Antivirus utility avz 4.45. AVZ - antivirus from Zaitsev

AVZ is a free antivirus utility primarily designed to detect and remove SpyWare and AdWare programs and modules, as well as rootkits, network and mail worms, various Trojans (including all their varieties, in particular Trojan-PSW, Trojan-Downloader, Trojan-Spy), Trojan dialers (Dialer, Trojan.Dialer, Porn-Dialer), Backdoor (programs for stealth remote control PC), keyloggers and other malware.

AVZ is a direct analogue of such programs as TrojanHunter and LavaSoft Ad-aware 6, but to a large extent surpasses them, combining the capabilities of each of them, and surpassing these products in terms of functionality.

The program was developed by Russian programmer Oleg Zaitsev (Kaspersky Lab). AVZ anti-virus does not require installation and is a truly universal tool for dealing with both SpyWare and AdWare, as well as Trojans and Backdoor programs.

Systematic computer checks using the AVZ utility will perfectly complement the already installed antivirus in the system (, etc.), since many viruses and worms can easily bypass the protection of popular antiviruses and disable them.

Also, programs of the SpyWare and AdWare class can be skipped by anti-virus programs, due to the difficulties of classifying and identifying such programs on the part of popular anti-virus solutions. It should be noted that programs classified as SpyWare, AdWare, in fact, are not viruses or Trojans. The aim of this software is the collection of data or the introduction of spyware into the user's computer solely for marketing purposes (the information collected does not contain important data: logins and passwords, credit card numbers, etc., and the downloaded information is advertising or updates). In any case, the goal of SpyWare and AdWare programs is targeted advertising, and this is where a utility such as AVZ will be essential.

The program does not require installation, download latest version AVZ can be found at the link below. The interface of the AVZ program is in Russian, navigation through the program is simple and quite convenient. The main program window contains all the main controls - the main menu, settings for the search and treatment process, the protocol view window and the status line.

During the test, most elements of the AVZ interface will be unavailable.

Please note that before you start working with the AVZ program (check / cure), it is recommended to disable the background monitoring of registry changes and anti-virus monitors. It is not necessary to do this - you can leave it on, but in this case, the scan speed may increase significantly (up to several hours instead of minutes) due to the fact that, due to its specifics, the anti-virus monitor will need additional time to scan files that are opened (new files checked at the time of opening).

In case there are problems with automatic update databases, you can download the archive containing the current database - download the archive with the database (updated twice a day).

Download AVZ for free, without registration.

AVZ is a free antivirus utility primarily designed to detect and remove SpyWare and AdWare.

Version: AVZ 4.46

Size: 9.61 MB

Operating system: Windows

Russian language

Program status: Free

Developer: Oleg Zaitsev

What's new in version: List of changes


Software version: 4.46
Interface language: Russian, English
Treatment: not required
System requirements: windows 10, 8.1, 8, 7, vista, xp

Description: AVZ - Free fast antivirus utility. Includes AVZ itself and additional utilities AVZGuard/AVZPM/BootCleaner.
The main purpose is to detect and remove SpyWare and AdWare modules, as well as Dialer (Trojan.Dialer), Trojans, BackDoor modules, network and mail worms, TrojanSpy, TrojanDownloader, TrojanDropper.
In fact, AVZ is an analogue popular program Ad-aware (of course, with its own characteristics).
Additional options include heuristic system checks, built-in Rootkit detection system, Winsock SPI/LSP settings analyzer, built-in process, service and driver manager, TCP/UDP open port analyzer, keylogger (Keylogger) and Trojan DLL detector that works without the use of signatures. (the original neuro-emulator is used, which allows you to investigate suspicious files using a neural network).

