Download the avz antivirus utility in Russian. Antivirus utility AVZ

Interface language: Russian English
Treatment: not required

System requirements :

Description :
AVZ - Free fast working anti-virus utility. Includes AVZ itself and additional utilities AVZGuard / AVZPM / BootCleaner.
Its main purpose is to detect and remove SpyWare and AdWare modules, as well as Dialer (Trojan.Dialer), Trojans, BackDoor modules, network and mail worms, TrojanSpy, TrojanDownloader, TrojanDropper.
In fact, AVZ is an analogue of the popular Ad-aware program (of course, with its own peculiarities).
Additional options include a heuristic system checker, built-in Rootkit detection, Winsock SPI / LSP settings analyzer, built-in process, service and driver manager, open TCP / UDP port analyzer, Keylogger and Trojan DLLs that work without signatures (an original neuroemulator is used, which allows you to study suspicious files using a neural network).

Additional Information:

Firmware for heuristic system check. Firmware searches for known SpyWare and viruses by indirect indications - based on the analysis of the registry, files on disk and in memory.
Updated database of safe files. It includes digital signatures of tens of thousands of system files and files of known safe processes. The base is connected to all AVZ systems and works on the "friend / foe" principle - safe files are not quarantined, deletion and warning messages are blocked for them, the database is used by an anti-rootkit, a file search system, and various analyzers. In particular, the built-in process manager highlights safe processes and services with color; searching for files on the disk can exclude known files from the search (which is very useful when searching for Trojans on the disk);
Built-in Rootkit detection system. The search for RootKit goes without using signatures based on the study of basic system libraries for intercepting their functions. AVZ can not only detect RootKit, but also correctly block the UserMode RootKit for its process and KernelMode RootKit at the system level. RootKit counteraction applies to all AVZ service functions, as a result, the AVZ scanner can detect masked processes, the search system in the registry "sees" masked keys, etc. The anti-rootkit is equipped with an analyzer that detects processes and services masked by RootKit. One of the main features of the RootKit countermeasure system, in my opinion, is its operability in Win9X (the widespread opinion about the absence of RootKit running on the Win9X platform is deeply mistaken - there are hundreds of Trojans known to intercept API functions to mask their presence, to distort the operation of API functions or monitor using them). Another feature is the KernelMode RootKit, a universal detection and blocking system that works under Windows NT, Windows 2000 pro / server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1
Keylogger and Trojan DLLs detector. The search for Keylogger and Trojan DLLs is carried out on the basis of system analysis without using a signature database, which makes it possible to reliably detect in advance unknown Trojan DLL and Keylogger;
Neuroanalyzer. In addition, the AVZ signature analyzer contains a neuroemulator that allows you to study suspicious files using a neural network. Currently, the neural network is used in the keylogger detector.
Built-in analyzer Winsock SPI / LSP settings. Allows you to analyze the settings, diagnose possible errors in the settings and make automatic treatment. The possibility of automatic diagnostics and treatment is useful for novice users (there is no automatic treatment in utilities such as LSPFix). To study SPI / LSP manually, the program has a special LSP / SPI settings manager. The Winsock SPI / LSP analyzer is covered by an anti-rootkit;
Built-in manager of processes, services and drivers. Designed to study running processes and loaded libraries, running services and drivers. The operation of the process manager is affected by the anti-rootkit (as a result, it "sees" the processes masked by the rootkit). The process manager is linked to the AVZ safe file database, the identified safe and system files are highlighted;
Built-in utility to find files on disk. It allows you to search for a file by various criteria, the capabilities of the search system are superior to those of the system search. The operation of the search system is affected by the anti-rootkit (as a result, the search "sees" files masked by the rootkit and can delete them), the filter allows excluding files recognized by AVZ as safe from the search results. Search results are available in the form of a text protocol and in the form of a table, in which you can mark a group of files for subsequent deletion or quarantine
Built-in utility for searching data in the registry. It allows you to search for keys and parameters according to a specified pattern, the search results are available in the form of a text protocol and in the form of a table, in which you can mark several keys for their export or deletion. The operation of the search system is affected by the anti-rootkit (as a result, the search "sees" the registry keys masked by the rootkit and can delete them)
Built-in analyzer for open TCP / UDP ports. It is subject to the anti-rootkit effect; in Windows XP, the process using the port is displayed for each port. The analyzer relies on an updated database of ports of known Trojan / Backdoor programs and known system services. Searching for ports of Trojans is included in the main system check algorithm - when suspicious ports are detected, warnings are displayed in the protocol indicating which Trojans tend to use this port
Built-in analyzer for shared resources, network sessions and open files over the network. Works in Win9X and Nt / W2K / XP.
Built-in analyzer Downloaded Program Files (DPF) - displays DPF elements, connected to all AVZ systems.
System recovery firmware. Firmware repairs Internet Explorer settings, application startup settings, and other system settings that are corrupted by malware. Recovery is started manually, the parameters to be restored are specified by the user.
Heuristic file deletion. Its essence lies in the fact that if during the treatment, malicious files were deleted and this option is enabled, then the system is automatically examined, covering classes, BHOs, IE and Explorer extensions, all types of autorun available AVZ, Winlogon, SPI / LSP, etc. ... All found links to a remote file are automatically cleaned up, and information is entered into the log about what exactly and where was cleaned up. For this cleaning, the system treatment microprogram engine is actively used;
Checking archives. Starting from version 3.60 AVZ supports scanning archives and compound files. Currently, archives in ZIP, RAR, CAB, GZIP, TAR formats are being checked; e-mails and MHT files; CHM archives
Checking and disinfecting NTFS streams. Checking NTFS streams is included in AVZ since version 3.75
Management scripts. Allows the administrator to write a script that performs a set of specified operations on the user's PC. Scripts allow using AVZ in a corporate network, including its launch during system boot.
Process analyzer. The analyzer uses neural networks and analysis firmware; it turns on when advanced analysis is enabled at the maximum level of heuristics and is designed to search for suspicious processes in memory.
AVZGuard system. Designed to combat hard-to-remove malicious programs, in addition to AVZ, it can protect user-specified applications, for example, other anti-spyware and antivirus programs.
Direct disk access system for working with locked files. Works on FAT16 / FAT32 / NTFS, is supported on all operating systems of the NT line, allows the scanner to analyze locked files and place them in quarantine.
Process monitoring driver and AVZPM drivers. Designed to track the start and stop of processes and load / unload drivers to find cloaked drivers and detect corruptions in the structures describing processes and drivers created by DKOM rootkits.
Boot Cleaner driver. Designed to perform system cleaning (removing files, drivers and services, registry keys) from KernelMode. The cleaning operation can be performed both during computer restart and during disinfection.

