Antivirus program avz by Oleg Zaitsev. Antivirus utility AVZ

Program interface: Russian

Platform:XP/7/Vista

Manufacturer: Oleg Zaitsev

AVZ is a very powerful free anti-virus package that combines in its functionality quite a lot of features that are characteristic not only of antiviruses, but also of anti-advertising modules, and even optimizers of the operating system itself.

Main features of the AVZ program

To begin with, let us note exactly those main modules that are included in this software product. These are modules AVZGuard, AVZPM, BootCleaner and several others. The first module is designed to monitor and correctly remove various types of malicious programs that cannot be removed using the built-in operating system tools. The second component is a tool for monitoring system processes, background services, and drivers loaded into the system. The third module is an operating system optimizer that allows you to remove unnecessary files, dynamic libraries, completely clean the system registry, check and correct boot sector entries, and much more.

As for the basic operating principles of the program, they, like most programs of this kind, are based on in-depth heuristic analysis. Moreover, the application is capable of blocking rootkits, spyware, and Trojans that operate without using signatures. By the way, some anti-virus programs may not detect and allow this type of threat to penetrate the system, since they are built specifically on signature scanning. In this case, everything is somewhat different. In addition, this software package has a constantly running tool for monitoring Winsock SPI/LSP connections, taking into account the analysis of all settings. Equally important is the presence of a function for analyzing and constantly monitoring TCP/UDP settings, the external use of which can lead to the penetration of malware into the system. Also, the program prevents unauthorized unauthorized access, including blocking hacker attacks.

If we talk about restoring settings, they are presented in quite a variety. First of all, this concerns Internet Explorer settings and launch options for programs and applications that could be damaged as a result of malware entering the computer. And, of course, the application allows you to block and get rid of various keyloggers that can track all user actions on the keyboard, thereby allowing you to find out access passwords to sites, web wallets, various cards, etc.

AVZ is a free anti-virus program that is designed to clean your computer from Spyware and Adware programs, various Backdoor and Trojan components and other malicious code (Trojan downloaders, Dialer, etc.).

In addition to standard scanners (with a heuristic analyzer) and an auditor, it includes a number of tools for automating the removal of malicious code, some of which are atypical (for 2007) and provide a fairly competent user with advanced control tools.

The program was developed by Oleg Zaitsev. Since 2007, Oleg has been working at Kaspersky Lab and remains the only developer of AVZ. The developments and technologies used in AVZ were included in the main products of Kaspersky Lab - Kaspersky Internet Security 2009/2010 and Kaspersky for Windows Workstations 6 MP4.

Purpose of AVZ

The AVZ program is used to find and remove:

• Spyware and Adware
• Trojans
• Backdoor
• Viruses
• Network worms
• Mail worms
• Rootkits
• Keyloggers

The program is also used to create logs, useful when requesting help on antivirus forums.

Tools built into AVZ

• Heuristic system check firmware

Firmware searches for known Spyware and viruses based on indirect signs - based on analysis of the registry, files on disk and in memory.

• Updated database of safe files

It includes digital signatures of tens of thousands of system files and files of known safe processes. The database is connected to all AVZ systems and works on the “friend/foe” principle - safe files are not quarantined, deletion and warnings are blocked for them, the database is used by an anti-rootkit, a file search system, and various analyzers. In particular, the built-in process manager highlights safe processes and services in color; searching for files on the disk can exclude known files from the search (which is very useful when searching for Trojan programs on the disk).

• Rootkit detector (built-in)

The search for rootkits is carried out without the use of signatures, based on the study of basic system libraries to intercept their functions. AVZ can not only detect rootkits, but also correctly block rootkits. Countering rootkits extends to all AVZ service functions; as a result, the AVZ scanner can detect masked processes, the registry search system “sees” masked keys, etc. The anti-rootkit is equipped with an analyzer that detects processes and services masked by rootkits. A special feature of the anti-rootkit system is its functionality in Windows 9x. Another feature is the universal KernelMode system for detecting and blocking rootkits, working under Microsoft Windows NT, Microsoft Windows 2000 pro/server, Microsoft Windows XP/XP SP1/XP SP2/XP SP3, Microsoft Windows 2003 Server, Microsoft Windows 2003 Server SP1.

• Keylogger and Trojan DLL detector

The search for keyloggers and Trojan DLLs is carried out based on system analysis without using a signature database, which allows you to confidently detect previously unknown Trojan DLLs and keyloggers.

• Neuroanalyzer

In addition to the signature analyzer, AVZ contains a neuroemulator that allows you to examine suspicious files using a neural network. Currently, the neural network is used in a keylogger detector.

• Winsock SPI/LSP settings analyzer (built-in)

Allows you to analyze settings, diagnose possible errors in settings and perform automatic treatment. The ability to automatically diagnose and treat is useful for novice users (utilities like LSPFix do not have automatic treatment). To study SPI/LSP manually, the program has a special LSP/SPI settings manager. The Winsock SPI/LSP analyzer is covered by the anti-rootkit.

