) 28  29-   com ,     
         WinPE 1.x

 o   28 ,      
   . exe ,  .url  .

 o          
   WinPE 5.1,    ADK :
   http://www.microsoft.com/en-us/download/details.aspx?id=39982

 o  virscan .

---------------------------------------------------------
 3.83 BETA 12
---------------------------------------------------------
 o     com     lnk .

 o    LNK .       .
    .       lnk ,
       3.82,   IShellLink  
       LNK    .

   .      3.83   
           LNK .

---------------------------------------------------------
 3.83 BETA 11
---------------------------------------------------------
 o         
        VT.

 o    LNK .

 o      .

 o       .

---------------------------------------------------------
 3.83 BETA 10
---------------------------------------------------------
 o      .
         VT.

---------------------------------------------------------
 3.83 BETA 9
---------------------------------------------------------
 o        .

 o  28  29      LNK .

 o      lnk     .

---------------------------------------------------------
 3.83 BETA 8
---------------------------------------------------------
 o      .

 o      .

---------------------------------------------------------
 3.83 BETA 6
---------------------------------------------------------
 o    .

 o  czoo          
     .

 o        Subsystem.
      .

---------------------------------------------------------
 3.83 BETA 5
---------------------------------------------------------
 o      .

 o         FindFirstFile,
             
     .

 o    .

 o          " ..."

---------------------------------------------------------
 3.83 BETA 3
---------------------------------------------------------
 o            
     ,        .

 o      .

 o    .URL  .EXE .

 o   :
   28.       .URL  .EXE
   29.      

---------------------------------------------------------
 3.83 BETA 2
---------------------------------------------------------
 o       ,
            "Start".
         .

 o     .

 o     .

---------------------------------------------------------
 3.83 BETA 1
---------------------------------------------------------
 o    Ctrl+*
     (   )
   ESC     .

 o     App Paths.

 o         .
     .           
       lnk .

 o      .

 o      .

 o      .

 o      .

 o      .

 o       .

---------------------------------------------------------
 3.82.8
---------------------------------------------------------
 o      VT.
        403- .
        VT.

---------------------------------------------------------
 3.82.7
---------------------------------------------------------
 o      .

 o   .

 o         
      (    ).
         ESC   .

---------------------------------------------------------
 3.82.6
---------------------------------------------------------
 o        .

 o         
     " "     .

 o    Alt+M  __   
      .
 
 o           
    .

---------------------------------------------------------
 3.82.5
---------------------------------------------------------
 o        ". ".

---------------------------------------------------------
 3.82.4
---------------------------------------------------------
 o     /:
              VTOK/JTOK/VSOK 
               VTOK/JTOK/VSOK 

 o      VT.
        .
      ( )    .
       vtcache    ,     .

 o    settings.ini
   [Settings]
   ;   VT      /.
     vtCacheDays (15  )
      0 -   
     -1 -    .

---------------------------------------------------------
 3.82.3
---------------------------------------------------------
 o      VT      ,
    VT            ,
           .

 o    VirSCAN.org.
   
---------------------------------------------------------
 3.82.2
---------------------------------------------------------
 o        
      .

---------------------------------------------------------
 3.82.1
---------------------------------------------------------
 o     xml     .

 o      VT/JT    
     ??. ()

 o   "\\"         
            .
     .         
   "   ".

 o        .

 o   delnfr,     
      ,    
    .

 o     deldir   .

---------------------------------------------------------
 3.82
---------------------------------------------------------
 o     deldirex _
            ,
        ,  /
     .
   (         )

 o      VT/JT    
     ??.

 o      " " 
   (    )
      . .

 o    settings.ini
   [Settings]
   ;    breg   
   ; (    ).
     bHlpAddBackup (0  )

 o    "/"  "\"  .

 o         .

 o           .

---------------------------------------------------------
 3.81.11
---------------------------------------------------------
 o 27-        Chrome.
     gpupdate /force   .
   (!)      .

 o     operaprefs_fixed.ini

---------------------------------------------------------
 3.81.10
---------------------------------------------------------
 o     deldir _
        ,     
   ,  /   .

 o           .
   (    )

 o          
   . (    )

 o    delall     .

 o  27-      Google Chrome.
   (       gpupdate /force).

---------------------------------------------------------
 3.81.9
---------------------------------------------------------
 o  *.exe       .url .
    url     .
     #FILE#    . ( ..    ).

 o       <>  !~:
       .     1.

 o       :
   "   ".

---------------------------------------------------------
 3.81.8
---------------------------------------------------------
 o        :    .
   (   )

 o    quit
     uVS,        
    .

 o    ImgAutoDelMethod* (  0)

 o       .

 o            ,
      . (     ).

 o     HOSTS.ICS.
     HOSTS    ,      
      .

 o     settings.ini
   [Settings]
   ;       
   ImgAutoAltF7 = 1 (1  ,   ImgAutoF4)
                  2 (  ImgAutoF4)
                  0 ( )

---------------------------------------------------------
 3.81.7
---------------------------------------------------------
 o      runscanner.net.

---------------------------------------------------------
 3.81.6
---------------------------------------------------------
 o 16- Windows NE     .

---------------------------------------------------------
 3.81.5
---------------------------------------------------------
 o        
       (>15k )  .
       .
          .

---------------------------------------------------------
 3.81.4
---------------------------------------------------------
 o   "->     "

 o 16- Windows NE      
     .

---------------------------------------------------------
 3.81.3
---------------------------------------------------------
 o  "DNS"   "DNS & IP"
          TCP-IPv4.
   ( ..    )

 o      300mb   
       .

---------------------------------------------------------
 3.81.2
---------------------------------------------------------
 o    uVS  LS  RDP    .

 o        .

---------------------------------------------------------
 3.81.1
---------------------------------------------------------
 o  26-    IPSec    .
   (    ).

 o   25-     Vista.

---------------------------------------------------------
 3.81
---------------------------------------------------------
 o     .

 o    .

 o    .

 o         drag & drop.

 o    Persistent routes     "IPSec policy".

 o  25-     IPSec policy. 
   (    ).

---------------------------------------------------------
 3.80.17
---------------------------------------------------------
 o  "     PEB_LDR_DATA  "
       64-  .

 o       64-  regedit-. 
   ( Win 8x64)

 o   Alt+Enter ( )     
        64-  .

 o        
      / DLL.

---------------------------------------------------------
 3.80.16
---------------------------------------------------------
 o  64-  .
      64-      .
   (uvsz.x64) 

---------------------------------------------------------
 3.80.15
---------------------------------------------------------
 o   DNS    "DNS Server list"
       DNS     
    .

---------------------------------------------------------
 3.80.14
---------------------------------------------------------
 o          Shift+Space.
    ,  .

 o         
    (.        . )

 o         Windows.

 o   . 
    delall  del    .

---------------------------------------------------------
 3.80.13
---------------------------------------------------------
 o     . 
        .

---------------------------------------------------------
 3.80.12
---------------------------------------------------------
 o       .

---------------------------------------------------------
 3.80.11
---------------------------------------------------------
 o        .

 o Shift+Del -     

 o Shift+Space -  

 o Ctrl+Del -    

 o Ctrl+Shift+Del -       

---------------------------------------------------------
 3.80.10
---------------------------------------------------------
 o    ->            
   (    )

 o   ->      
     .

 o      :
          Zoo
     dirzooex.
       .

---------------------------------------------------------
 3.80.9
---------------------------------------------------------
 o      .