Help for working with the program http://z-oleg.com/secur/avz_doc/

Additional Information:

Heuristic system check firmware. Firmware searches for known SpyWare and viruses by indirect signs - based on the analysis of the registry, files on disk and in memory.
Updated base safe files. It includes digital signatures of tens of thousands of system files and files of known safe processes. The database is connected to all AVZ systems and works on the "friend/foe" principle - safe files are not quarantined, deletion and warnings are blocked for them, the database is used by an anti-rootkit, a file search system, and various analyzers. In particular, the built-in process manager highlights safe processes and services with color, the search for files on the disk can exclude known files from the search (which is very useful when searching for Trojans on the disk);
Built-in Rootkit detection system. The search for RootKit goes without the use of signatures based on the study of basic system libraries in order to intercept their functions. AVZ can not only detect RootKit, but also correctly block the operation of UserMode RootKit for its process and KernelMode RootKit at the system level. RootKit countermeasures apply to all AVZ service functions, as a result, the AVZ scanner can detect masked processes, the registry search system "sees" masked keys, etc. The anti-rootkit is equipped with an analyzer that detects processes and services masked by RootKit. In my opinion, one of the main features of the RootKit countermeasure system is its performance in Win9X (the widespread opinion about the absence of RootKits running on the Win9X platform is deeply erroneous - hundreds of Trojans are known that intercept API functions to mask their presence, to distort the operation of API functions or monitor their use). Another feature is the universal KernelMode RootKit detection and blocking system, which works under Windows NT, Windows 2000 pro/server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1
Keylogger and Trojan DLL detector. The search for Keylogger and Trojan DLLs is based on system analysis without the use of a signature database, which makes it possible to reliably detect previously unknown Trojan DLLs and Keyloggers;
Neuroanalyzer. In addition to the signature analyzer, AVZ contains a neuroemulator that allows you to analyze suspicious files using a neural network. Currently, the neural network is used in the keylogger detector.
Built-in analyzer of Winsock SPI/LSP settings. Allows you to analyze the settings, diagnose possible errors in the settings and perform automatic treatment. The possibility of automatic diagnostics and treatment is useful for novice users (there is no automatic treatment in utilities like LSPFix). To study SPI/LSP manually, the program has a special LSP/SPI settings manager. The operation of the Winsock SPI/LSP analyzer is affected by an anti-rootkit;
Built-in manager of processes, services and drivers. Designed to study running processes and loaded libraries, running services and drivers. The operation of the process manager is affected by the anti-rootkit (as a result, it "sees" the processes masked by the rootkit). The process manager is linked to the AVZ safe files database, recognized safe and system files are highlighted in color;
Built-in utility for searching files on a disk. Allows you to search for a file by various criteria, the capabilities of the search system are superior to those of the system search. The operation of the search system is affected by the anti-rootkit (as a result, the search "sees" the files masked by the rootkit and can delete them), the filter allows you to exclude from the search results files identified by AVZ as safe. Search results are available as a text log and as a table where you can mark a group of files for later deletion or quarantine
Built-in utility for searching data in the registry. Allows you to search for keys and parameters according to a given pattern, the search results are available in the form of a text protocol and in the form of a table in which several keys can be marked for export or deletion. The operation of the search system is affected by the anti-rootkit (as a result, the search "sees" the registry keys masked by the rootkit and can delete them)
Built-in analyzer of open TCP/UDP ports. It is affected by the anti-rootkit, in Windows XP, for each port, the process using the port is displayed. The analyzer relies on an updated database of known Trojan/Backdoor ports and known system services. The search for Trojan ports is included in the main system check algorithm - when suspicious ports are detected, warnings are displayed in the protocol indicating which Trojans it is common to use this port
Built-in analyzer of shared resources, network sessions and files opened over the network. Works in Win9X and Nt/W2K/XP.
Built-in analyzer Downloaded Program Files (DPF) - displays DPF elements, connected to all AVZ systems.
System recovery firmware. Firmware performs restore settings Internet Explorer, program launch options and other system settings that are damaged malware. Restoration is started manually, parameters to be restored are specified by the user.
Heuristic file deletion. Its essence is that if malicious files were removed during the treatment and this option is enabled, then an automatic examination of the system is performed, covering classes, BHO, IE and Explorer extensions, all types of autorun available to AVZ, Winlogon, SPI / LSP, etc. . All found links to remote file are automatically cleaned with the entry into the protocol of information about what exactly and where was cleaned. For this cleaning, the system treatment microprogram engine is actively used;
Checking archives. Starting from version 3.60 AVZ supports scanning of archives and compound files. At the moment, ZIP, RAR, CAB, GZIP, TAR archives are checked; letters Email and MHT files; CHM archives
Checking and treating NTFS streams. Checking NTFS streams is included in AVZ since version 3.75
Control scripts. Allows the administrator to write a script that performs a set of specified operations on the user's PC. Scripts allow you to use AVZ in a corporate network, including its launch during system boot.
Process Analyzer. The analyzer uses neural networks and analysis firmware, it is enabled when advanced analysis is enabled at the maximum heuristic level and is designed to search for suspicious processes in memory.
AVZGuard system. Designed to fight against hard-to-remove malware, in addition to AVZ, it can protect user-specified applications, such as other anti-spyware and anti-virus programs.
Direct disk access system for working with locked files. Works on FAT16/FAT32/NTFS, supported on all operating systems NT line, allows the scanner to analyze locked files and place them in quarantine.
AVZPM process and driver monitoring driver. Designed to track the start and stop of processes and loading / unloading drivers to search for masquerading drivers and detect distortions in the structures describing processes and drivers created by DKOM rootkits.
Boot Cleaner driver. Designed to clean up the system (remove files, drivers and services, registry keys) from KernelMode. The cleaning operation can be performed both in the process of restarting the computer, and during the treatment.
changelog 4.46: Improvements and modifications for compatibility with Windows 10