• Manager of processes, services and drivers (built-in)

Designed to study running processes and loaded libraries, running services and drivers. The work of the process manager is covered by the anti-rootkit (as a result, it “sees” processes masked by the rootkit). The process manager is linked to the AVZ safe file database; identified safe and system files are highlighted in color.

• Utility for searching files on disk (built-in)

Allows you to search a file using various criteria; the capabilities of the search system exceed those of the system search. The operation of the search system is covered by the anti-rootkit (as a result, the search “sees” files masked by the rootkit and can delete them); the filter allows you to exclude files identified by AVZ as safe from the search results. Search results are available as a text log and as a table in which you can mark a group of files for later deletion or quarantine.

• Utility for searching data in the registry (built-in)

Allows you to search for keys and parameters according to a given pattern; search results are available in the form of a text protocol and in the form of a table in which you can mark several keys for their export or deletion. The operation of the search system is covered by the anti-rootkit (as a result, the search “sees” registry keys masked by the rootkit and can delete them).

• TCP/UDP open port analyzer (built-in)

It is covered by an anti-rootkit; in Microsoft Windows XP, the process using the port is displayed for each port. The analyzer is based on an updated database of ports of known Trojan/Backdoor programs and known system services. The search for Trojan program ports is included in the main system scanning algorithm - when suspicious ports are detected, warnings are displayed in the protocol indicating which Trojan programs are likely to use this port.

• Analyzer of shared resources, network sessions and files opened over the network (built-in)

Works in Microsoft Windows 9x and Microsoft Windows NT/2000/XP.

• Downloaded Program Files (DPF) analyzer (built-in)

Displays DPF elements, connected to all AVZ systems.

• System recovery firmware

Firmware restores settings, program launch parameters and other system parameters damaged by malware. Restoration is started manually, the parameters to be restored are specified by the user.

• Heuristic file deletion

Its essence is that if malicious files were deleted during treatment and this option is enabled, then an automatic system scan is performed, covering classes, BHO, extensions and Explorer, all types of autorun available to AVZ, Winlogon, SPI/LSP, etc. All found links to a deleted file are automatically cleared, with information about what exactly was cleared and where it was recorded in the log. For this cleaning, the system treatment firmware engine is actively used.

• Checking archives

Starting from version 3.60, AVZ supports scanning archives and compound files. Currently, archives in ZIP, RAR, CAB, tar formats are checked; emails and MHT files; CHM archives.

• Checking and treating NTFS streams

Checking NTFS streams is included in AVZ starting from version 3.75.

• Control scripts

Allow the administrator to write a script that performs a set of specified operations on the user’s PC. Scripts allow you to use AVZ on a corporate network, including its launch during system boot.

• Process Analyzer

The analyzer uses neural networks and analysis firmware; it is turned on when advanced analysis is enabled at the maximum heuristic level and is designed to search for suspicious processes in memory.

• AVZGuard system

Designed to combat hard-to-remove malware, it can, in addition to AVZ, protect user-specified applications, for example, other anti-spyware and anti-virus programs.

• Direct disk access system for working with locked files

Works on FAT16/FAT32/NTFS, is supported on all operating systems of the NT line, allows the scanner to analyze locked files and quarantine them.

• AVZPM Process Monitoring and Driver Driver

Designed to monitor the start and stop of processes and loading/unloading of drivers to search for masquerading drivers and detect distortions in the structures that describe processes and drivers created by DKOM rootkits.

• Boot Cleaner Driver

Designed to perform system cleaning (deleting files, drivers and services, registry keys) from KernelMode. The cleaning operation can be performed both during the process of restarting the computer and during treatment.

Report a bug

AVZ is Zaitsev's antivirus designed to detect and remove AdWare and SpyWare programs. In addition, the application copes with email worms, rootkits and Trojans. The utility is similar in functionality to TrojanHunter, but is superior in efficiency.

Antivirus "Hare" scans the system for dangerous files. The utility uses heuristic analysis for monitoring. When potentially dangerous files are detected, the defender sends them to quarantine.

Antivirus software can be installed on any computer. As for the operating system, the utility can work on both Windows 98 and Windows 10. The only limitation is that technologies such as AVZPM and AVZGuard do not work on earlier versions.

Key Features

• System monitoring for malware;
• Heuristic analysis;
• Scanning devices connected to USB ports;
• Detection of system vulnerabilities;
• Search and neutralize spies that remember passwords entered by the user;
• Elimination of mail and network worms;
• Fighting the Trojans;
• Scanning TCP/UDP ports;
• Analysis of running processes;
• Database update;
• Registry scanning;
• Placing files in quarantine.

Advantages

AVZ antivirus copes well with viruses, but this is not its only advantage. The application is capable of repairing a damaged disk after the activity of some malware. Using the utility, users can “enter” locked disk partitions.