---------------------------------------------------------
 3.80.8
---------------------------------------------------------
 o    settings.ini
   [Settings]
   ;   ( )     .
   ;         UNICODE .
   ; :   "script".
     ImgAutoScriptAdd (   )

 o    "dirzooex".
           Zoo.
   : dirzooex c:\temp
   (!)      .

 o    "rstreg".
       breg  bdreg.

 o      .

---------------------------------------------------------
 3.80.7
---------------------------------------------------------
 o      .

 o   "areg"   .

 o   GoogleDNS  IPv6.

 o    "del".
             .. 
          .

 o    -> (.  Alt+A)
        ,    
      ,  :

   1.      .
   2.         
   3.      ,   
   4.         
        .

         .

        :
   1.         
          .
   2.       "??".
   3. DNS       GoogleDNS.
   3.    .
   4.       HOSTS   
      (.  ImgAutoDelHost)
   5.     .

   (!)  .2    ImgAutoDelMethod1   bAutoZooOnDelAll, bAutoBL.

 o    ->   (.  Alt+Shift+A)
          ImgAutoDelMethod2

 o    settings.ini
   [Settings]
   ;        "??"  
   ; .
     ImgAutoDelMethod1 (  1)
     0 - 
     1 -  delall
     2 -  delref
     3 -  delref+del

 o    settings.ini
   [Settings]
   ;        "??"  
   ;    .
     ImgAutoDelMethod2 (  3)
     0 - 
     1 -  delall
     2 -  delref
     3 -  delref+del

---------------------------------------------------------
 3.80.6
---------------------------------------------------------
 o    ->          
   (    )

 o    ->      ,     
   (   )

 o    settings.ini
   [Settings]
   ;       
   ;        .
     PrefetchExt (  .EXE.SCR.DLL.SYS.BAT.CMD.VBS)

 o    Alt+A
      
   "  "   : Ctl+T, Ctrl+H, Ctrl+U.

 o      . ( Ctrl+...)

---------------------------------------------------------
 3.80.5
---------------------------------------------------------
 o       .

---------------------------------------------------------
 3.80.4
---------------------------------------------------------
 o    Ctrl+Z  Alt+Backspace.
     ,    8 .
   (    )

 o   regt  Ctrl+T.

 o        .

 o      .

 o      settings.ini
   ;         
   ;   HOSTS    . (    )
     ImgAutoDelHost (0  )
      1 -   HOSTS     
      2 -   14- .

---------------------------------------------------------
 3.80.3
---------------------------------------------------------
 o    Ctrl+T
      #1,2,3,9  .
      .
         ImgAutoTweak
     "Settings"  settings.ini (    )

--------------------------------------------------------
 3.80.2
---------------------------------------------------------
 o        
     x64 .

 o         
   C:\page_uVS.sys,       
   .

 o          "/"  "\".

 o        HOSTS.
        .
            .

 o    Ctrl+H
      HOSTS    .
      , .    ,
       Alt+F7   uVS.
         ImgAutoDelHost
     "Settings"  settings.ini (    )

 o         pagefile-.

---------------------------------------------------------
 3.80.1
---------------------------------------------------------
 o   ,    .
       Windows 7.
   Windows 7        
         
              
    ,        
   ,        
    c  . ( ..     )
     (!)        
     (!)   .
     2        , 
            
       c Windows 7    
        .
           -   
        email      
        ..   SP.

 o    "dirzoo".
         Zoo  .
   : dirzoo c:\temp\*.exe

 o    settings.ini
   [Settings]
   ;     delnfr   delref
   ;    .
     ImgDelnfrUnwind (0  )

---------------------------------------------------------
 3.77.18
---------------------------------------------------------
 o    Ctrl+U
         .
      , .    ,
       Alt+F7   uVS.
      /quiet   ImgUninstQuiet
     "Settings"  settings.ini (    )
         ImgAutoUninstall
     "Settings"  settings.ini (    )

 o     ??      
   " ".

 o      
   ->     

 o       ... c  /quiet
   (!)      ( msiexec).

 o       
     uninstall.

 o            
       .
      .

 o        .

 o       zoo   .

---------------------------------------------------------
 3.77.17
---------------------------------------------------------
 o         .
          " " (Alt+U)
         . .
             uVS.
         uVS.

 o         "".
             uVS, 
     .         
      files.

 o     ->   DNS
    dsncache ,   ipconfig /flushdns.
    : dnsreset
         uVS.

 o    "unload".
      .  .

 o             
     . (     )

---------------------------------------------------------
 3.77.16
---------------------------------------------------------
 o   uvs_snd.exe,     
          MAIN.
         email.    
      ,     
     .
   (!)           .
   (!)    ..    .
 
    . http://dsrt.dyndns.org/uvs_freeupdate.htm

 o  ,     uvs_snd  uVS.
           
    uVS.

 o        .

 o       cmd.exe.

 o     .

---------------------------------------------------------
 3.77.15
---------------------------------------------------------
 o      systemexplorer.net

 o       VT.

 o       File_Id    
            .
          MAIN 
         ,   
          
     .

---------------------------------------------------------
 3.77.14
---------------------------------------------------------
 o       4 .

 o        ,
           .

 o       VT.

---------------------------------------------------------
 3.77.13
---------------------------------------------------------
 o        .

 o       
    .

 o      DISM.EXE  Windows ADK.

---------------------------------------------------------
 3.77.12
---------------------------------------------------------
 o       "/"  "\".

---------------------------------------------------------
 3.77.11
---------------------------------------------------------
 o       uVS.
   (.  "")

 o         copype.cmd
      :
    LP, HTA , WMI, .NET (4.5), MDAC.

 o        BTC.
   ( ..    )

 o    .
   (     /)

 o      .
   (         TS)

 o        virusscan.jotti.org
   ( x64 )

---------------------------------------------------------
 3.77.10
---------------------------------------------------------
 o       uVS    .
    : update.exe
      "update.log"    
       .

   Update.exe      /q ( )
   (!)     ,    
   (!) .      
   (!) .   BTC (bitcoin).   
   (!)   .      
   (!)  .      . 
   (!)        .
       
                
   http://btcsec.com

 o    2   firefox.

 o         
   Windows 8 ADK.
   (!)    jpeg.

 o       VT.

 o    .

 o    .

 o      cexec.

 o     .

 o     .

 o    9  exFAT VBR.

 o    uVS      
     (   )  C:\page_uVS.sys
   (!)     .

---------------------------------------------------------
 3.77
---------------------------------------------------------
 o  1  .

 o      Windows 8x64.

 o      ( CatRoot)  Windows 8.
   (!)          Windows 8 
   (!)    Windows   8- .
   (!)   Windows       CatRoot.
   (!)         ,  __
   (!)      Windows c CatRoot  Windows 8.

 o   
   /i (  )
     :
       start.exe /i "c:\uvs\uvs.txt" (  )
                .
     (!) /r  

 o    settings.ini
   [Settings]
   ;         
   ;          
   bAddComment  = 1 (1  )

 o    settings.ini
   [Settings]
   ;      
   ; czoo      zoo
     bHlpCZoo (0  )

 o    settings.ini
   [Settings]
   ;      
   ; restart
     bHlpRestart (0  )

 o       .

 o         "WOW64".
   (   X64 )

 o       WinRAR.

 o       delnfr    .

 o        32-  .
   ( Vista x64)

 o   .

---------------------------------------------------------
 3.76
---------------------------------------------------------
 o         
      /(AND/OR) .         
        :
     1.     * (       )
     2.   *  ( .    )
        ,   
        .

