home » Health and beauty » Antivirus utility avz 4.45. Antivirus utility AVZ

Antivirus utility avz 4.45. Antivirus utility AVZ

Report error


  • Broken download link File does not match description Other
    • send a message

    AVZ is Zaitsev's antivirus designed to detect and remove AdWare and SpyWare programs. In addition, the application copes with email worms, rootkits and Trojans. The utility resembles TrojanHunter in functionality, but surpasses it in efficiency.

    Hare Anti-Virus scans the system for dangerous files. The utility uses heuristic analysis for monitoring. If it detects potentially dangerous files, the "defender" sends them to quarantine.

    Antivirus software is installed on any computer. As for the operating system, the utility can work on both Windows 98 and Windows 10. The only limitation is that technologies such as AVZPM and AVZGuard do not work on earlier versions.

    Key features

    • System monitoring for malware;
    • Heuristic analysis;
    • Scanning devices connected to USB ports;
    • Detection of system vulnerabilities;
    • Search and neutralization of spies that remember passwords typed by the user;
    • Elimination of mail and network worms;
    • Fight against Trojans;
    • Scanning TCP / UDP ports;
    • Analysis of running processes;
    • Database update;
    • Scanning the registry;
    • Quarantining files.

    Benefits

    AVZ antivirus copes well with viruses, but this is not its only advantage. The application is capable of repairing a damaged disk after some malware activity. Using the utility, users can "enter" the locked disk partitions.

    Another advantage is the absence of conflict with other antiviruses. At the same time, programs are able to work in "symbiosis", that is, popular antiviruses begin to find even those viruses that have not been detected before. AVZ serves as a kind of catalyst for them.

    Antivirus utility AVZ is distributed free of charge. She doesn't have any "PRO" versions. It is enough to download the program once and you can use it an unlimited number of times.

    AVZ antivirus does not need to be installed. It is enough to download the utility and then unpack it. If you scan your system every day, you can quickly deal with new spies that have infiltrated your system.

    An intuitive interface is an advantage for many users. In addition, the avz anti-virus utility is distributed in Russian. Thanks to this, even a beginner can cope with the management and configuration.

    The neuroanalyzer deserves special attention. The utility has not only a database for searching for viruses, but also a neuroemulator. Having found a suspicious file, the utility places it in the neural network for conducting research activities.

    Thanks to the system recovery firmware, it is possible to reset Internet Explorer settings as well as system parameters. It should be noted that the recovery process must be started manually. In this case, you must first set the parameters.

    AVZGuard system allows you to cope with stubborn applications. In addition, after configuration, you can specify the programs that need to be protected. It is best to add other anti-virus software to the database.

    disadvantages

    The AVZ scanner program does not cope well with viruses packed in archives. This means that at the moment of downloading the zipped file from the Internet, the "defender" is unable to detect most of the Trojans.

    Sometimes the application tries to delete files important for the system, as it considers them to be infected. It is best to look independently, everything that the antivirus found.

    Another significant drawback is that AVZ for Windows 7 is not able to cope with emerging threats in real time.

    Changes in the new version

    With the release of the new version, the antivirus scanner has undergone some changes. The main modifications include:

    • Expansion of LAN diagnostics;
    • Working with archives has been changed;
    • Added parser function for filenames;
    • The ability to remove Google policies;
    • When an error is found, it moves to the line with the problem;
    • Fixed some functions of the script;
    • The error of process detection on 64-bit systems has been eliminated;
    • The work of the quarantine has been revised;
    • Changed the principle of work on Windows 10.

    In addition to the main modifications, minor changes were made regarding the principle of the program, which are not perceptible to the user.

    How to download the utility

    Having figured out what AVZ is and what it is needed for, you can proceed to downloading the application. First you need to go to the official Internet resource of the developer Oleg Zaitsev. In the browser, you must enter the address "z-oleg.com".

    When the website loads, you need to find "AVZ" in the navigation bar. After that, select "Download / Download" in the menu that opens.