AVZ is a functional anti-virus utility that can remove spyware and trojans, as well as some other types of malicious codes. AVZ is not just an antivirus scanner - the program can also perform so-called heuristic analysis to detect viruses based on typical characteristics. Heuristic analysis can detect viruses even when they are not in the anti-virus databases.

One of the features of AVZ is the safe file database. This is not a signature base, it includes digital signatures of "clean" files. This database includes system files and files of known safe programs. The elimination method can analyze important system areas and remove all malware from these areas.

It should be noted separately that AVZ effectively fights one of the most dangerous types of viruses - Rootkit. The program analyzes the base system libraries and modules to determine the interception of their functions. The program can effectively block "rootkits", and also protects itself from the actions of such viruses.

Keyloggers, as a type of spyware, are also in the field of action of this antivirus. It quite confidently detects actions to install "hooks" and intercept keystrokes. Signature analysis is not used to find keyloggers.

Antivirus can also be used for in-depth analysis of processes. The built-in process manager displays all running processes, loaded libraries and services, which gives a clear picture of what is happening in the system. The anti-rootkit module is associated with this dispatcher and allows you to display hiding processes.

AVZ also has functions for working with the system registry, and network protocols. You can find ports that Trojans use to send reports.

Description:
AVZ- Free fast working anti-virus utility. Includes AVZ itself and additional utilities AVZGuard / AVZPM / BootCleaner.
Its main purpose is to detect and remove SpyWare and AdWare modules, as well as Dialer (Trojan.Dialer), Trojans, BackDoor modules, network and mail worms, TrojanSpy, TrojanDownloader, TrojanDropper.
In fact, AVZ is an analogue of the popular Ad-aware program (of course, with its own peculiarities).
Additional options include a heuristic system checker, built-in Rootkit detection, Winsock SPI / LSP settings analyzer, built-in process, service and driver manager, open TCP / UDP port analyzer, Keylogger and Trojan DLLs that work without signatures (an original neuroemulator is used, which allows you to study suspicious files using a neural network).