   (!)        
   (!)    uVS.

 o  Vista X64     .

 o        CLSID,  ..  
    .

 o       :
   *\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InProcServer32
   *\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\InProcServer32
        crexv.ocx

 o .  Alt+C.
   /.    .

 o   -   F4      ??

 o    ->Netsh winsock reset.
     winsockreset.
       .
   (!)  64-   windows  Windows 7x64  
   (!) 32-   netsh.

 o    cexec    
        uVS.
      2- .
   (!)  64-   windows  Windows 7x64       .

 o  NT6       EnableLUA
   HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\

 o       ""
      3 :
   1.  -          _ _  uVS
      (  "hide")
   2.  -    .
   3.  -       .
   4.       

 o    OFFSGNSAVE
             uVS.

 o    settings.ini
   [Settings]
   ;      
   ; OFFSGNSAVE
     bHlpNoSaveSgn (0  )

 o        (F4)
       300mb   .   .

---------------------------------------------------------
 3.75
---------------------------------------------------------
 o    Zoo (  ZOO_)

 o  "     "
      : " "  "  ".

 o      MBR   .
   ( ..     uVS v3.75)

 o     .

 o        . 

 o    settings.ini
   [Settings]
   ;   /       
   ;      .
     ImgDisableAV (0  )

 o  64-     64- dism,
    32-   .

 o     Whois  ip  DNS
     IP   .

 o        DNS.

 o      .
   (           uVS)

---------------------------------------------------------
 3.74
---------------------------------------------------------
 o     www.runscanner.net
   (.   )

 o      1  .

 o     VirusTotal.com

 o      .

 o        .

 o        .

---------------------------------------------------------
 3.73
---------------------------------------------------------
 o        .

 o    ->      ...

 o      virusscan.Jotti.org     .

---------------------------------------------------------
 3.72
---------------------------------------------------------
 o        (ISO)     uVS.
   (.  -> ...)
   (!)  WAIK3  Windows7 SP1 AIK Supplement Update, oscdimg.exe (  WAIK)
   (!)        __ uVS (FAR     )

 o     /.
         VirusTotal.com
         virusscan.Jotti.com

 o      virusscan.Jotti.com
   (   ESC)

 o     .

 o       " ,   ".

 o   #24
   "    Group Policy [HKLM]"
              #21.

 o    start.exe
   /t (      )
       script.cmd.

 o     SystemExplorer.net
   (.   )

 o        "    ".

 o      Zoo     . /.

 o    "->   /..."

 o     SHA1 IPL.
   SHA1     ,   0x1C00-0x1C70 (0x1C70  )
     .

 o    settings.ini
   [Settings]
   ;   .
     bMute (0  )

 o  bCreateImage        .
         . ( . FAQ)

 o       adddir.

 o       zoo. 
   (    )

---------------------------------------------------------
 3.71
---------------------------------------------------------

 o     SHA1 IPL.
   SHA1     ,   0x1C00-0x1C70   .
        IPL        
   "" ,           .
       _ .

 o       addsgn.
          20 .

 o     HOSTS.
       HOSTS     ,   .
                
        .   HOSTS       .
     HOSTS   .

 o     HOSTS.
    uVS          
      HOSTS,  (    )  
    HOSTS  .
      -    ,      
     HOSTS.

 o    ""->"/".
   (!)        .

 o        .
          - ""     .

 o        STORE.
    64-       .

 o        .

---------------------------------------------------------
 3.70
---------------------------------------------------------
 o   bNetFastLoad   1.

 o   SearchMode   1.

 o    settings.ini
   [Settings]
   ;   ()
     ArchiveFile = 7zip\7za.exe a -t7z -mx9 -m0=ppmd:o=32:mem=64m "%s.7z" "%s"
     (  7za.exe   7zip, %s -   uVS)

   ;  
     DecompressImage = 7zip\7za.exe x -y "%s" -o"%s" *.txt
     (  7za.exe   7zip)

   ;  Zoo
     ArchiveZoo = 7zip\7za.exe a -t7z "%s.7z" -pvirus "%s\*.*"
     (  7za.exe   7zip,    virus)

   (!)         
   (!)      .
   (!)     : ArchivateZoo = 7zip\7za a -t7z "%s.7z" -pvirus "%s\*.*"
 
 o     __     . .

 o       "-"   "_"  .

 o       .

 o     Userinit    .

 o     . (     )

 o             SATA-3 SSD.
   (      )

 o         Bitcoin:
   1KXExkYavLMXbkPpo7H3DUWTgskwMuK6rW

---------------------------------------------------------
 3.69
---------------------------------------------------------
 o       MBR/VBR/IPL.
   ( ..      v3.66-v3.68)

 o       
    winsock.
          .
         
      .

 o      "/":
   "  ""       "

 o  #14       HOSTS.
   
 o        VT/JT.

 o    MBR/VBR/IPL  VT (  VTUploader-).
       ( ..   )  
    vtuploader     ,      
    uVS.

 o      MSIE, Firefox, Opera, Chrome
      . URL        .
   (!)        .

 o    adddir         
    AddDirs.
   : adddir >c:
    ">"    .        .

 o       .

 o    ESC    VirusTotal.

 o      (vGetName)     
   ,     . .

 o    ...
           DLL.

 o       . 
   (Alt+Shift+I      )

 o         Zoo     .

 o       .

 o           uVS.

---------------------------------------------------------
 3.68
---------------------------------------------------------
 o      2  .

 o     ""->"    / ..."
    _    .

 o     ""->"    ..."
         .

 o    settings.ini
   [Settings]
   ;         
   AddDirs
   : |
     : >
       .
   : %sys32% | d:\tools | >%SystemDrive%

 o    start.exe
                .

 o    ...
           "\"   .

 o      .

---------------------------------------------------------
 3.67
---------------------------------------------------------
 o         VBR ().
    FAT12/FAT16/FAT32/NTFS/exFAT.
   (!)  FAT16/exFAT    .
   (!)  FAT32     (420  +  +    12- __ 2- )
   (!)  NTFS      IPL   15 .
       . 

 o       NTFS IPL. (15    NTFS)
       .

 o     VBR (+IPL  NTFS).
   ( "")

 o    fixvbr.
   : fixvbr c: 6
             -   , 
               6 -   (6 - Vista/Seven, 5 - 2k/xp/2k3)
        ipl5, ipl6, fat5, fat6, ntf5, ntf6.
             uVS,    .      5  6.
    fixvbr       _.
   (!)  _     .

 o MBR/VBR/IPL     F4      ..     .

 o     "" -> "[INTEL]   AHCI..."
         .
   ( XP/2k3   . AHCI.txt).
   (!)     Windows 2000,     .

 o    settings.ini
   [Settings]
   ;      .
     vFilter ()
           .
              .
     : Kaspersky, DrWeb, AntiVir
   (!)  Jotti  VT     , . 
   (!)   .

   ;              VT  JT.
     vGetName ()
              .
     : Kaspersky, DrWeb, AntiVir

 o      ,   .
        .
     "rbl".

 o    Alt+M
     :     .

 o         Zoo.
   (  )

 o  uVS    GPT.
   .       MBRGPT#...

 o (!)    .
       .
     (127 )      39 .
         .
       .   

 o (!)    .
          MBR+VBR+IPL.

---------------------------------------------------------
 3.66
---------------------------------------------------------
 o         MBR.
              