    Running the program

    After you get AVZ to download for free, you can start unpacking it. To do this, you need to right-click on the archive, and then select "Extract to avz4".

    When the antivirus is unzipped, you need to enter the folder and then run the exe file.

    When the utility starts, the user can select the storage medium to be checked. In addition, you can customize the types of files that the antivirus will view. And one more important point is the item "Search parameters".

    After configuring the scanner, you must click "Start". When the scan starts, the monitoring results can be seen in the "Protocol" field. Scanning usually takes less than 10 minutes.

    In addition to regular scanning, users can take advantage of additional features. To do this, click on the "Service" menu item.

    Each menu item performs its own function. The most popular features include:

    • Process manager;
    • Service and Driver Manager;
    • Startup manager;
    • System utilities.

    Thanks to the available functionality, professionals quickly cope with viruses and problems that have arisen on the computer.

    Conclusion

    The antivirus utility does an excellent job with the tasks. In addition, you can download the application for free. The scanner can be carried on a USB flash drive, which means it can be used to scan any computers, even those not connected to the Internet.

    Zaitsev's anti-virus (developer site z-oleg.com), or AVZ program, is aimed at a qualified user. It contains tools that allow you to identify a virus that is not in the anti-virus database. It turns out that many antiviruses will not cope with the viruses that AVZ can neutralize.

    Zaitsev's antivirus is focused more on network viruses and allows you to remove Trojans that cannot be removed by other antiviruses. In some cases, this utility is more useful than Kaspersky Anti-Virus. By the way, we can say that KAV and AVZ are relatives. The AVZ program was developed by Oleg Zaitsev, but later it was bought out by Kaspersky Lab, although Zaitsev continues to develop and support it, and some AVZ solutions migrated to KIS.

    Let's see why the AVZ utility is interesting? First of all, AVZ, unlike other antiviruses, can run in safe mode, and it is in safe mode that it is easiest to track down a virus.

    Also, unlike most antiviruses, AVZ does not require installation. The utility can be run from a flash drive and in safe mode, which generally makes AVZ an indispensable scanner.

    But these are far from all AVZ functions. Although AVZ has a heuristic analyzer that allows you to detect malicious programs without using any anti-virus database, AVZ has an anti-virus database. Moreover, it is quite large and frequently updated. In addition, AVZ has a database of safe files. This database contains digital signatures of a huge number of system files and secure processes. If the digital signature of a process differs from the signature in the database, then the file has been modified (possibly by a virus).

    The built-in process dispatcher (command Service \u003d\u003e Process Manager) uses the Safe File Database when listing processes. If the process name is displayed in red, then the executable file of the process has been changed. Perhaps the virus "tried". Or perhaps the process was simply updated by the system. Try to update the databases first (command File \u003d\u003e Update databases), and then open the process manager again - if the process is again "red", it is likely that it has been modified by a virus.

    Using the command Service \u003d\u003e Check file against secure files database, you can check a selected file separately. The program also allows you to check a file against the Microsoft security directory: for this, use the Tools \u003d\u003e Check file authenticity using Microsoft security directory.

    AVZ antivirus does an excellent job of detecting rootkits. A rootkit is a program or set of programs designed to hide the traces of an attacker or malware on a system. AVZ can not only find, but also block rootkits. However, there are also limitations. The program can block user-mode rootkits and can only detect kernel-mode rootkits. While the program is able to detect kernel-level rootkits in the following operating systems: Windows NT, Windows 2000 pro / server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1 (information from the developer's website, z-oleg.com/secur / avz /).

    Special attention should be paid to the heuristic analyzer, which allows you to identify viruses and malicious programs by indirect indications by analyzing the file system, registry and monitoring program actions. If you want to use the analyzer, enable the Heuristic check box on the Search scope tab.