Download torrent

Zaitsev's antivirus (developer's site z-oleg.com), or the AVZ program, is aimed at a qualified user. It contains tools that allow you to identify a virus that is not in the anti-virus database. It turns out that many antiviruses will not cope with those viruses that AVZ allows you to neutralize.

Zaitsev's antivirus is focused more on network viruses and allows you to remove trojans that cannot be removed by other antiviruses. In some cases, this utility is more useful than Kaspersky Anti-Virus. By the way, we can say that KAV and AVZ are relatives. The AVZ program was developed by Oleg Zaitsev, but later it was bought out by Kaspersky Lab, although Zaitsev continues to develop and support it, and some AVZ solutions migrated to KIS.

Let's see what is interesting about the AVZ utility? First of all, AVZ, unlike other antiviruses, can run in safe mode, which is the easiest way to track a virus in safe mode.

Also, unlike most antiviruses, AVZ does not require installation. The utility can be run from a flash drive and in safe mode, which generally makes AVZ an indispensable scanner.

But this is not all the functions of AVZ. Although AVZ has a heuristic analyzer that allows you to detect malware without using any anti-virus database, AVZ does have an anti-virus database. Moreover, it is quite large and often updated. In addition, AVZ has a database of safe files. This database contains digital signatures of a huge number of system files and safe processes. If the digital signature of some process differs from the signature in the database, then the file has been modified (perhaps by a virus).

The built-in process manager (Tools => Process manager command) uses the safe files database when listing processes. If the process name is displayed in red, the process's executable has been modified. Perhaps the virus "tried". Or perhaps the process was just updated by the system. Try first to update the databases (command File => Update databases), and then open the process manager again - if the process is again "red", it was probably modified by a virus.

With the help of the command Service => Check file against the database of safe files, you can check a separately selected file. The program also allows you to check the file against the Microsoft security catalog: to do this, use the command Tools => Verify the authenticity of the file against the Microsoft security catalog.