      . (    ).
   (  ,  ..       uVS v3.66)

 o     "":
      MBR (    )
              .
       440   MBRC    uVS.
      .       .
     "fixmbr"  .

 o     ""
       ...
       ,    ERUNT-.
        . ( "")
   (!)      .
   (!)    __   .
   (!)           LocalSystem,
   (!)   .

 o  #23: "   System Volume Information"
   (     ).

 o         Jotti.

 o         .

 o   -    " Zoo"     
    .

---------------------------------------------------------
 3.65
---------------------------------------------------------
 o     (F7)  _     ,
               .
   ( ..         uVS)

 o  STORE     .
    :
          NTVv ( V =  NT  , v  )
    64-   NTVvx64,    compress-,   
          .
        .
      : NT50, NT61x64  ..

 o       "   STORE".

 o   exec       :
   %SYS32%       =  SYSTEM32  
   %SYSTEMROOT%  =   
   %SYSTEMDRIVE% =     
                                             
 o   : "->    "
          ,  _ 
   .
     "rknown". 
   (!)         _ _
   (!)  ,      STORE     RF.

 o    _      "   ".

 o        "".

 o   : "-> ".

 o  :
   " ,   ,     " (Alt+Delete)
             .

 o     "crimg".
       .

 o    12   :
     HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, LegalNoticeText
     HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, LegalNoticeCaption

 o         /.

 o  jotti.org    1 .
        (60  ).

 o  virustotal.com    4 .

---------------------------------------------------------
 3.64
---------------------------------------------------------
 o  #6 "  "    Vista/Seven.

 o      : "      "
   (   )

 o   virusscan.jotti.org
   (!)     .

 o  "  "       .

 o         VT    ,
         uVS.

 o        MSIE.

---------------------------------------------------------
 3.63
---------------------------------------------------------
 o  3  .

 o    " "  .
       snms  (  v3.50).

 o   (20Mb)         VT.

 o      VT       [First Seen]  VT. 
    .

 o    "->  ".
   (!)           LocalSystem.

 o     "adddir".
           .

 o    12   :
   Welcome
   LogonPrompt
   LegalNoticeText
   LegalNoticeCaption

 o      lnk .

 o      job .

 o       .

 o       .
   (         ,    ).

 o   -          F7.

---------------------------------------------------------
 3.62
---------------------------------------------------------
 o        Opera/Firefox.
   ( "portable"  ).

 o   : 
   Alt+Enter  -    .

 o    .

 o       .

 o        .

 o           . 

 o      VTUploader  Zoo     .

 o    .

---------------------------------------------------------
 3.61
---------------------------------------------------------
 o    "DNS".
   DNS      .
       dns  - "setdns".
    IPv4  IPv6.
    IPv4    DNS     DNS.

 o     VT     ESC.
   (!)  ESC       ,   
   (!)         .    

 o     "->[HKLM]  System\MountedDevices"
     "clrmd".  
         -     .

 o  : "->      "
    :        .

 o               .

 o          .
              
     "   ".

 o       3 .
   "CAD" -   Ctrl+Alt+Del
   "<" -   
   ">" -    
         .

 o       ,        
              . (  bNetFastLoad)

 o   "       "
                uVS.

 o          .

---------------------------------------------------------
 3.60
---------------------------------------------------------
 o  1  .

 o  . /  .

 o        parentid ( ).

 o     IP/ .

 o      "  ".
           .
         WMI.
        . (cdlz)
    : Alt+I.

 o      "".
      .

 o      VirusTotal.com (  VTUploader-).
        VTUploader-   "".
   VTUploader v1.0     http://forum.oszone.net/thread-139400.html
   VTUploader v2.0     http://www.virustotal.com/advanced.html
   (!) v1.0        .

 o          
           uVS.
   (  Windows 2000)

 o    "RF"
      /.
         STORE    uVS
      STORE      .
   (     )

 o   "restart"         
      .

 o  : "->  /   "
    :        .

 o           .
   ( ..      )

 o    ->  ->    ...
            .

 o    "      ".
         .
   (   ..      )
    : Alt+Shift+F

 o         .
        [SAFE_MODE]     .
   ..       :
     
     
      
     _DLL      

 o   " "  Zoo.

 o   32-     32-      ,
     X64  64- .

 o        sfcfiles.dll,      ,
          . ( 2k/xp/2k3)

 o           .

 o    settings.ini
   [Settings]
   ;       .
   bFastLoad      = 0 (0  ,   ) 
                    1 (   )

   ;         .
   bCreateImage  = 0 (0  ,   ) 
                   1 (    )
                   2 (       ,   uVS)
                   3 (       ,   ,
                        uVS)

 o        .
    ControlSetXXX    
    ControlSetYYY  CurrentControlSet-.

 o    .

 o       .
         .
   (!)  __       .

 o     .
      .

 o         .
         VT    .

 o http://dsrt.jino-net.ru .
    : http://dsrt.dyndns.org

---------------------------------------------------------
 3.51
---------------------------------------------------------
 o -      (SHA1)   
     ,       
      .
   (!)            .
   (!)   ,  SHA1  .

 o    settings.ini
   [Settings]
   ;      
   Sha1Name (  SHA1)

 o       .
        SHA (  uVS).
          R/O .
     as is ..  __      
      ...
   (!)           .
   (!)             
   (!) .         .
   ..     :      
         ,  
       SHA, .      
    (   , .  Sha1Name)   R/O    
      .

 o        .
   (   Windows 7 X64)

 o  64-      64-  notepad.

 o   "       ".

 o  "    "     .

 o         .

 o    1  MSIE.

 o        .

 o        ,
       .

 o          Zoo   
        .

---------------------------------------------------------
 3.50
---------------------------------------------------------
 o      "/"
   "    VirusTotal.com" (Alt+Shift+W)
   "       VirusTotal.com" (Alt+W)
            ""  :
     VT [xx/yy]
         xx = - , yy =  .
     VTOK [yyyy-mm-dd] 
         yyyy-mm-dd = submisson date __    VirusTotal.com
     (!)      .    VirusTotal.com   .
          "??" (     "").
     /      
     .
     (MSIE)    .
               .

 o      "".
   "      ""  Zoo"
   "      "??"  Zoo"

 o    snms,     .
            .
   (   "  .txt")
         : Alt+F7
         "??".
   (!)        uVS.

 o        "",    
    .

 o       ,   "uvs"   :
   __.

 o   Zoo      (*.txt)
           .

 o    Zoo       .

 o       (zip/7-zip/rar).
   (     7-Zip  WinRAR)
   (!)        .

 o    settings.ini
   [Settings]
   ;        .
   ;    1  16
   MaxInetThreads = 4 (4  )

   ;     .
   ;     7-Zip/WinRAR.
   bZipImage = 1 (1  )

   ;      
   ImgAutoF7 = 1 (1  )

   ;       
   ImgAutoAltF7 = 1 (1  )
   
   ;          
   ImgAutoF4 = 1 (1  )

   [APP]
   ;   (   )
   ;      "".
   ;   .
   Browser (   )

   ;   
   ;      "".
   ;   .
   TextEditor (   notepad)

 o  "     "    
     ""  "??".

 o      .

 o        Zoo.

 o        .
   (    BDREG).

 o        (   bFastBackup).
            
          .

 o      :       NTFS .

 o       (     x64)

---------------------------------------------------------
 3.46
---------------------------------------------------------
 o     2-      "":
   " ,   ,     "
    : Alt+Del

 o    settings.ini
   [Settings]
   ;     1:1 (  )
   ;          / .
   ;    uVS   Windows 2000.
   ;    1   .
   bFastBackup = 1 (1  )

   ;       
   bSaveWndPos = 1 (0  )

 o    bdreg.
        .
   breg -    .

 o   " SYSTEM  SOFTWARE"   "".

 o    Shift+F10     .

 o      ,     
        .