    The built-in dispatcher of processes, services and drivers allows you to get information about running processes, services and loaded drivers. This is a purely informational utility. As noted, this manager is associated with the Safe Files Database. All unsafe processes will be marked in red in the manager list. To start only the Process Manager, select the Service \u003d\u003e Process Manager command, and to start the Service and Driver Manager, select the Service \u003d\u003e Service and Driver Manager command.

    The AVZ program contains a neuroanalyzer that allows you to detect a virus using a neural network. The neuroanalyzer is successfully used to detect keyloggers and Trojan libraries (and these programs can be used to intercept everything that the user enters from the keyboard and transmit this information to a third party - an attacker). You can start the Trojan Library detector using the Tools \u003d\u003e Embedded DLL Manager command.

    Like any other antivirus, AVZ can quarantine suspicious objects - this is a special directory on the hard drive. For AVZ to quarantine suspicious objects, select the Copy suspicious objects to quarantine checkbox on the Search scope tab. And you can view the objects that are currently in quarantine using the File \u003d\u003e View Quarantine command.

      For novice users, two wizards will certainly come in handy:
    • troubleshooting Wizard - allows you to find problems in the system configuration, invoked by the command File \u003d\u003e Troubleshooting Wizard;
    • winsock SPI / LSP settings analyzer - analyzes possible errors in the Winsock SPI / LSP settings, is called by the Service \u003d\u003e Winsock SPI Manager command.

    Among other things, AVZ allows you to view open TCP / UDP ports. This can be done using the menu command Tools \u003d\u003e Open TCP / UDP Ports. The Open Port Analyzer uses a database of known ports that are commonly used by Trojans and other malware. The analyzer will also help you find suspicious ports that are not in the database of known ports.

    The AVZGuard system is used to combat viruses that are very difficult to detect. AVZGuard can block access to critical system objects and protect it from a virus. True, working with AVZGuard protection enabled is completely inconvenient. You can enable and disable protection using the AVZGuard menu commands.

    AVZ has a lot of functions, and, of course, we will not consider all of them.

      Here are a few features that deserve attention:
    • Advanced utilities for finding files on the disk and for searching the registry. Called by the commands Service \u003d\u003e Find files on disk and Service \u003d\u003e Find data in the registry, respectively. When searching for files on a disk, you can exclude safe files, and files marked as unsafe can be quarantined for analysis. The registry search utility can "see" the registry keys "masked" by the rootkit, ie. Keys hidden from the user by the malware.
    • The program is able to check and treat NTFS streams, and not all full-fledged antiviruses can do this.
    • BootCleaner, which removes malicious files, drivers, services and registry keys.
    • The program can directly access the disk to gain access to files locked by other processes. Direct Disk Access works with FAT (16/32) and NTFS file systems.
    • Advanced process monitoring driver AVZPM (command AVZPM \u003d\u003e Install advanced process monitoring driver), used to start and stop processes, as well as to load and unload drivers.
    • Support for archives in ZIP, RAR, CAB, GZIP, MHT, CHM formats, as well as support for postal formats.
    • Analyzer of downloaded program files, which can be launched using the command Service \u003d\u003e Manager Downloaded Program Files.

    As noted earlier, after downloading the archive with the program, simply unpack it to your hard drive and select the File \u003d\u003e Database update command. It is clear that the Internet connection must be active - then the anti-virus databases of the program will be updated. Then click on the Start button to start scanning the system.

    Antivirus utility AVZ designed to detect and remove:

    • SpyWare and AdWare modules are the main purpose of the utility
    • Dialer (Trojan.Dialer)
    • Trojan horses
    • BackDoor modules
    • Network and mail worms
    • TrojanSpy, TrojanDownloader, TrojanDropper

    The main features of the AVZ utility (in addition to the typical signature scanner)

    System Heuristic Firmware... Firmware searches for known SpyWare and viruses by indirect indications - based on the analysis of the registry, files on disk and in memory.