Features of the AVZ utility:
Firmware for heuristic system check. Firmware searches for known SpyWare and viruses by indirect indications - based on the analysis of the registry, files on disk and in memory.
Updated database of safe files. It includes digital signatures of tens of thousands of system files and files of known safe processes. The base is connected to all AVZ systems and works on the "friend / foe" principle - safe files are not quarantined, deletion and warning messages are blocked for them, the database is used by an anti-rootkit, a file search system, and various analyzers. In particular, the built-in process manager highlights safe processes and services with color; searching for files on the disk can exclude known files from the search (which is very useful when searching for Trojans on the disk);
Built-in Rootkit detection system. The search for RootKit goes without using signatures based on the study of basic system libraries for intercepting their functions. AVZ can not only detect RootKit, but also correctly block the UserMode RootKit for its process and KernelMode RootKit at the system level. RootKit counteraction applies to all AVZ service functions, as a result, the AVZ scanner can detect masked processes, the search system in the registry "sees" masked keys, etc. The anti-rootkit is equipped with an analyzer that detects processes and services masked by RootKit. One of the main features of the RootKit countermeasure system, in my opinion, is its operability in Win9X (the widespread opinion about the absence of RootKit running on the Win9X platform is deeply mistaken - there are hundreds of Trojans known to intercept API functions to mask their presence, to distort the operation of API functions or monitor using them). Another feature is the KernelMode RootKit, a universal detection and blocking system that works under Windows NT, Windows 2000 pro / server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1
Keylogger and Trojan DLLs detector. The search for Keylogger and Trojan DLLs is carried out on the basis of system analysis without using a signature database, which makes it possible to reliably detect in advance unknown Trojan DLL and Keylogger;
Neuroanalyzer. In addition, the AVZ signature analyzer contains a neuroemulator that allows you to study suspicious files using a neural network. Currently, the neural network is used in the keylogger detector.
Built-in analyzer Winsock SPI / LSP settings. Allows you to analyze the settings, diagnose possible errors in the settings and make automatic treatment. The possibility of automatic diagnostics and treatment is useful for novice users (there is no automatic treatment in utilities such as LSPFix). To study SPI / LSP manually, the program has a special LSP / SPI settings manager. The Winsock SPI / LSP analyzer is covered by an anti-rootkit;
Built-in manager of processes, services and drivers. Designed to study running processes and loaded libraries, running services and drivers. The operation of the process manager is affected by the anti-rootkit (as a result, it "sees" the processes masked by the rootkit). The process manager is linked to the AVZ safe file database, the identified safe and system files are highlighted;
Built-in utility to find files on disk. It allows you to search for a file by various criteria, the capabilities of the search system are superior to those of the system search. The operation of the search system is affected by the anti-rootkit (as a result, the search "sees" files masked by the rootkit and can delete them), the filter allows excluding files recognized by AVZ as safe from the search results. Search results are available in the form of a text protocol and in the form of a table, in which you can mark a group of files for subsequent deletion or quarantine
Built-in utility for searching data in the registry. It allows you to search for keys and parameters according to a specified pattern, the search results are available in the form of a text protocol and in the form of a table, in which you can mark several keys for their export or deletion. The operation of the search system is affected by the anti-rootkit (as a result, the search "sees" the registry keys masked by the rootkit and can delete them)
Built-in analyzer for open TCP / UDP ports. It is subject to the anti-rootkit effect; in Windows XP, the process using the port is displayed for each port. The analyzer relies on an updated database of ports of known Trojan / Backdoor programs and known system services. Searching for ports of Trojans is included in the main system check algorithm - when suspicious ports are detected, warnings are displayed in the protocol indicating which Trojans tend to use this port
Built-in analyzer for shared resources, network sessions and open files over the network. Works in Win9X and Nt / W2K / XP.
Built-in analyzer Downloaded Program Files (DPF) - displays DPF elements, connected to all AVZ systems.
System recovery firmware. Firmware repairs Internet Explorer settings, application startup settings, and other system settings that are corrupted by malware. Recovery is started manually, the parameters to be restored are specified by the user.
Heuristic file deletion. Its essence lies in the fact that if during the treatment, malicious files were deleted and this option is enabled, then the system is automatically examined, covering classes, BHOs, IE and Explorer extensions, all types of autorun available AVZ, Winlogon, SPI / LSP, etc. ... All found links to a remote file are automatically cleaned up, and information is entered into the log about what exactly and where was cleaned up. For this cleaning, the system treatment microprogram engine is actively used;
Checking archives. Starting from version 3.60 AVZ supports scanning archives and compound files. Currently, archives in ZIP, RAR, CAB, GZIP, TAR formats are being checked; e-mails and MHT files; CHM archives
Checking and disinfecting NTFS streams. Checking NTFS streams is included in AVZ since version 3.75
Management scripts. Allows the administrator to write a script that performs a set of specified operations on the user's PC. Scripts allow using AVZ in a corporate network, including its launch during system boot.
Process analyzer. The analyzer uses neural networks and analysis firmware; it turns on when advanced analysis is enabled at the maximum level of heuristics and is designed to search for suspicious processes in memory.
AVZGuard system. Designed to combat hard-to-remove malicious programs, in addition to AVZ, it can protect user-specified applications, for example, other anti-spyware and antivirus programs.
Direct disk access system for working with locked files. Works on FAT16 / FAT32 / NTFS, is supported on all operating systems of the NT line, allows the scanner to analyze locked files and place them in quarantine.
Process monitoring driver and AVZPM drivers. Designed to track the start and stop of processes and load / unload drivers to find cloaked drivers and detect corruptions in the structures describing processes and drivers created by DKOM rootkits.
Boot Cleaner driver. Designed to perform system cleaning (removing files, drivers and services, registry keys) from KernelMode. The cleaning operation can be performed both during computer restart and during disinfection.