---------------------------------------------------------
 3.45
---------------------------------------------------------
 o   ,     startf
    Win7   Comodo Firewall.

 o           
      VirusTotal.com. (      ..     )

 o       .
    / ImagePath     . ,  
    /   .

 o         .

 o     HOSTS    .
   (-> HOSTS     ...)

 o         HOSTS.

 o        64-  .

 o -          DLL.

 o        .
   (         )

---------------------------------------------------------
 3.44
---------------------------------------------------------
 o      :
   o ___    MSIE.
   o    Firefox.
   o    Opera.
   o    Chrome.

 o    uVS     .
             settings.ini
   [Settings]
   ;     .
   bNetFastLoad  = 0 (0  ,   ) 
                   1 (   )
                   2 (        )

 o          .

 o     64-  .

 o     64-  .

 o    / WinXP/2k3 x64 .
         .

 o        
     uVS  64-  .

 o          
             uVS.

 o              .
   (    Vista/Seven).

 o            (  F6).

---------------------------------------------------------
 3.43
---------------------------------------------------------
 o    settings.ini
   [Settings]
   ;     Zoo (   )   Zoo   .
   bSaveZooFileInfo  = 1 (1  )

   ;   D&S/Users     , 
   ;         .
   bAllProfiles  = 1 (0  )

 o            settings.ini
   [Settings]
   ; 0 =     .
   ; 1 =     Zoo _   CZOO.
   ; 2 =   _      uVS.
   ; 3 =   .
   bSaveScrLog = 2 (2  )

 o      .

 o         /.

 o  #22     *.cpl
   (  15  )

 o       Kerio Firewall.
   (  uVS    StartF)

 o    logon/logoff .

 o      .

 o          .

 o        .

 o          .

 o           Zoo.

---------------------------------------------------------
 3.42
---------------------------------------------------------

 o     __      .

 o     ,         .
   (     VMware).

 o          " ,   "
                + 1.

 o         /.

---------------------------------------------------------
 3.41
---------------------------------------------------------
 o             .
   .  Del,   "uidel".
       .

 o    "zoo".
      Zoo        
   unicode . (  / )

 o            Alt+F
        : \\computername\c$

 o    __ .
         uVS     
      .     .

 o           "CPBSYNC".
        , ..   
   __          
     .
      ,      
           .
   (!)     , ..   .
   (!)           .

 o        .

 o     "  ",     
         \\.    "   \\"

 o      .

 o   "bAutoZooOnF7"  "bAutoBLOnF7"     ( _.txt)

 o        "zoo".

 o      FireFox-.

 o       Opera.

 o           .

 o      shlwapi.
               .

 o       "zoo"  x64 .
   (         
    SHA1   )

 o      "delmz"  x64 .

 o      .

 o       . (snms)

 o         .

 o  startf.exe

---------------------------------------------------------
 3.40
---------------------------------------------------------
 o      .
    6 , , 3-  
    .
      32/24/16-  ,  
   8/4-  .
   (!)          
   (!)  .
   (!) _      .
   .  Alt+V.
   ( .  "  .txt")

 o      .

 o   #11,   :
   LegacyAuthenticationLevel  LegacyImpersonationLevel

 o            .
       (  )  .

 o       hosts.

 o      .

 o       AUTORUN.INF.

 o        .

---------------------------------------------------------
 3.33
---------------------------------------------------------
 o   #22 "     ".
       Classes\exefile, Classes\.exe   14   .

 o   ""   " ".
   (           
    "->   "     ip  )

 o     ,       
   ASCII  NON-ASCII   .

 o              .

---------------------------------------------------------
 3.32
---------------------------------------------------------
 o   .

 o     .

 o   "  ".

 o      .

 o       autorun.inf

 o       Zoo   .
   (  )

 o   __  __     .

 o       .
         UNICODE .
    :  0.txt  9.txt
   :   "script".
           Ctrl+Shift+
 
 o   "  ",         
      "chklst".

 o   " ",          
      "chklst".
            ,
    ..     (  .   ).
   (    "chklst"   "delvir"   .
     Shift+F7,   F7    )

 o    HOSTS ( .   2000/XP     localhost).

---------------------------------------------------------
 3.31
---------------------------------------------------------
 o  2  .
   sfc   -        SFC (  Vista  )
               (   )
   sfcall    -  sfc /scannow   
               (  "")

 o  StartF  .

 o      " ".

 o     .

 o          .

 o        .
   (   ..     )

---------------------------------------------------------
 3.30
---------------------------------------------------------
 o     ,     .
     1.                       -    
     2.  ( )   -   ,    
     3.     -   ,     
   ( .     )
         "".
    :
     Backspace -    
     Esc       -  
   (!)      .

 o      start.exe 
   (. _ .txt)

 o       .
        (unicode)    ,    , 
         , uVS    
   .          ,   
     .

 o       API.
       uVS.
   (      )

 o      .

 o       .
   .  Alt+S.

 o      .

---------------------------------------------------------
 3.27
---------------------------------------------------------
 o    64-     Win2k.

 o   gpupdate      .

 o   xMD5     bl.log  .
   (HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes)
   xMD5     (ip    ),
              .

 o   ,      ..  
    . .      .  Alt+U.
   ( v3.27    .  uVS)

 o     EXEC.
   (         )

 o      .

---------------------------------------------------------
 3.26
---------------------------------------------------------
 o    MD5 (RFC 1321)

 o            MD5 .
   ( WinXP  ,      gpupdate /force, 
      )
    : BL _md5 ___
             . .
   (!)           .
   (!)      Settings.ini    Settings  bLogBL=1
   (!)   bl.log.

 o   ___ _ Vista/Seven.
             Windows.

 o    #19 "     ,  uVS-".

 o    #20 "   ImagePath".
      .     
     . 
   (        )
   (!)     Win2k8.

 o   #21 "    SafeBoot"
        ->[HKLM]     SafeBoot
   (!)       .
   (!) -    .
   (!)        __  
   (!)      "".

 o   ""   GPUPDATE /FORCE
    : GPUPDATE
   (    ).

 o    .
   .  Alt+L.

 o       .

 o     .     .

---------------------------------------------------------
 3.25
---------------------------------------------------------
 o       .  (:)  
   pid- . (TCP/TCP6, UDP/UDP6)

 o        .
   (.  Alt+T)

 o  :
     15 -    -> 
     16 -    ->
     17 -    Safer\CodeIdentifiers\0\Paths
     18 -       Explorer-

 o   "  . "     Del.
   (   )

 o   "  /     "
    _   ,     .
            1-2 ,   
            .   
       ,     / .

 o      -   
   Trend Micro OfficeScan 10- . (  uVS    StartF)
       ( 1)      () ASA  IJ.
   TM     ,  IJ      
         3   2 (  v2.83).
   KAV         ,
   .     .

 o    Start.exe      .

---------------------------------------------------------
 3.24
---------------------------------------------------------
 o  24      .

 o       ,   
    ""  "."  ".."      
         _  _ _  .
   (!)               .
       (      " ")

 o     PSAPI  Windows 2000, .    
             DLL.

 o     -> .
             . 
    ___.
           .
         .

 o     .

 o   SHA1 ,        4Gb.

 o        /.
     Del      .

 o       .
   (           )

 o   __     
          v3.23.

---------------------------------------------------------
 3.23
---------------------------------------------------------
 o        /.
    ..      ".."
         .
   (!)   ".."   ,        
   (!)  .

 o        /.
        "..".
      .
       .
   (.  Del).

 o       (     )
   (.  Ctrl+O)

 o        .

 o          .

 o     ,       uVS
     (   ).

 o           ,
             .

---------------------------------------------------------
 3.22
---------------------------------------------------------
 o   Firefox  Opera.

 o   " "
            :
   ->         ...

 o   "         ..."
              
   .    .

 o     ,      
     "      ..."
   (!)      .
   (!) .          
   (!)  .

 o    -  Zoo   ____ 7Zip  WinRAR.
        uVS,    virus,    
   YYYY-MM-DD_HH-MM-SS,  7z  rar.
     czoo.
   (!)       Zoo.

 o   #14 -  HOSTS
     ,  localhost

 o          HOSTS   MSIE.

 o        .

 o       .

 o      .

 o    .

---------------------------------------------------------
 3.21
---------------------------------------------------------
 o    SYSTEM  SOFTWARE.
              
    SYSTEM/SOFTWARE. ..       
   ,           , 
        .          
      , ..      
       -     .
   (  sreg)

 o   areg, vreg, sreg, restart      
    .

 o    .

 o   "  ",    ,   , 
      ,        .
         __ .

 o        "  ".

 o     uVS   .
      uVS         
      (   uVS)      email: demkd@mail.ru
      "lclz".        , 
         ,      .  .

 o      ,         "."

---------------------------------------------------------
 3.20
---------------------------------------------------------
 o      .
     SYSTEM  SOFTWARE. (   )
    :
          ...  ,     ,
     (    dvd/      )
     ( ..  )
    . DOC\.txt
        /    .
      vreg  areg.
   (!)   ,        .

 o      ->"  ".
   (.  Alt+F)
        ,   uVS.
            .
          uVS,   
      ,    .
   (    Settings.ini)
   (!) uVS    ,          
   (!)     . (  System Volume Information)
   (!)           , uVS  
   (!)  .

 o    "restart"   .
         .
             "".

 o    "breg"   .
      .

 o    "      BOX".
       BOX (  uVS)        ZOO.

 o       "  ".

 o     ->"     ".

 o    "  Persistent routes".
   ( #13)

 o          .

 o    .  ,    .
   (      F6)

 o        . .

 o       Regedit  .
   (     hive-).

 o       .

 o        Persistent routes.
   (         )

 o       .

 o         .

---------------------------------------------------------
 3.12
---------------------------------------------------------
 o        CatRoot   
     .

 o            
       .

 o    :
     Ctrl+F1   - /  .
     Alt+F1    - /    .
     Alt+Up    -  
     Alt+Down  -   

 o  "    "     Explorer .

 o     Load. ( )

 o        .

 o         .

---------------------------------------------------------
 3.11
---------------------------------------------------------
 o    ->       
      ( ,  .. )     .
     ,        .
   (!)        .

 o      Zoo,     SHA1 .

 o        .

 o           .

 o     .

 o    .  F6  F4    " "

 o    .          
      ,       
   .
           / . .

 o            dial-up  
    .

 o   ,       SHA1.
   (!)    .

 o       : SHA1   ,     
    . .

 o   -         ""
     .

 o   ,        
     .

 o   ,        
   .

---------------------------------------------------------
 3.10
---------------------------------------------------------
 o   -    SHA1.
     :
     ->  ->SHA1
   (  SHA1        )

       -  SHA1->CB,        .
   (           )

     / (     .     )
   (      )

     /     ,        
    . (.  F4)
   (!)      __    .   
            .

             :
   ->      ... 
                
      .

            __     
     . (         )

     -    virustotal  SHA1     .
      sha1.
   
           ,
                  "".

      SHA1    RFC3174.

 o            SHA1  
   .    /   (    )

 o    Argument Switch Attack    
        . ASA   WinXP, Win7 x86, Win7 x64   
    .          uVS  
      "ASA".    ASA,  
       5000.
      -     NTx64,    ,
       4-   . (       "IJ")
      -        ASA.
   ASA       ,  ASA  , 
     IJ (  x86),      
        ASA.

 o       "   Winlogon   "
   ( #12)
    GinaDLL, SaveDumpStart, ServiceControllerStart, Taskman, LsaStart, AppSetup,
   System -   HKLM   ,
   Userinit, Shell, VmApplet     HKLM  .  NT,
     .
   UIHost     HKLM,       
   NT>=6.

 o            
     .

 o      UIHost, Userinit, Shell    .

 o      ,        
   __           
              uVS.
   
---------------------------------------------------------
 3.03
---------------------------------------------------------
 o       .

 o   ""   .

 o    CLSID.

 o      2  .

 o          .

 o   ""     " SAM"  " SAM".
          
      "  ( /)".
    SAM ( .   )   ..    .

 o     . ( ..      )

---------------------------------------------------------
 3.02
---------------------------------------------------------
 o  : "  DCOM".
   (  11)

 o    HKLM\Software\Microsoft\Windows\CurrentVersion\BITS   
      host     .

 o    " Explorer".
   (.  "").

 o  Start.exe    /p      .
   (   /d)
   : 
     start.exe /p user
     start.exe /p user password
     start.exe /p user@domain password

 o  explorer    . .

 o        .

 o        .     .

 o    .
   (   uVS      Win2k).

 o   "  "
   (    HKLM)

 o        DLL      psapi.dll
   (  Windows XP __ SP     psapi)
      DLL          psapi,
        DLL      .

 o         . .

 o         .

---------------------------------------------------------
 3.01
---------------------------------------------------------
 o             
    DLL    .

 o   GUI,        (  ).

 o           .

 o       .

 o       .
        Zoo.

 o         .

 o      .

 o    /  /   
      .  \     ""
     .

 o   ""   "".

 o  :     DLL/EXE    .

 o  :             .

 o  :       
    .

---------------------------------------------------------
 3.00
---------------------------------------------------------
 o  4-  : " ".
         ,     ,
        . ..    
     .         
       .         
    .
   (!)     ,          .
   (!)        ,   
   (!) , ..          , 
   (!)      ,      .
   (!) .    " "   "  "    
   (!)  ,             
   (!)  .

   (!)        uVS.
 
 o     .
    -       . . ()
    -        . .
   (      15x,    ~2Mb)

 o      .
               Shift
          . (   )
   ( .  _.txt   DOC)

 o      DLL
      DLL   ,  ..  .

 o   "     PEB_LDR_DATA  "
       . 
   (!)  - DLL          .

 o       . .
     DLL         
   ( EXE  DLL     )
        .
         .
   (    ,      "")

 o  : "    Explorer-"
            Windows.
   (!)       .

 o       .

 o  : "    ".
   (  )

 o  : "   ".
   (  )

 o   "   "     
    _ .

 o        DLL.

 o    . .

 o      1  .

 o    .

 o       . 
   (     )

 o       autorun.inf.

 o            .

 o     Sality.*

 o      .
   (    )

 o         .
   (   -  )

 o        20 .
   (     )

 o               .
        . ( 20       )
   (         , .     )

 o     .

 o     .net .

 o          .
   (    ).

 o        
   rundll32.exe/regsvr32.exe.

 o ...  ,       .

---------------------------------------------------------
 2.85
---------------------------------------------------------
 o      ->   ( /)...
       , uVS     LocalSystem.
    : 
   1. ()  .
   2.  . ( =  )

 o    _autorun.zip     .inf   StartF  CD/DVD.
       cmd.exe.

 o     regedit-  WinPE 1.x

 o         . ( MountPoints2)

 o       ""      "".

 o     Sality.*

 o       .

---------------------------------------------------------
 2.84
---------------------------------------------------------
 o       .

 o    "  ".

 o      3  .

 o  "   "      .

 o   "    ".

 o        .

 o      .

---------------------------------------------------------
 2.83
---------------------------------------------------------
 o    -       .
            ,     , 
       .
        4- ,  ..    
         .
   (.   ).

 o      WIM . (.  "")
        Vista     Windows.
     .   \SOURCES\install.wim   1  x86 
     2  x64.
   (!)  System32\dism.exe.

 o      /.
   1.             
        .  ..    Windows    
         Vist/Seven.
   2.          .
   3.         2k/2k3/XP     
          expand.exe.
      (!)      .     
           .
      (!)           
              .

 o     _unlock.inf
         exe/bat/cmd,   
    .         regedit.exe
          StartF.exe,  .  StartF.

 o          .

 o    cmd.exe.

 o   x64 .

 o     Sality.*,    ,
       .

 o    /     ,
        8% (     ).

 o __      /.
     /        .
   (!)  :    .

 o             .
      Regedit-    .
   (!) /ip           uvs.

 o      .
   (.  "")

 o    "".
       ..  , .. _,   .

 o         .

 o      .

 o    ,       
      .

 o   4-   .
          uVS,      .

 o          3-  4- .
   .        .

 o      .
 
 o   .  http://dsrt.dyndns.org

---------------------------------------------------------
 2.82
---------------------------------------------------------
 o     "".
         .

 o   "    ..."
      %windir%\repair ( Vista      )
               .

 o   "    SafeBoot"
       .
   : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot

 o   "    Explorer-"
   : HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer

 o   "    Internet Explorer-"
   : HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer
    
 o   "     ..."
   :   SOFTWARE  SYSTEM      .

 o  "  ..."      .
        .     x64 .

 o      NTFS .
    " "         
    .         .

 o    "    ...".
            .
  
 o    "     ...".
            .

 o    "   "
      __    __ ,
    .
    :   .
   (!)      . 
   (!)       ,    
   (!)  ,   -  .
   (!)  Vista     ,   XP.

 o     .
         ,       .
          Ctrl,     
       .

 o    uVS  Start  Startf        
    .

 o     .
      /   .
         __   .

 o      . (  ->  )

 o     .
 
 o           
    Sality. (        ..  F3)
        ,    ""  
   .    100% ,      .

 o      .

 o         
   junction/symlink.

 o            /.

 o      " ".

 o      ZOO   .  "---",  
    .

 o       ,      
     .

 o  "        "
           .

 o      KAV.EXE   ...
   __         .
   (     ).

 o       ,  
     .

 o        Win2k.

 o            .

 o           x64.
   (     )

 o     .
   (      "   ")

 o          
       . ( Appinit_Dlls).

 o  .

---------------------------------------------------------
 2.81.1
---------------------------------------------------------
 o Start  StartF  UAC-aware. ( Vista  ).

 o    .

---------------------------------------------------------
 2.81
---------------------------------------------------------
 o  ""    "  ".

 o    "SVCHOST"    .  DLL.
          , .     .
   (!)       DLL    SVCHOST 
   (!)     . (   svchost.exe)
   
 o         .

 o  StartF     ,       
   .       KIS 2010.   uVS 2-  ,  
        .    . .

 o   :
   "  /     "
        ,    
     (  ),        
    .

 o   :
   "         "
                .
   (!)          
   (!) _    .
   (!)       "".
   (!)  x64   64-    .

 o       :
   "      "
   (!)    Vista        .
   (!)      SFC.EXE   /SCANFILE.

 o           :
   "   "

 o     .     
   " /     ( )"
           ,     .
     :         
   .

 o   :
   "       "
   "          uVS"
         .     
       (  )      SYSTEM.
     :       ( .. ),
            .
   (!)            .

 o   "        "
         ( )   "Cookies".

 o         Windows.

 o         Enter (  . )

 o  ()      .

 o     Zoo,      Zoo
      .

 o     /       R/O.

 o            
   .    __ SYS  EXE.
   (!)     .   .

 o    .

 o     .

 o  start.exe       Enter-.

 o        ""    "".

 o  .

---------------------------------------------------------
 2.80
---------------------------------------------------------
 o  uVS     .
   [ ,       ]
     :
     o FAT12 ( )
     o FAT16 ( )
     o FAT32 ( )
     o exFAT ( )
     o NTFS  (  __   ( 4Kb)  __  )
             (     )
             (     )
    :
     o    Zoo
     o   
     o     
     o      
     o      

 o  : "          "
         ,    
           API.
   (.  )

 o StartF           
         . ( 3   )
   (!) Startf      ..  /   .
   (!)     .   ,      .
   (!)      .       . .
   (!)    StartF  ___ KIS 2010    
   (!)   .    

 o  : "       "
           StartF,  4-   
    (  ,   32-  ).
     , __   __   . 
   (.  )
   (!)        .  Ctrl+B
   (!) /         .
   (!)       ___ KIS 2010    
   (!)   .    

 o uVS    StartF   .
        4-  ,       
    , .        WinPE    .
   (!) 4-         .

 o    -     MBR   ,  
      (     )   .
   ( FAT12/16/32, NTFS  exFAT)
                 
               .
   MBR    uVS   MBR_id_SAVED.bin ()  MBR_id_INFECTED.bin.
         BOOT_X_****_Y.BIN ( -  , Y )
   (!)    ,        .
   (!)        .

 o     -      COM-.

 o    Ctrl+B - /  .

 o    Ctrl+P -    .
              . 

 o          .

 o      : "   " ""
         (IMAGE_DOS_SIGNATURE)  "MZ"  "UV",
         /.
       /     .
   (   Windows          )
   (            )
   (!)             .
   (!)            Vista.

 o      : "   ".
          Windows      .
        : Win2k, WinXP, Win2k3.
         i386/AMD64 .
   (!)  expand.exe   \System32,     uvs.

 o  "      "   
   "      "        
   "". (        SafeMode)

 o  "SYSTEM.INI"   "SYSTEM.INI  "
          .  (NTDETECT.COM, NTLDR, BOOTMGR  ..)
   (!)        Microsoft.
   (!)     .      . .

 o       ( ..  ),   
    . (        ).

 o         .

 o     .NET  .

 o       Appinit_Dlls    
     .

 o      2  .

 o  . 

---------------------------------------------------------
 2.71
---------------------------------------------------------
 o         .

 o    "        ".
   ( ..      )
        uVS (    ).   

 o   "  ".

 o    .

 o         .  API.

 o       :
   %ALLUSERSPROFILE% (      D&S/Users)
   %USERPROFILE% (      )
   %APPDATA% (      )

 o   startf,       .

 o        .

 o       .

 o          .

 o        :
   "      " ( ..      )
             " "
     _         ___ ,  
             " ".
   (!) _    ,     ,
   (!)          .
   (!)         (    )
   (!)      . 
   (!)       ,  .  ,
   (!)        _.

 o      1  . ( MSIE)

 o    .

 o       .

 o      "Scrnsave.exe"   . .

 o   .

---------------------------------------------------------
 2.70
---------------------------------------------------------
 o    - startf.exe (!)    (!)
     x86/x64 .
          ,     
   .  ,     .
      :
     o         
     o    
    (!)    ,       ,
      start.exe   /d  (  ),   
      uvs  DLL.
   (!) Startf.exe    30         uvs.
   (!) Startf   ,     .
   (!)   startf         DLL. 
   (!)   startf _     uvs.

 o         .
   (.  " ") 
      ..   Windows PE 2.x-3.x .
   (  WinPE 2.1 ( NT 6.0)  WinPE 3.0 ( NT 6.1)).
         ,     uVS  
          .
             