    Updated database of safe files... It includes digital signatures of tens of thousands of system files and files of known safe processes. The base is connected to all AVZ systems and works on the "friend / foe" principle - safe files are not quarantined, deletion and warning messages are blocked for them, the database is used by an anti-rootkit, a file search system, and various analyzers. In particular, the built-in process manager highlights safe processes and services with color, searching for files on the disk can exclude known files from the search (which is very useful when searching for Trojans on the disk);

    Built-in Rootkit detection system... The search for RootKit goes without using signatures based on the study of the basic system libraries for intercepting their functions. AVZ can not only detect RootKit, but also correctly block the UserMode RootKit for its process and KernelMode RootKit at the system level. RootKit counteraction extends to all AVZ service functions, as a result, the AVZ scanner can detect masked processes, the search system in the registry "sees" masked keys, etc. The anti-rootkit is equipped with an analyzer that detects processes and services masked by RootKit. One of the main features of the RootKit countermeasure system, in my opinion, is its operability in Win9X (the widespread opinion about the absence of RootKit running on the Win9X platform is deeply mistaken - there are hundreds of Trojans known to intercept API functions to disguise their presence, to distort the operation of API functions or to monitor using them). Another feature is the KernelMode RootKit, a universal detection and blocking system that works under Windows NT, Windows 2000 pro / server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1

    Keylogger and Trojan DLLs Detector... The search for Keylogger and Trojan DLLs is carried out on the basis of system analysis without using a signature database, which makes it possible to reliably detect in advance unknown Trojan DLLs and Keyloggers;

    Neuroanalyzer... The AVZ signature analyzer contains a neuro-emulator that allows you to study suspicious files using a neural network. Currently, the neural network is used in the keylogger detector.

    Built-in analyzer Winsock SPI / LSP settings... Allows you to analyze the settings, diagnose possible errors in the settings and make automatic treatment. The possibility of automatic diagnostics and treatment is useful for novice users (there is no automatic treatment in utilities like LSPFix). To study SPI / LSP manually, the program has a special LSP / SPI settings manager. The Winsock SPI / LSP analyzer is covered by an anti-rootkit;

    Built-in manager of processes, services and drivers... Designed to study running processes and loaded libraries, running services and drivers. The operation of the process manager is affected by the anti-rootkit (as a result, it "sees" processes masked by the rootkit). The process manager is linked to the AVZ safe file database, the identified safe and system files are highlighted;

    Built-in utility to find files on disk... It allows you to search for a file by various criteria, the capabilities of the search system are superior to those of the system search. The operation of the search system is affected by the anti-rootkit (as a result, the search "sees" files masked by the rootkit and can delete them), the filter allows you to exclude from the search results files recognized by AVZ as safe. The search results are available in the form of a text protocol and in the form of a table, in which you can mark a group of files for later deletion or quarantine

    Built-in utility for searching data in the registry... It allows you to search for keys and parameters according to a given pattern, the search results are available in the form of a text protocol and in the form of a table, in which you can mark several keys for their export or deletion. The search system is affected by the anti-rootkit (as a result, the search "sees" the registry keys masked by the rootkit and can delete them)

    Built-in TCP / UDP open port analyzer... It is subject to the anti-rootkit effect; in Windows XP, the process using the port is displayed for each port. The analyzer relies on an updatable database of ports of known Trojan / Backdoor programs and known system services. Searching for ports of Trojans is included in the main system check algorithm - when suspicious ports are detected, warnings are displayed in the protocol indicating which Trojans tend to use this port

    Built-in analyzer for shared resources, network sessions and open files on the network... Works in Win9X and Nt / W2K / XP.

    Built-in Downloaded Program Files (DPF) analyzer - Displays DPF elements, connected to all AVZ systems.

    System recovery firmware... Firmware repairs Internet Explorer settings, startup settings, and other system settings that are corrupted by malware. Recovery is started manually, the parameters to be restored are specified by the user.