Note:
In case of problems with automatic database updates, you can download an archive containing the entire current database - avzbase.zip (the archive is updated twice a day)

AVZ is an effective and popular antivirus program among users. AVZ has extensive functionality that allows you to detect and subsequently neutralize various dangerous elements. These include viruses, mail and network worms, rootkits, Trojans, and the like. The application contains a huge number of important tools to ensure guaranteed protection against viruses. It is also necessary to mark the base of safe updatable files.

Purpose of the free antivirus utility AVZ

The main purpose of the AVZ antivirus utility lies in the detection and removal of:

Dialer (Trojan.Dialer).

AdWare and SpyWare modules.

Trojan horses.

Mail and network worms.

BackDoor modules.

TrojanDropper, TrojanDownloader, TrojanSpy.

Key Features

Firmware that provides a heuristic system check... The operation of the firmware is based on the search for known viruses and SpyWare by the available indirect indicators - based on the analysis of files, the registry in memory and on disk.

Updated database of system and safe files... This database includes digital signatures of thousands of safe process files and system files. The base connects to each of the systems of the AVZ antivirus utility, and its functioning is carried out according to the principle of "friend or foe" - safe files are not quarantined, warnings and deletion are blocked for them, the base is used by an anti-rootkit, various analyzers, and a file search system. The built-in process manager, in particular, makes the selection of safe services and processes in a certain color, and the file search can use the exclusion of known files from the search (which is very important and useful when searching for Trojans on disk).

Built-in Rootkit Locator... RootKit detection is carried out based on the study of the main system libraries for the possibility of intercepting their functions without using signatures. The antivirus utility is able to detect not only RootKit, but also correctly block UserMode RootKit actions in its process, as well as KernelMode RootKit at the system level. The RootKit countermeasure function is available in all AVZ service functions, the AVZ scanner, as a result, is able to detect masked processes, and in the registry the search system easily finds masked keys and the like.

The anti-rootkit is equipped with an analyzer that searches for services and processes where RootKit is masked. One of the main features of the AVZ system of the anti-RootKit utility lies in its performance in Win9X (many rootkits work in Win9X systems, intercepting API functions to disguise themselves). The next feature of AVZ will be a universal system for finding and blocking KernelMode RootKit.

Keylogger and Trojan DLL Detector... The search for Trojan DLLs and Keylogger keyloggers is performed without using a signature database based on system analysis, which allows you to very confidently detect unknown Keylogger and Trojan DLLs.

Neuroanalyzer... AVZ for Windows, in addition to a signature analyzer, includes a neuro-emulator that can analyze suspicious files using a neural network. Today, the neural network is effectively used in the keylogger detector.

Winsock SPI / LSP Settings Analyzer... The built-in Winsock analyzer makes it possible to analyze the settings, diagnose possible errors in the settings, and then perform automatic treatment. The possibility of automatic diagnostics and subsequent treatment will be extremely useful for novice and inexperienced users (there is no automatic treatment in programs like LSPFix). For manual inspection of SPI / LSP, the utility operates a specialized manager of LSP / SPI settings. And on Winsock, an anti-rootkit action is performed that stops the malicious code from working.

Built-in manager of services, processes and drivers... The provided built-in dispatcher is intended for examining loaded libraries, running processes, drivers and services. The operation of the process manager is also affected by the anti-rootkit (as a result, it can “see” the processes that are masked by the rootkit). The process manager has a close relationship with the safe files database of the AVZ utility, recognized system and safe files are highlighted in a special color;

Built-in utility to search for files on disk... This utility allows you to search for files according to a variety of criteria, while the capabilities of the search system are an order of magnitude higher than those of the system search. The anti-rootkit also extends to the search system, thanks to which the search quickly detects files masked by the rootkit and can delete them. At the same time, files identified as safe can be filtered out using a filter that excludes these files from search results. Search results can be available in the form of a table or in the form of a text protocol, where you can mark the listed files for quarantine or subsequent deletion.

Built-in utility for finding data in the registry... This utility allows you to search for parameters and keys according to a given pattern, the results obtained will be available in the form of a table or in the form of a text protocol, where you can immediately mark a group of keys for deleting or exporting them. Anti-rootkit quickly detects files masked by a rootkit and can easily remove them.

TCP / UDP Open Port Analyzer... It is also protected by an anti-rootkit, Windows XP even displays the process that uses it for each port. The analyzer is based on a timely updated database of ports of known system services and Trojan / Backdoor programs. Port scanning for Trojan pests is included in the basic system scan algorithm - if suspicious ports are detected, a warning is indicated in the protocol indicating which Trojans are capable of using this port for malicious purposes.

Analyzer of network sessions, shared resources of open files over the network... It works in Nt / W2K / XP and Win9X.

DPF Analyzer (Downloaded Program Files)- shows DPF elements, has connection to AVZ systems.

Heuristic file deletion... If this option is enabled and dangerous files were deleted during disinfection, then an automatic system investigation is performed, which includes IE extensions, classes, BHO, Winlogon, types of autoruns, and the like. The detected links to a dangerous file are cleaned up, and this is noted in the protocol. For cleaning, the system's treatment microprograms are actively used.

System recovery firmware... They restore the settings for startup settings, Internet Explorer, and other settings that are damaged by malware. The recovery can be started manually, the user specifies the parameters to be restored.

Checking archives... From version 3.60 AVZ archives and components are checked. TAR, GZIP, RAR, ZIP archives are being checked; MHT files and CHM emails; archives.

Control scripts... The administrator can write a script that will perform a set of specified operations on the user's PC. Such scripts are convenient to use on a corporate network.

Checking and disinfecting NTFS stream.

Process analyzer... Applies microprograms of analysis and neural networks. Used for advanced analysis, designed to find suspicious processes in memory.

AVZGuard function... Provides the fight against hard-to-remove dangerous programs, it is also capable of protecting applications that the user specifies.

Boot Cleaner Driver... Used to clean the system (registry keys, drivers, files) from KernelMode.

Process monitoring driver, as well as AVZPM drivers... Used to track startup, load / unload drivers, stop processes to find cloaked drivers and find changes in driver structures that create DKOM rootkits.

Direct access function for working with locked files... Allows the scanner to analyze blocked files and send them to quarantine.

Antivirus utility AVZ is designed to identify and remove SpyWare and AdWare programs from the system, as well as:

• Dialer (Trojan.Dialer)
• Trojan horses
• Network and mail worms
• TrojanSpy, TrojanDownloader, TrojanDropper
• BackDoor modules

The utility is analogous to TrojanHunter and LavaSoft Ad-aware 6. The main task of the program is to remove SpyWare and Trojans.

The features of the AVZ utility (except for the signature scanner) are:

• Firmware for heuristic system check. The firmware searches for known SpyWare and viruses by analyzing the registry, files on disk, and in memory.
• Updated database of safe files. It includes digital signatures of tens of thousands of system files and files of known safe processes.
• Built-in Rootkit detection system.
• Keylogger and Trojan DLLs detector.
• Neuroanalyzer. In addition, the AVZ signature analyzer contains a neuroemulator that allows you to study suspicious files using a neural network.
• Built-in analyzer Winsock SPI / LSP settings.
• Built-in manager of processes, services and drivers.
• Built-in utility to find files on disk. It allows you to search for a file by various criteria, the capabilities of the search system are superior to those of the system search.
• Built-in utility for searching data in the registry. It allows you to search for keys and parameters according to a specified pattern, the search results are available in the form of a text protocol and in the form of a table, in which you can mark several keys for their export or deletion.
• Built-in analyzer for open TCP / UDP ports.
• Built-in analyzer for shared resources, network sessions and open files over the network. Works in Win9X and Nt / W2K / XP.
• System recovery firmware. Firmware repairs Internet Explorer settings, startup settings, and other system settings that are corrupted by malware
• Heuristic file deletion.
• Checking archives.
• Checking and disinfecting NTFS streams.
• AVZGuard system.
• Boot Cleaner driver.
• Process monitoring driver and AVZPM drivers.
• Process analyzer.

Changes in the Antivirus utility AVZ 4.46 (02/29/2016):

• Improvements and modifications for compatibility with Windows 10