   .      /   EXE/SYS
   . (     .  F6).
         uVS .     
        . (       )
    cat      :
   \System32\CatRoot\{10000000-0000-0000-0000-000000000001},     .
       _,    .  
    " ". 
   (!)           .

 o     " ".
        .

 o   " "    "".
     .  F1   ""  "". 
   (/   )

 o      .
   (      ,    CLSID  ProgID)
   
 o        .

 o    /    .
   (.  " ")
   (!)     System32  x64   ,   _ 
   (!)      . (     )

 o   SymbolicLink-,       .

 o       :
   o  SymbolicLink/MountPoint (   )
   o    .

 o      3  .

 o   MountPoint-.

 o         .

 o _    "  ".

 o     .   x64  
     .

 o     ,     .
   (       . )

 o     .

 o    WinSxS  Assembly     .
           .

 o        WinPE.

 o       "autorun.inf".

---------------------------------------------------------
 2.60
---------------------------------------------------------
 o        /  .
     __      .
        ,         "".
   (!)       ,
   (!)      .

 o       (   )  
   "" . ""      "" .
        .

 o    "   ".
         ,
         .
   (!)          .
   (!) 100%         
   (!)          .

 o Start.exe      : /d
                uVS.
   (   ,    .     )
     .     (.   ).
      startd.cmd  start.exe   .
   (!)   uVS    .
   (!)  explorer    _,    - 
              uVS     uVS __
        .
   (.    Alt+Shift+A,        )

 o    .   uVS    -   .
              . .
     :     ,   
      ,      .
         uVS       . .
   (.    Alt+Shift+I,        )

 o  uVS   __  __   
     ( )    .
     _          
      DLL (    )    .
   (.  "",  .  F9,    )
   (!)      ,    /d  Start.exe.

 o       Windows XP Prof. x64  Win2k3 x64.
             x64 .
      x64    Vista/Win7 x64   32-  NT
   ( ..  Win2k)  WinPE (     - ).

 o  "  "       (  ),
   (     )
       .

 o      "   ".
      ,         .

 o    F8. (.  "")
     . 

 o   km52.x64  WinXP x64/Win2k3 x64.

 o     Windows Vista ( ),    
       . (     )

 o    .

 o   .

 o    .

 o       .

 o           HOSTS.

 o  .

---------------------------------------------------------
 2.50
---------------------------------------------------------
 o      79  .

 o            
   regedit    . .
   (!)      .

 o             .

 o    " /".
       /   .
         exe-.
      .
   (!)      .
   (!)        .

 o      /     Safe Mode.
   ____       .

 o   "Safe mode".
      /   .

 o   "  ".

 o   "HOSTS".
       .

 o   " ".
      DLL     ServiceDLL.

 o    .
   (     windows)

 o   "".
           .

 o        
   "    ".

 o  " "   " ".
     ( )  CLSID/ProgID  ..   

 o       "".
   (         )

 o     rundll32  regsvr32.

 o     .

 o    CLSID.

 o    .

 o  .

---------------------------------------------------------
 2.21
---------------------------------------------------------
 o   "",   .

 o     -   ""   .
       ""   ,
      .
   _       
     . 
   (   __   uVS   [Ctrl+F3])
      ""     .
      Zoo    __  .

 o    - "  ".
      _  _    .

 o   " .   ."
              
    .
   (  F2)

 o    - "(vbs/bat/cmd)  ".
            Magic number
   .  .
   .. *.bat/*.vbs/*cmd/*.class  ..    .
   (!)        . 
       (     )

 o     .

 o     .

 o Start.exe       settings.ini.

 o    :
   Ctrl+S   -  .
   F2       -         .
                 .
   F3       -  ""       . 
              (     )
   Ctrl+F3  -   ""       . 

 o     " "  .

 o    .

 o  .

---------------------------------------------------------
 2.13
---------------------------------------------------------
 o         sgnz.
   ( )

 o    uvs  LocalSystem  Vista  Win7.

 o      Vista/Win7    "   ".

 o    /  .

---------------------------------------------------------
 2.12
---------------------------------------------------------
 o   " "
      /     ,  
     .

 o     .
             - 
   .

 o   autorun.inf    ShellExecute.

 o      .
      . .

 o   //   ( )    
   . .

---------------------------------------------------------
 2.11
---------------------------------------------------------
 o       .

 o      WinSxS  Assembly.

 o       .

---------------------------------------------------------
 2.10
---------------------------------------------------------
 o           (  ,
   ,       )

 o            
            .

 o    uvs    .
           
   ,    uvs  
   . ,      LocalSystem.

 o     uvs   DLL    
          uvs.
   (       . )
   !   ____uvs_DLL_ 
      .

 o     .

 o    .

 o  .

---------------------------------------------------------
 2.02
---------------------------------------------------------
 o   usvc,    sgnz     .

---------------------------------------------------------
 2.01
---------------------------------------------------------
 o             .
 
---------------------------------------------------------
 2.00
---------------------------------------------------------
 o       .
       __ip_\ADMIN$
       , uvs    
   .
        .
      Zoo     .
       uvs    ..   
         ...  .
          ,     
    .
         ,     / .
   (!)           uvs
     .

 o    .
              .
   . :
     Enter      -   
     Backspace  -   . 
     Ctrl+Enter -  .

 o     .
         .
     32- / .    DLL   
     .

 o     (2.5x)

 o      64-   .

 o    x64 .

 o     x64    x86   .

 o       x64 .

 o      Vista x64  Windows 7 x64.

 o    LNK/PIF      Windows.
   (  __      )

 o        LNK/PIF.

 o       .

 o    .

 o  -    DLL.

 o        
    . (.  Del)

 o ESC    uvs.

 o  .

---------------------------------------------------------
 1.71
---------------------------------------------------------
 o       .

 o     .

---------------------------------------------------------
 1.70
---------------------------------------------------------
 o           .
   (   /   
          )

 o     ,  .  
         .     .
   ( ..   WinPE     ).

 o  .

---------------------------------------------------------
 1.65
---------------------------------------------------------
 o  25%      .

 o     .

 o     FireFox  Opera.

 o    x64 .
   (        )

 o   .

---------------------------------------------------------
 1.60
---------------------------------------------------------
 o  uVS    NT6.1 (Win7)
   (  UAC,      )

 o    " ".
            TCP/UDP .
    IPv4     IPv6   WindowsXP SP2.

 o           "".

 o    .

 o   .

---------------------------------------------------------
 1.50
---------------------------------------------------------
 o         .

 o     .

 o      LNK-.

 o      LNK/PIF .

 o          .
   (   )

 o    "     ".
            .

 o    ". ".
           . (Start=4)
         .

 o    ". ".
          . (Start=4)
         .
     _._    ,      
    . (       ).

 o      .
   (    )

 o    WinPE 2.1

 o       Windows  . 
   (   CD/DVD/Flash [WinPE],        )
           ,     ,
         uVS   .
   :    , D, E  K, L, M -  ,  D, I, J .
   (!)  WinPE           .
   (!) uVS   WinPE 2.1,     WinPE .
              uVS.   

 o    .

 o      .
   ( ,  ).

 o      .
            uVS  
   ( "").           
    ,  uVS    ""  . .
   (!)      . .

 o           
      .

 o    .

 o    "".
             uVS.

 o  .