AVZ Antivirus does an excellent job of detecting rootkits. A rootkit is a program or set of programs for hiding the traces of an intruder or malware on a system. AVZ can not only find, but also block rootkits. True, there are limitations. The program can block rootkits running in user mode and can only detect rootkits running in kernel mode. So far, the program can detect kernel-level rootkits in the following operating systems: Windows NT, Windows 2000 pro/server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1 (information from the developer's website, z-oleg.com/secur /avz/ ).

The heuristic analyzer deserves special attention, which allows you to identify viruses and malware by indirect signs by analyzing the file system, registry, and monitoring the actions of the program. If you want to use the analyzer, enable the Heuristic check switch on the Search scope tab.

The built-in manager of processes, services and drivers allows you to get information about running processes, services and loaded drivers. This is purely an information tool. As noted, this manager is associated with the Safe Files database. All unsafe processes will be marked in red in the dispatcher list. To launch only the Process Manager, select Tools => Process Manager, and to launch the Services and Drivers Manager, select Tools => Services and Drivers Manager.

The AVZ program contains a neuroanalyzer that allows you to detect a virus using a neural network. The neuroanalyzer is successfully used to detect keyloggers and Trojan libraries (and these programs can be used to intercept everything that the user entered from the keyboard and transfer this information to a third party - an attacker). You can launch the Trojan Library Detector using the Tools => Embedded DLL Manager command.

Like any other antivirus, AVZ can quarantine suspicious objects - this is a special directory on your hard drive. In order for AVZ to quarantine suspicious objects, check the Copy suspicious objects to quarantine box on the Search scope tab. And view the objects that are in this moment are in quarantine, you can use the File => View Quarantine command.

    For novice users, two wizards will certainly come in handy:
  • troubleshooting wizard - allows you to find problems in the system configuration, called by the command File => Troubleshooting Wizard;
  • Winsock SPI/LSP settings analyzer - analyzes possible errors in Winsock SPI/LSP settings, called by the command Service => Winsock SPI Manager.

Among other things, AVZ allows you to view open TCP/UDP ports. This can be done using the menu command Tools => Open TCP / UDP ports. Open Port Analyzer uses a database of known ports that are commonly used by Trojans and other malware. The analyzer will also help you find suspicious ports that are not in the database of known ports.

The AVZGuard system is used to fight viruses that are very difficult to detect. AVZGuard can block access to critical system objects and protect it from viruses. True, working with AVZGuard protection enabled is quite inconvenient. You can turn protection on and off using the AVZGuard menu commands.

AVZ has a lot of functions, and, of course, we will not consider all of them.

    Let's mention a few features that deserve attention:
  • Advanced utilities for searching files on the disk and for searching the registry. They are called by the commands Service => Search for files on the disk and Service => Search for data in the registry, respectively. When searching for files on a disk, there is an option to exclude safe files, and files that are marked as unsafe can be quarantined for analysis. The registry search utility can "see" the registry keys "masked" by the rootkit, i.e. keys hidden by the malware from the user.
  • The program can check and treat NTFS streams, and not all full-fledged antiviruses can do this.
  • BootCleaner cleaner that allows you to remove malicious files, drivers, services and registry keys.
  • The program can directly access the disk to gain access to files locked by other processes. Direct Disk Access works with file systems FAT (16/32) and NTFS.
  • AVZPM Advanced Process Monitoring Driver (AVZPM => Install Advanced Process Monitoring Driver command) used to start and stop processes and load and unload drivers.
  • Support for archive formats ZIP, RAR, CAB, GZIP, MHT, CHM, as well as support for mail formats.
  • Analyzer of downloaded program files, which can be launched with the command Service => Downloaded Program Files Manager.

As noted earlier, after downloading the archive with the program, simply unzip it to HDD and select the command File => Update databases. It is clear that the connection to the Internet must be active - then the anti-virus databases of the program will be updated. Then click on the Start button to start the system scan.

AVZ - small free program to remove spyware and adware from your computer. This application is equipped with scanning and automatic detection of potential threats.

While surfing the Web or installing software, there is a possibility that malware will also be installed unnoticed, which will display ads or steal passwords.

To secure your working system from such malevolent applications, it is good to use the AVZ utility. It scans systems for dangerous files, uses heuristic analysis to detect suspicious software in background, sends infected objects to quarantine, and much more. By downloading AVZ for free, you can protect your confidential data from unauthorized persons. In addition, the application protects the computer from installing adware in browsers.

The main functions of AVZ are to ensure the security of the computer and remove the malware present on it. To do this, this anti-virus software uses a special algorithm in the background - heuristic analysis. For prevention, you can force the scan of selected areas hard drive. Besides, good effect gives a check of removable media when connected to a PC - many computers are infected in this way. Detected viruses can be removed or quarantined.

The program is highly customizable, and you can choose all the necessary values ​​​​so that in the future it will make all decisions for you and not distract you from other things.

The main features of the AVZ program are as follows:

  • detection of different types of malicious software;
  • Scanning System;
  • use of heuristic analysis;
  • keylogger detection;
  • removable media scanning;
  • checking active processes;
  • detection of potential vulnerabilities.

The AVZ program does an excellent job with adware or spyware. At the same time, it works in the background, but you can force the scanning process to quickly search for new vulnerabilities. Note that this antivirus works without installation and for work you just need to download AVZ for free and unzip its archive to the desired folder.

However, this program is not omnipotent, and for comprehensive protection of your computer, it is better to install another antivirus software, such as Avast or Norton. As an analogue of AVZ, you can use the Ad-Aware Free antivirus, which also detects malware well.

Antivirus utility AVZ designed to detect and remove:

  • SpyWare and AdWare modules - this is the main purpose of the utility
  • Dialer (Trojan.Dialer)
  • Trojans
  • BackDoor modules
  • Network and mail worms
  • TrojanSpy, TrojanDownloader, TrojanDropper

The main features of the AVZ utility (in addition to the typical signature scanner)

System Heuristic Firmware. Firmware searches for known SpyWare and viruses by indirect signs - based on the analysis of the registry, files on disk and in memory.

Updated database of safe files. It includes digital signatures of tens of thousands of system files and files of known safe processes. The database is connected to all AVZ systems and works on the "friend/foe" principle - safe files are not quarantined, deletion and warnings are blocked for them, the database is used by an anti-rootkit, a file search system, and various analyzers. In particular, the built-in process manager highlights safe processes and services with color, the search for files on the disk can exclude known files from the search (which is very useful when searching for Trojans on the disk);

Built-in Rootkit detection system. The search for RootKit goes without the use of signatures based on the study of basic system libraries in order to intercept their functions. AVZ can not only detect RootKit, but also correctly block the operation of UserMode RootKit for its process and KernelMode RootKit at the system level. RootKit countermeasures apply to all AVZ service functions, as a result, the AVZ scanner can detect masked processes, the registry search system "sees" masked keys, etc. The anti-rootkit is equipped with an analyzer that detects processes and services masked by RootKit. In my opinion, one of the main features of the RootKit countermeasure system is its performance in Win9X (the widespread opinion about the absence of RootKits running on the Win9X platform is deeply erroneous - hundreds of Trojans are known that intercept API functions to mask their presence, to distort the operation of API functions or monitor their use). Another feature is the universal KernelMode RootKit detection and blocking system, which works under Windows NT, Windows 2000 pro/server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1

Keylogger and Trojan DLL detector. The search for Keylogger and Trojan DLLs is based on system analysis without the use of a signature database, which makes it possible to reliably detect previously unknown Trojan DLLs and Keyloggers;

Neuroanalyzer. In addition to the signature analyzer, AVZ contains a neuroemulator that allows you to analyze suspicious files using a neural network. Currently, the neural network is used in the keylogger detector.