Another advantage is the absence of conflict with other antiviruses. At the same time, programs are able to work in “symbiosis”, that is, popular antiviruses begin to find even those viruses that were not detected before. AVZ serves as some kind of catalyst for them.

The AVZ anti-virus utility is distributed completely free of charge. It doesn't have any "PRO" versions. You just need to download the program once and you can use it an unlimited number of times.

AVZ antivirus does not need to be installed. Just download the utility and then unpack it. If you scan your system every day, you can quickly deal with new spies that have entered your system.

For many users, the advantage is the intuitive interface. In addition, the avz antivirus utility is distributed in Russian. Thanks to this, even a beginner can cope with management and setup.

The neuroanalyzer deserves special attention. The utility not only has a database for searching for viruses, but also a neuroemulator. Having detected a suspicious file, the utility places it in the neural network for research activities.

Thanks to system recovery firmware, it is possible to reset Internet Explorer settings as well as system parameters. It should be noted that the recovery process must be started manually. In this case, you must first set the parameters.

The AVZGuard system allows you to deal with difficult-to-remove applications. In addition, after configuration, you can specify the programs that need to be protected. It is best to add other antivirus software to the database.

Flaws

The AVZ scanner program does not cope well with viruses packaged in archives. This means that at the moment of downloading an archived file from the Internet, the “defender” is not able to detect most Trojans.

Sometimes an application tries to delete files that are important to the system because it considers them infected. It is best to independently review everything that the antivirus finds.

Another significant drawback is that AVZ for Windows 7 is not able to cope with emerging threats in real time.

Changes in the new version

With the release of the new version, the antivirus scanner has undergone some changes. The main modifications include:

• Extension of local network diagnostics;
• Work with archives has been changed;
• Added parser function for file names;
• Ability to delete Google policies;
• When an error is found, it moves to the line with the problem;
• Fixed some functions of the script;
• The process detection error on 64-bit systems has been eliminated;
• The work of quarantine has been revised;
• The principle of operation on Windows 10 has been changed.

In addition to the main modifications, small changes were made regarding the operating principle of the program, which are not noticeable to the user.

How to download the utility

Having understood what AVZ is and why it is needed, you can proceed to downloading the application. First you need to go to the official Internet resource of the developer Oleg Zaitsev. You need to enter the address “z-oleg.com” in the browser.

When the website loads, you should look for “AVZ” in the navigation bar. After this, select “Download” from the menu that opens.

Starting the program

Once you can download AVZ for free, you can start unpacking it. To do this, you need to right-click on the archive, and then select “Extract to avz4”.

When the antivirus is unzipped, you need to enter the folder and then run the exe file.

When the utility starts, the user will be able to select the storage media that needs to be scanned. In addition, you can configure the types of files that the antivirus will view. And another important point is the “Search Options” item.

After setting up the scanner, you must click “Start”. When the scan starts, you can see the monitoring results in the “Protocol” field. Typically the scan takes no more than 10 minutes.

AVZ is a functional antivirus utility that can remove spyware and Trojans, as well as some other types of malicious code. AVZ is not just an anti-virus scanner - the program can also carry out so-called heuristic analysis to detect viruses based on typical signs. Heuristic analysis can detect viruses even when they are not in anti-virus databases.

One of the features of AVZ is a database of safe files. This is not a signature database; it includes digital signatures of “clean” files. This database includes system files and files of known safe programs. The exclusion method can be used to analyze important system areas and remove all malicious programs from these areas.

It should be separately noted that AVZ effectively fights one of the most dangerous types of viruses - Rootkit. The program analyzes basic system libraries and modules to determine whether their functions have been intercepted. The program can effectively block rootkits and also protects itself from the actions of such viruses.

Keyloggers, as a type of spyware, are also within the scope of this antivirus. It quite reliably detects actions to install “hooks” and intercept keystrokes. Signature analysis is not used to find keyloggers.

Antivirus can also be used for in-depth analysis of processes. The built-in process manager displays all running processes, loaded libraries and services, which gives a clear picture of what is happening in the system. The anti-rootkit module is associated with this manager and allows you to display hidden processes.

AVZ also has functions for working with the system registry and network protocols. You can find ports that Trojans use to send reports.

System Requirements :

Description :
AVZ - Free, fast working antivirus utility. Includes AVZ itself and additional utilities AVZGuard/AVZPM/BootCleaner.
The main purpose is to detect and remove SpyWare and AdWare modules, as well as Dialer (Trojan.Dialer), Trojan programs, BackDoor modules, network and email worms, TrojanSpy, TrojanDownloader, TrojanDropper.
In fact, AVZ is an analogue of the popular Ad-aware program (with its own characteristics, of course).
Additional options include a heuristic system check, built-in Rootkit detection system, Winsock SPI/LSP settings analyzer, built-in process, service and driver manager, TCP/UDP open port analyzer, Keylogger and Trojan DLL detector that works without using signatures (an original neuroemulator is used, which allows you to examine suspicious files using a neural network).

Additional information: