home » Programs

AVZ is an antivirus from Zaitsev. Antivirus utility AVZ Utility avz 4.43 in Russian

AVZ is a functional antivirus utility that can remove spyware and Trojans, as well as some other types of malicious code. AVZ is not just an anti-virus scanner - the program can also conduct so-called heuristic analysis to detect viruses based on typical signs. Heuristic analysis can detect viruses even when they are not in anti-virus databases.

One of the features of AVZ is a database of safe files. This is not a signature database; it includes digital signatures of “clean” files. This database includes system files and files of known safe programs. The exclusion method can be used to analyze important system areas and remove all malicious programs from these areas.

It should be separately noted that AVZ effectively fights one of the most dangerous types of viruses - Rootkit. The program analyzes basic system libraries and modules to determine whether their functions have been intercepted. The program can effectively block rootkits and also protects itself from the actions of such viruses.

Keyloggers, as a type of spyware, are also within the scope of this antivirus. It quite reliably detects actions to install “hooks” and intercept keystrokes. Signature analysis is not used to find keyloggers.

Antivirus can also be used for in-depth analysis of processes. The built-in process manager displays all running processes, loaded libraries and services, which gives a clear picture of what is happening in the system. The anti-rootkit module is associated with this manager and allows you to display hidden processes.

AVZ also has functions for working with the system registry and network protocols. You can find ports that Trojans use to send reports.

Description:
AVZ- Free, fast working antivirus utility. Includes AVZ itself and additional utilities AVZGuard/AVZPM/BootCleaner.
The main purpose is to detect and remove SpyWare and AdWare modules, as well as Dialer (Trojan.Dialer), Trojan programs, BackDoor modules, network and email worms, TrojanSpy, TrojanDownloader, TrojanDropper.
In fact, AVZ is an analogue of the popular Ad-aware program (with its own characteristics, of course).
Additional options include a heuristic system check, built-in Rootkit detection system, Winsock SPI/LSP settings analyzer, built-in process, service and driver manager, TCP/UDP open port analyzer, Keylogger and Trojan DLL detector that works without using signatures (an original neuroemulator is used, which allows you to examine suspicious files using a neural network).

Features of the AVZ utility:
Heuristic system check microprograms. Firmware searches for known SpyWare and viruses based on indirect signs - based on analysis of the registry, files on disk and in memory.
Updated database of secure files. It includes digital signatures of tens of thousands of system files and files of known secure processes. The database is connected to all AVZ systems and works on the “friend/foe” principle - safe files are not quarantined, deletion and warnings are blocked for them, the database is used by an anti-rootkit, a file search system, and various analyzers. In particular, the built-in process manager highlights safe processes and services in color; searching for files on the disk can exclude known files from the search (which is very useful when searching for Trojan programs on the disk);
Built-in Rootkit detection system. The RootKit search is carried out without the use of signatures, based on a study of basic system libraries to intercept their functions. AVZ can not only detect RootKit, but also correctly block UserMode RootKit for its process and KernelMode RootKit at the system level. The RootKit countermeasures apply to all AVZ service functions; as a result, the AVZ scanner can detect masked processes, the registry search system “sees” masked keys, etc. The anti-rootkit is equipped with an analyzer that detects processes and services masked by RootKit. In my opinion, one of the main features of the RootKit countermeasures system is its functionality in Win9X (the widespread opinion about the absence of RootKit working on the Win9X platform is deeply erroneous - hundreds of Trojan programs are known that intercept API functions to mask their presence, to distort the operation of API functions or to monitor their use). Another feature is the universal detection and blocking system KernelMode RootKit, compatible with Windows NT, Windows 2000 pro/server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1
Keylogger and Trojan DLL detector. The search for Keylogger and Trojan DLLs is carried out based on system analysis without using a signature database, which allows you to confidently detect previously unknown Trojan DLLs and Keylogger;
Neuroanalyzer. In addition to the signature analyzer, AVZ contains a neuroemulator, which allows you to examine suspicious files using a neural network. Currently, the neural network is used in a keylogger detector.
Built-in Winsock SPI/LSP settings analyzer. Allows you to analyze settings, diagnose possible errors in settings and perform automatic treatment. The ability to automatically diagnose and treat is useful for novice users (utilities like LSPFix do not have automatic treatment). To study SPI/LSP manually, the program has a special LSP/SPI settings manager. The Winsock SPI/LSP analyzer is covered by the anti-rootkit;
Built-in manager of processes, services and drivers. Designed to study running processes and loaded libraries, running services and drivers. The work of the process manager is covered by the anti-rootkit (as a result, it “sees” processes masked by the rootkit). The process manager is linked to the AVZ safe file database; identified safe and system files are highlighted in color;
Built-in utility for searching files on disk. Allows you to search a file using various criteria; the capabilities of the search system exceed those of the system search. The operation of the search system is covered by the anti-rootkit (as a result, the search “sees” files masked by the rootkit and can delete them); the filter allows you to exclude files identified by AVZ as safe from the search results. Search results are available as a text log and as a table in which you can mark a group of files for later deletion or quarantine
Built-in utility for searching data in the registry. Allows you to search for keys and parameters according to a given pattern; search results are available in the form of a text protocol and in the form of a table in which you can mark several keys for their export or deletion. The operation of the search system is covered by the anti-rootkit (as a result, the search “sees” registry keys masked by the rootkit and can delete them)
Built-in analyzer of open TCP/UDP ports. It is covered by an anti-rootkit; in Windows XP, the process using the port is displayed for each port. The analyzer is based on an updated database of ports of known Trojan/Backdoor programs and known system services. The search for Trojan program ports is included in the main system scanning algorithm - when suspicious ports are detected, warnings are displayed in the protocol indicating which Trojan programs are likely to use this port
Built-in analyzer of shared resources, network sessions and files opened over the network. Works in Win9X and Nt/W2K/XP.
Built-in Downloaded Program Files (DPF) analyzer - displays DPF elements, connected to all AVZ systems.
System recovery firmware. Firmware restores Internet Explorer settings, program launch settings, and other system parameters damaged by malware. Restoration is started manually, the parameters to be restored are specified by the user.
Heuristic file deletion. Its essence is that if malicious files were deleted during treatment and this option is enabled, then an automatic system scan is performed, covering classes, BHO, IE and Explorer extensions, all types of autorun available to AVZ, Winlogon, SPI/LSP, etc. . All found links to a deleted file are automatically cleared, with information about what exactly was cleared and where it was recorded in the log. For this cleaning, the system treatment firmware engine is actively used;
Checking archives. Starting from version 3.60, AVZ supports scanning archives and compound files. Currently, archives in ZIP, RAR, CAB, GZIP, TAR formats are checked; emails and MHT files; CHM archives
Checking and treating NTFS streams. Checking NTFS streams is included in AVZ starting from version 3.75
Control scripts. Allow the administrator to write a script that performs a set of specified operations on the user’s PC. Scripts allow you to use AVZ on a corporate network, including its launch during system boot.
Process analyzer. The analyzer uses neural networks and analysis firmware; it is turned on when advanced analysis is enabled at the maximum heuristic level and is designed to search for suspicious processes in memory.
AVZGuard system. Designed to combat hard-to-remove malware, it can, in addition to AVZ, protect user-specified applications, for example, other anti-spyware and anti-virus programs.
Direct disk access system for working with locked files. Works on FAT16/FAT32/NTFS, is supported on all operating systems of the NT line, allows the scanner to analyze locked files and quarantine them.
Driver for monitoring processes and drivers AVZPM. Designed to monitor the start and stop of processes and loading/unloading of drivers to search for masquerading drivers and detect distortions in the structures describing processes and drivers created by DKOM rootkits.
Boot Cleaner Driver. Designed to perform system cleaning (removing files, drivers and services, registry keys) from KernelMode. The cleaning operation can be performed both during the process of restarting the computer and during treatment.

Note:
In case of problems with automatic database updating, you can download an archive containing the entire current database - avzbase.zip (the archive is updated twice a day)

AVZ 4.46

AVZ download the latest version for free from the official website

Utility AVZ – powerful antivirus scanner, used to quickly remove Trojans, Backdoor components, AdWare, SpyWare, and other malicious code, such as Dialer downloaders, from a PC. The antivirus is available for download from the link provided at the bottom of the page.

AVZ is used to scan and then remove the following elements:

  • mail and network worms;
  • AdWare, AdWare modules (priority focus of the antivirus);
  • Trojans;
  • BackDoor modules;
  • downloaders like Trojan.Dialer;
  • such malicious components as TrojanDropper, TrojanDownloader, TrojanSpy.

Antivirus AVZ has an excellent archive database, including about 300 thousand viruses, special firmware for treatment, elimination of programs, search engines, heuristics, as well as neuroprofiles. Additionally, the archive contains about 400 thousand signatures of safe files.

The program provides for the use of a huge number of powerful analyzers, for example, shared resources, open ports, Downloaded Program Files. The processor analyzer, the ability to monitor program operation, and Boot Cleaner require special attention. In addition to these features, the utility uses many additional ones to ensure maximum PC security. This is what makes AVZ antivirus so popular among users.

Information about the software
Name: AVZ
Program version: 4.43
Interface language: Russian English
Treatment: not required

System requirements:

Description:
AVZ - Free, fast working antivirus utility. Includes AVZ itself and additional utilities AVZGuard/AVZPM/BootCleaner.
The main purpose is to detect and remove SpyWare and AdWare modules, as well as Dialer (Trojan.Dialer), Trojan programs, BackDoor modules, network and email worms, TrojanSpy, TrojanDownloader, TrojanDropper.
In fact, AVZ is an analogue of the popular Ad-aware program (with its own characteristics, of course).
Additional options include a heuristic system check, built-in Rootkit detection system, Winsock SPI/LSP settings analyzer, built-in process, service and driver manager, TCP/UDP open port analyzer, Keylogger and Trojan DLL detector that works without using signatures (an original neuroemulator is used, which allows you to examine suspicious files using a neural network).

A new version of the AVZ antivirus utility has been released - 4.43. The archive with the utility contains a virus database from 02/23/2014 - 297614 signatures, 2 neuroprofiles, 56 treatment microprograms, 405 heuristics microprograms, 9 IPU microprograms, 236 troubleshooting microprograms, 649446 safe file signatures. The new version contains a number of improvements and enhancements.

[++] New functionality - network diagnostics to identify problems created by malware (diagnostic operations are in the updated database)
[++] Added heuristics for detecting malicious scheduler jobs
[++] Script editor - syntax highlighting, editor pop-up menu and support for standard hotkeys
[++] Filter in the autorun manager (displaying all or only clean ones unidentified by the database)
[++] Script editing and execution window: added syntax highlighting, color highlighting of specific commands of the AVZ script language, display of the cursor line and column, standard keyboard shortcuts like Ctrl+A are supported)
[+] MD5 output by process in HTML report
[+] Outputting the full name of the OS version into the protocol and XML
[+] Improved quarantine strategy (improved quality of quarantine on x64, improved parser)
[+] Added display of information on selected files (number and total size) in the quarantine view
[+/-] The operation of the spoollog parameter has been changed (if the full path is not specified, it is counted from the AVZ directory)
[+/-] The XML version of the files is displayed in x.x.x.x format
[+/-] In the description of the scheduler job in XML, all fields are displayed (previously, some were available only in the HTML log, new fields JobName, Status and FullCmd)
[+/-] XML: added escaping of 0x00 (NUL) characters, such characters are replaced with spaces to eliminate problems with protocol parsers
[-] Fixed a file name parser error in autorun and process manager (available in 4.41 via database update)
[-] XML: Fixed a bug with duplicate parameter names in XML, due to which the log did not pass verification of XML parsers
[-] XML: Fixed a bug with missing spaces between parameters in XML, due to which the log did not pass verification of XML parsers
[-] Fixed a bug with the localization of MessageDlg (in the English localization there were Russian inscriptions on the buttons)

There are many programs on the market that ensure computer security. However, most of the best solutions are in the paid segment, so those who are not willing to shell out money for an antivirus have a much smaller selection to choose from. AVZ belongs to such free solutions, being not a full-fledged antivirus that provides constant protection, but a utility that can find and cure an already infected computer.

Judging by the assurances of the authors of this program, it has an impressive database of viruses (almost 300,000 pieces), several neuroprofiles, microprograms for treatment, heuristics, troubleshooting software, and 400,000 signatures of safe files. Let's try to figure out how to use the AVZ utility.

Possibilities:

  • checking running processes;
  • heuristic system check;
  • searching for potential vulnerabilities.

Principle of operation:

The program has a fairly simple and intuitive interface. When you start, you will be taken to the main window, in which you will need to select the type of scan, as well as the memory area that you want to check. After which you will need to click the "Start" button, and the program will start working.

I would also like to note that the creators took a very careful approach to organizing the usability of the program. The main window has thematic tabs that allow you to quickly jump to the necessary actions, checking by memory area, file type or other search parameters. I was also pleased with the panel for setting up actions when threats are detected. For each type of threat, you can pre-select the type of desired action, and when detected, the program will either perform it automatically or ask you what you want to do in this case.

Pros:

  • simple and convenient interface;
  • good virus database;
  • fast work and low resource consumption;
  • The AVZ utility can be downloaded for free.

Minuses:

  • does not provide real-time protection.

The AVZ utility is a pretty good tool for curing an already infected computer from viruses. If you have such a need, you can download Kaspersky AVZ for free on our website.