Built-in Winsock SPI/LSP Settings Analyzer. Allows you to analyze the settings, diagnose possible errors in the settings and perform automatic treatment. The possibility of automatic diagnostics and treatment is useful for novice users (there is no automatic treatment in utilities like LSPFix). To study SPI/LSP manually, the program has a special LSP/SPI settings manager. The operation of the Winsock SPI/LSP analyzer is affected by an anti-rootkit;

Built-in manager of processes, services and drivers. Designed to study running processes and loaded libraries, running services and drivers. The operation of the process manager is affected by the anti-rootkit (as a result, it "sees" the processes masked by the rootkit). The process manager is linked to the AVZ safe files database, recognized safe and system files are highlighted in color;

Built-in utility for searching files on a disk. Allows you to search for a file by various criteria, the capabilities of the search system are superior to those of the system search. The operation of the search system is affected by the anti-rootkit (as a result, the search "sees" the files masked by the rootkit and can delete them), the filter allows you to exclude from the search results files identified by AVZ as safe. Search results are available as a text log and as a table where you can mark a group of files for later deletion or quarantine

Built-in utility for searching data in the registry. Allows you to search for keys and parameters according to a given pattern, the search results are available in the form of a text protocol and in the form of a table in which several keys can be marked for export or deletion. The operation of the search system is affected by the anti-rootkit (as a result, the search "sees" the registry keys masked by the rootkit and can delete them)

Built-in TCP/UDP Open Port Analyzer. It is affected by the anti-rootkit, in Windows XP, for each port, the process using the port is displayed. The analyzer relies on an updated database of known Trojan/Backdoor ports and known system services. The search for Trojan ports is included in the main system check algorithm - when suspicious ports are detected, warnings are displayed in the protocol indicating which Trojans tend to use this port

Built-in analyzer of shared resources, network sessions and files opened over the network. Works in Win9X and Nt/W2K/XP.

Built-in Downloaded Program Files (DPF) analyzer- displays DPF elements, connected to all AVZ systems.

System recovery firmware. Firmware restores Internet Explorer settings, program launch options, and other system settings corrupted by malware. Restoration is started manually, parameters to be restored are specified by the user.

Heuristic file deletion. Its essence is that if malicious files were removed during the treatment and this option is enabled, then an automatic examination of the system is performed, covering classes, BHO, IE and Explorer extensions, all types of autorun available to AVZ, Winlogon, SPI / LSP, etc. . All found references to a deleted file are automatically purged, and information about what exactly was purged and where was entered into the log. For this cleaning, the system treatment microprogram engine is actively used;

Checking archives. Starting from version 3.60 AVZ supports scanning of archives and compound files. At the moment, ZIP, RAR, CAB, GZIP, TAR archives are checked; emails and MHT files; CHM archives

Checking and treating NTFS streams. Checking NTFS streams is included in AVZ since version 3.75

Control scripts. Allows the administrator to write a script that performs a set of specified operations on the user's PC. Scripts allow you to use AVZ in a corporate network, including its launch during system boot.

Process Analyzer. The analyzer uses neural networks and analysis firmware, it is enabled when advanced analysis is enabled at the maximum heuristic level and is designed to search for suspicious processes in memory.

AVZGuard system. Designed to fight against hard-to-remove malware, in addition to AVZ, it can protect user-specified applications, such as other anti-spyware and anti-virus programs.

Direct disk access system for working with locked files. Works on FAT16/FAT32/NTFS, is supported on all operating systems of the NT line, allows the scanner to analyze locked files and place them in quarantine.

AVZPM Process and Driver Monitoring Driver. Designed to track the start and stop of processes and loading / unloading drivers to search for masquerading drivers and detect distortions in the structures describing processes and drivers created by DKOM rootkits.

Boot Cleaner Driver. Designed to clean up the system (remove files, drivers and services, registry keys) from KernelMode. The cleaning operation can be performed both in the process of restarting the computer, and during the treatment.

Similar posts