    Heuristic file deletion... Its essence is that if during the treatment, malicious files were deleted and this option is enabled, then the system is automatically examined, covering classes, BHO, IE and Explorer extensions, all available AVZ types of autorun, Winlogon, SPI / LSP, etc. ... All found links to a remote file are automatically cleaned up, and information is entered into the log about what exactly and where was cleaned up. For this cleaning, the system treatment firmware engine is actively used;

    Checking archives... Starting from version 3.60 AVZ supports scanning archives and compound files. Currently, archives in ZIP, RAR, CAB, GZIP, TAR formats are being checked; e-mails and MHT files; CHM archives

    Checking and disinfecting NTFS streams... Checking NTFS streams is included in AVZ since version 3.75

    Control scripts... Allows the administrator to write a script that performs a set of specified operations on the user's PC. Scripts allow using AVZ in a corporate network, including its launch during system boot.

    Process analyzer... The analyzer uses neural networks and analysis firmware; it turns on when advanced analysis is enabled at the maximum heuristic level and is designed to search for suspicious processes in memory.

    AVZGuard system... Designed to combat hard-to-remove malicious programs, in addition to AVZ, it can protect user-specified applications, for example, other anti-spyware and antivirus programs.

    Direct disk access system for working with locked files... Works on FAT16 / FAT32 / NTFS, is supported on all operating systems of the NT line, allows the scanner to analyze locked files and place them in quarantine.

    Process monitoring driver and AVZPM drivers... Designed to track the start and stop of processes and load / unload drivers to search for cloaked drivers and detect corruptions in the structures describing processes and drivers created by DKOM rootkits.

    Boot Cleaner Driver... Designed to perform system cleaning (removing files, drivers and services, registry keys) from KernelMode. The cleaning operation can be performed both during computer restart and during disinfection.


    Software version: 4.46
    Interface language: Russian, English
    Treatment: not required
    System requirements: windows 10, 8.1, 8, 7, vista, xp

    Description: AVZ - Free fast anti-virus utility. Includes AVZ itself and additional utilities AVZGuard / AVZPM / BootCleaner.
    Its main purpose is to detect and remove SpyWare and AdWare modules, as well as Dialer (Trojan.Dialer), Trojans, BackDoor modules, network and mail worms, TrojanSpy, TrojanDownloader, TrojanDropper.
    In fact, AVZ is an analogue of the popular Ad-aware program (of course, with its own peculiarities).
    Additional options include a heuristic system checker, built-in Rootkit detection, Winsock SPI / LSP settings analyzer, built-in process, service and driver manager, open TCP / UDP port analyzer, Keylogger and Trojan DLLs that work without signatures (an original neuroemulator is used, which allows you to study suspicious files using a neural network).

    Help for working with the program http://z-oleg.com/secur/avz_doc/

    Additional Information:

    Heuristic system scan firmware. Firmware searches for known SpyWare and viruses by indirect indications - based on the analysis of the registry, files on disk and in memory.
    Updated database of safe files. It includes digital signatures of tens of thousands of system files and files of known safe processes. The base is connected to all AVZ systems and works on the "friend / foe" principle - safe files are not quarantined, deletion and warning messages are blocked for them, the database is used by an anti-rootkit, a file search system, and various analyzers. In particular, the built-in process manager highlights safe processes and services with color; searching for files on the disk can exclude known files from the search (which is very useful when searching for Trojans on the disk);
    Built-in Rootkit detection system. The search for RootKit goes without using signatures based on the study of basic system libraries for intercepting their functions. AVZ can not only detect RootKit, but also correctly block the UserMode RootKit for its process and KernelMode RootKit at the system level. RootKit counteraction applies to all AVZ service functions, as a result, the AVZ scanner can detect masked processes, the search system in the registry "sees" masked keys, etc. The anti-rootkit is equipped with an analyzer that detects processes and services masked by RootKit. One of the main features of the RootKit countermeasure system, in my opinion, is its performance in Win9X (the widespread opinion about the absence of RootKit running on the Win9X platform is deeply mistaken - there are hundreds of Trojans known to intercept API functions to mask their presence, to distort the operation of API functions or to monitor using them). Another feature is the KernelMode RootKit, a universal detection and blocking system that works under Windows NT, Windows 2000 pro / server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1
    Keylogger and Trojan DLLs detector. The search for Keylogger and Trojan DLLs is carried out on the basis of system analysis without using a signature database, which makes it possible to reliably detect in advance unknown Trojan DLL and Keylogger;
    Neuroanalyzer. The AVZ signature analyzer contains a neuro-emulator that allows you to study suspicious files using a neural network. Currently, the neural network is used in the keylogger detector.
    Built-in analyzer Winsock SPI / LSP settings. Allows you to analyze the settings, diagnose possible errors in the settings and make automatic treatment. The possibility of automatic diagnostics and treatment is useful for novice users (there is no automatic treatment in utilities like LSPFix). To study SPI / LSP manually, the program has a special LSP / SPI settings manager. The Winsock SPI / LSP analyzer is covered by an anti-rootkit;
    Built-in manager of processes, services and drivers. Designed to study running processes and loaded libraries, running services and drivers. The operation of the process manager is affected by the anti-rootkit (as a result, it "sees" the processes masked by the rootkit). The process manager is linked to the AVZ safe file database, the identified safe and system files are highlighted;
    Built-in utility to find files on the disk. It allows you to search for a file by various criteria, the capabilities of the search system are superior to those of the system search. The operation of the search system is affected by the anti-rootkit (as a result, the search "sees" the files masked by the rootkit and can delete them), the filter allows you to exclude files recognized by AVZ as safe from the search results. Search results are available in the form of a text protocol and in the form of a table, where you can mark a group of files for later deletion or quarantine
    Built-in utility for searching data in the registry. It allows you to search for keys and parameters according to a given pattern, the search results are available in the form of a text protocol and in the form of a table, in which you can mark several keys for their export or deletion. The search system is affected by the anti-rootkit (as a result, the search "sees" the registry keys masked by the rootkit and can delete them)
    Built-in analyzer for open TCP / UDP ports. It is subject to the anti-rootkit effect; in Windows XP, the process using the port is displayed for each port. The analyzer relies on an updated database of ports of known Trojan / Backdoor programs and known system services. Searching for ports of Trojans is included in the main system check algorithm - when suspicious ports are detected, warnings are displayed in the protocol indicating which Trojans tend to use this port
    Built-in analyzer for shared resources, network sessions and files opened over the network. Works in Win9X and Nt / W2K / XP.
    Built-in analyzer Downloaded Program Files (DPF) - displays DPF elements, connected to all AVZ systems.
    System recovery firmware. Firmware repairs Internet Explorer settings, startup settings, and other system settings that are corrupted by malware. Recovery is started manually, the parameters to be restored are specified by the user.
    Heuristic file deletion. Its essence is that if during the treatment, malicious files were deleted and this option is enabled, then the system is automatically examined, covering classes, BHO, IE and Explorer extensions, all available AVZ types of autorun, Winlogon, SPI / LSP, etc. ... All found links to a remote file are automatically cleaned up, and information is entered into the log about what exactly and where was cleaned up. For this cleaning, the system treatment firmware engine is actively used;
    Checking archives. Starting from version 3.60 AVZ supports scanning archives and compound files. Currently, archives in ZIP, RAR, CAB, GZIP, TAR formats are being checked; e-mails and MHT files; CHM archives
    Checking and disinfecting NTFS streams. Checking NTFS streams is included in AVZ since version 3.75
    Management scripts. Allows the administrator to write a script that performs a set of specified operations on the user's PC. Scripts allow using AVZ in a corporate network, including its launch during system boot.
    Process analyzer. The analyzer uses neural networks and analysis firmware; it turns on when advanced analysis is enabled at the maximum heuristic level and is designed to search for suspicious processes in memory.
    AVZGuard system. Designed to combat hard-to-remove malicious programs, in addition to AVZ, it can protect user-specified applications, for example, other anti-spyware and antivirus programs.
    Direct disk access system for working with locked files. Works on FAT16 / FAT32 / NTFS, is supported on all operating systems of the NT line, allows the scanner to analyze locked files and place them in quarantine.
    Process monitoring driver and AVZPM drivers. Designed to track the start and stop of processes and load / unload drivers to search for cloaked drivers and detect corruption in the structures describing processes and drivers created by DKOM rootkits.
    Boot Cleaner driver. Designed to perform system cleaning (removing files, drivers and services, registry keys) from KernelMode. The cleaning operation can be performed both during computer restart and during disinfection.
    changelog 4.46: Improvements and modifications for compatibility with Windows 10

    Download torrent


    Interface language: Russian English
    Treatment: not required

    System requirements :

    Description :
    AVZ - Free fast working anti-virus utility. Includes AVZ itself and additional utilities AVZGuard / AVZPM / BootCleaner.
    Its main purpose is to detect and remove SpyWare and AdWare modules, as well as Dialer (Trojan.Dialer), Trojans, BackDoor modules, network and mail worms, TrojanSpy, TrojanDownloader, TrojanDropper.
    In fact, AVZ is an analogue of the popular Ad-aware program (of course, with its own peculiarities).
    Additional options include a heuristic system scan, built-in Rootkit detection, Winsock SPI / LSP settings analyzer, built-in process, service and driver manager, open TCP / UDP port analyzer, Keylogger and Trojan DLLs that work without signatures (an original neural emulator is used, which allows you to study suspicious files using a neural network).

    Additional Information:

    Heuristic system scan firmware. Firmware searches for known SpyWare and viruses by indirect indications - based on the analysis of the registry, files on disk and in memory.
    Updated database of safe files. It includes digital signatures of tens of thousands of system files and files of known safe processes. The base is connected to all AVZ systems and works on the "friend / foe" principle - safe files are not quarantined, deletion and warning messages are blocked for them, the database is used by an anti-rootkit, a file search system, and various analyzers. In particular, the built-in process manager highlights safe processes and services with color; searching for files on the disk can exclude known files from the search (which is very useful when searching for Trojans on the disk);
    Built-in Rootkit detection system. The search for RootKit goes without using signatures based on the study of basic system libraries for intercepting their functions. AVZ can not only detect RootKit, but also correctly block the UserMode RootKit for its process and KernelMode RootKit at the system level. RootKit counteraction applies to all AVZ service functions, as a result, the AVZ scanner can detect masked processes, the search system in the registry "sees" masked keys, etc. The anti-rootkit is equipped with an analyzer that detects processes and services masked by RootKit. One of the main features of the RootKit countermeasure system, in my opinion, is its performance in Win9X (the widespread opinion about the absence of RootKit running on the Win9X platform is deeply mistaken - there are hundreds of Trojans known to intercept API functions to mask their presence, to distort the operation of API functions or to monitor using them). Another feature is the KernelMode RootKit, a universal detection and blocking system that works under Windows NT, Windows 2000 pro / server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1
    Keylogger and Trojan DLLs detector. The search for Keylogger and Trojan DLLs is carried out on the basis of system analysis without using a signature database, which makes it possible to reliably detect in advance unknown Trojan DLL and Keylogger;
    Neuroanalyzer. The AVZ signature analyzer contains a neuro-emulator that allows you to study suspicious files using a neural network. Currently, the neural network is used in the keylogger detector.
    Built-in analyzer Winsock SPI / LSP settings. Allows you to analyze the settings, diagnose possible errors in the settings and make automatic treatment. The possibility of automatic diagnostics and treatment is useful for novice users (there is no automatic treatment in utilities like LSPFix). To study SPI / LSP manually, the program has a special LSP / SPI settings manager. The Winsock SPI / LSP analyzer is covered by an anti-rootkit;
    Built-in manager of processes, services and drivers. Designed to study running processes and loaded libraries, running services and drivers. The operation of the process manager is affected by the anti-rootkit (as a result, it "sees" the processes masked by the rootkit). The process manager is linked to the AVZ safe file database, the identified safe and system files are highlighted;
    Built-in utility to find files on the disk. It allows you to search for a file by various criteria, the capabilities of the search system are superior to those of the system search. The operation of the search system is affected by the anti-rootkit (as a result, the search "sees" the files masked by the rootkit and can delete them), the filter allows you to exclude files recognized by AVZ as safe from the search results. Search results are available in the form of a text protocol and in the form of a table, where you can mark a group of files for later deletion or quarantine
    Built-in utility for searching data in the registry. It allows you to search for keys and parameters according to a given pattern, the search results are available in the form of a text protocol and in the form of a table, in which you can mark several keys for their export or deletion. The search system is affected by the anti-rootkit (as a result, the search "sees" the registry keys masked by the rootkit and can delete them)
    Built-in analyzer for open TCP / UDP ports. It is subject to the anti-rootkit effect; in Windows XP, the process using the port is displayed for each port. The analyzer relies on an updated database of ports of known Trojan / Backdoor programs and known system services. Searching for ports of Trojans is included in the main system check algorithm - when suspicious ports are detected, warnings are displayed in the protocol indicating which Trojans tend to use this port
    Built-in analyzer for shared resources, network sessions and files opened over the network. Works in Win9X and Nt / W2K / XP.
    Built-in Downloaded Program Files (DPF) analyzer - displays DPF elements, connected to all AVZ systems.
    System recovery firmware. Firmware repairs Internet Explorer settings, startup settings, and other system settings that are corrupted by malware. Recovery is started manually, the parameters to be restored are specified by the user.
    Heuristic file deletion. Its essence is that if during the treatment, malicious files were deleted and this option is enabled, then the system is automatically examined, covering classes, BHO, IE and Explorer extensions, all available AVZ types of autorun, Winlogon, SPI / LSP, etc. ... All found links to a remote file are automatically cleaned up, and information is entered into the log about what exactly and where was cleaned up. For this cleaning, the system treatment firmware engine is actively used;
    Checking archives. Starting from version 3.60 AVZ supports scanning archives and compound files. Currently, archives in ZIP, RAR, CAB, GZIP, TAR formats are being checked; e-mails and MHT files; CHM archives
    Checking and disinfecting NTFS streams. Checking NTFS streams is included in AVZ since version 3.75
    Management scripts. Allows the administrator to write a script that performs a set of specified operations on the user's PC. Scripts allow using AVZ in a corporate network, including its launch during system boot.
    Process analyzer. The analyzer uses neural networks and analysis firmware; it turns on when advanced analysis is enabled at the maximum heuristic level and is designed to search for suspicious processes in memory.
    AVZGuard system. Designed to combat hard-to-remove malicious programs, in addition to AVZ, it can protect user-specified applications, for example, other anti-spyware and antivirus programs.
    Direct disk access system for working with locked files. Works on FAT16 / FAT32 / NTFS, is supported on all operating systems of the NT line, allows the scanner to analyze locked files and place them in quarantine.
    Process monitoring driver and AVZPM drivers. Designed to track the start and stop of processes and load / unload drivers to search for cloaked drivers and detect corruption in the structures describing processes and drivers created by DKOM rootkits.
    Boot Cleaner driver. Designed to perform system cleaning (removing files, drivers and services, registry keys) from KernelMode. The cleaning operation can be performed both during computer restart and during disinfection.
    Type

    Related entries:

    Avz 4 antivirus utilityAvz 4 antivirus utility New version of the program New version of the program "Supplier": free and effective Download emmy admin version 3Download emmy admin version 3 What is the egais program, how it works, featuresWhat is the egais program, how it works, features RaidCall Account CreationRaidCall Account Creation
    New or popular