AVZ is an antivirus from Zaitsev. AVZ - a utility for treating viruses and restoring the system Avz is a program for cleaning your computer from viruses

AVZ is an antivirus from Zaitsev. AVZ - a utility for treating viruses and restoring the system Avz is a program for cleaning your computer from viruses
AVZ is an antivirus from Zaitsev. AVZ - a utility for treating viruses and restoring the system Avz is a program for cleaning your computer from viruses
11.07.2023

AVZ is a small free program for removing spyware and adware from your computer. This application is equipped with scanning functions and automatic detection of potential threats.

When surfing the Internet or installing software, there is a possibility of unnoticed installation of malware that will display advertisements or steal passwords.

To protect your working system from such malicious applications, it is good to use the AVZ utility. It scans systems for dangerous files, uses heuristic analysis to detect suspicious software running in the background, quarantines infected objects, and much more. By downloading AVZ for free, you can protect your confidential data from unauthorized persons. In addition, the application protects your computer from the installation of advertising add-ons in browsers.

The main functions of AVZ are to ensure computer security and remove malicious programs on it. To do this, this anti-virus software uses a special algorithm in the background - heuristic analysis. For prevention, you can force a scan of selected areas of the hard drive. In addition, checking removable media when connected to a PC has a good effect - many computers are infected this way. Detected viruses can be deleted or quarantined.

The program is highly customizable, and you can select all the necessary values ​​so that in the future it makes all decisions for you and does not distract you from other matters.

The main features of the AVZ program are as follows:

  • detection of different types of malicious software;
  • Scanning System;
  • use of heuristic analysis;
  • Keylogger detection;
  • scanning removable media;
  • checking active processes;
  • detection of potential vulnerabilities.

The AVZ program copes well with adware or spyware. It works in the background, but you can force the scanning process to quickly search for new vulnerabilities. Note that this antivirus works without installation and to work you just need to download AVZ for free and unpack its archive into the desired folder.

However, this program is not omnipotent and for comprehensive protection of your computer it is better to install another antivirus software, for example, Avast or Norton. As an analogue of AVZ, you can use the Ad-Aware Free antivirus, which is also good at detecting malware.

If your computer has been overcome by various types of spyware and Trojan programs, which, in addition, do not want to be recognized by your favorite antivirus as malicious, AVZ can greatly help in the fight against them. Since its capabilities are much wider than those of a conventional anti-virus scanner, the AVZ heuristic analyzer will be able to detect and neutralize even a virus that is not yet in any database of any antivirus based on typical signs.

A special advantage of AVZ is its most effective method of combating a very dangerous type of virus called Rootkit. What are rootkits and why are they dangerous? can be studied on the Wikipedia website, but in short, these are software tools that hackers install on the user’s computer to control it and use it for their own purposes. These programs are distinguished by good camouflage in the system as various system processes and applications (they can pretend to be drivers). They know how to hide traces of their presence and “clean up” after themselves, leaving no hints of their presence at all. Agree, this is not an easy task for an antivirus or any antispyware software.

AVZ antivirus is available on the official website (latest version), but you can download it for free and, well, follow a direct link. We have already downloaded it for our users in order to protect them from unnecessary registrations on the developer’s website.


To neutralize it, AVZ antivirus conducts a thorough analysis of the libraries and modules of the operating system being tested and intercepts any infection attempts at the initial stage, before the virus “takes root” in the system.

Also, one of the important aspects of this anti-virus program is the detection of various types (spyware interceptors, which carefully record all keystrokes on the keyboard) and their timely neutralization. By the way, AVZ does not analyze signatures for these purposes (add-ons and various kinds of scripts can be downloaded from the official website of AVZ).

AVZ, among other things, can be used as a fairly detailed analyzer of current processes. The special utility included with the program displays all running modules, services and libraries, and with its help you can easily track attempts to activate a rootkit or keyloggers, since it also displays processes that are not displayed by standard Windows tools.

The main features of the AVZ program are listed in the attached list:

  • Windows heuristic scan micromodules that scan the operating system and detect spyware and viruses based on the results of analysis of the registry, objects in the system and computer memory.
  • A regularly updated database of digital signatures of system files and secure resources of well-known programs.
  • Rootkit detection and neutralization tools.
  • Monitoring interception of keyboard button presses and other Trojan programs.
  • Neuroscanner containing a standard signature scanner and analyzer for checking suspicious resources using neural networks.
  • Winsock SPI/LSP settings scanner.
  • Process and service verification manager.
  • Download the latest version of avz for free can be found on the official website of the developer
  • A tool for searching files on any media. Allows you to find the files you are looking for using parameters that are not available in the standard Windows search utility.
  • Avz antivirus has a tool for searching the necessary data in the system registry with the ability to output results in the form of a text file or table with the ability to subsequently edit and export to the registry.
  • TCP/UDP open port detector, network traffic analysis.
  • Detector of resources open to all users and files that are shared on the network.
  • A utility for restoring the operating system and some software, restoring personal browser settings and other settings damaged by viruses or other unwanted software.
  • Removing unwanted files identified by heuristic analysis.
  • Checking resources inside archives.
  • Scan and recover damaged data in the NTFS partition of the file system.
  • AVZGuard scanner.
  • Boot Cleaner for cleaning the boot sector.
  • Process and driver scanning tool AVZPM.
  • A tool for analyzing Windows processes.

AVZ is an effective and popular antivirus program among users. AVZ has extensive functionality that allows you to detect and subsequently neutralize various dangerous elements. These include viruses, email and network worms, rootkits, Trojans and the like. The application contains a huge number of important tools to ensure guaranteed protection against viruses. It is also necessary to note the database of secure, updated files.

Purpose of the free antivirus utility AVZ

The main purpose of the AVZ antivirus utility is to detect and remove:

Dialer (Trojan.Dialer).

AdWare and SpyWare modules.

Trojan programs.

Mail and network worms.

BackDoor modules.

TrojanDropper, TrojanDownloader, TrojanSpy.

Key Features

Firmware that provides heuristic system checks. The action of the microprograms is based on the search for known viruses and SpyWare based on available indirect signs - based on the analysis of files, the registry in memory and on disk.

Updated database of system and secure files. This database includes digital signatures of thousands of safe process and system files. The database is connected to each of the systems of the AVZ anti-virus utility, and its functioning is carried out on the “friend/foe” principle - entering safe files into quarantine is not provided, warnings and deletion are blocked for them, the database is used by an anti-rootkit, various analyzers, and a file search system. The built-in process manager, in particular, highlights safe services and processes in a certain color, and the file search can use the exclusion of known files from the search (which is very important and useful when searching for Trojan programs on the disk).

Built-in Rootkit discovery system. RootKit detection is carried out based on a study of the main system libraries for the possibility of intercepting their functions without using signatures. The antivirus utility is capable of detecting not only RootKit, but also correctly blocking UserMode RootKit actions in its process, as well as KernelMode RootKit at the system level. The RootKit anti-root function is available in all AVZ service functions; as a result, the AVZ scanner is able to detect masked processes, and the search system in the registry easily finds masked keys and the like.

The anti-rootkit is equipped with an analyzer that searches for services and processes where RootKit is disguised. One of the main features of the AVZ system of the anti-RootKit utility lies in its ability to work in Win9X (many rootkits also work on Win9X systems, intercepting API functions to disguise themselves). The next feature of AVZ will be the universal system for finding and blocking KernelMode RootKit.

Keylogger and Trojan DLL detector. The search for Trojan DLLs, as well as Keylogger keyloggers, is performed without using a signature database based on system analysis, which allows you to very confidently detect previously unknown Keylogger and Trojan DLLs.

Neuroanalyzer. AVZ for Windows, in addition to a signature analyzer, includes a neuroemulator that can examine suspicious files using a neural network. Today, the neural network is effectively used in the keylogger detector.

Winsock SPI/LSP Settings Analyzer. The built-in Winsock analyzer makes it possible to analyze the settings, diagnose possible errors in the settings, and then perform automatic treatment. The possibility of automatic diagnosis and subsequent treatment will be extremely useful for beginners and inexperienced users (there is no automatic treatment in programs like LSPFix). To manually study SPI/LSP, the utility has a specialized LSP/SPI settings manager. And on Winsock, an anti-rootkit action is performed, which stops the operation of malicious code.

Built-in manager of services, processes and drivers. The built-in dispatcher provided is designed to study loaded libraries, running processes, drivers and services. The work of the process manager is also covered by the anti-rootkit (as a result, it can “see” processes that are masked by the rootkit). The process manager has a close relationship with the database of safe files of the AVZ utility; recognized system and safe files are highlighted in a special color;

Built-in utility that searches for files on disk. This utility allows you to search for files using a variety of criteria, while the capabilities of the search system are an order of magnitude higher than the capabilities of the system search. The anti-rootkit also extends to the search system, so the search quickly detects files masked by the rootkit and can delete them. At the same time, files identified as safe can be screened out using a filter that excludes these files from search results. Search results can be available in table form or as a text log, where you can mark the listed files for quarantine or subsequent deletion.

Built-in utility for finding data in the registry. This utility allows you to search for parameters and keys according to a given pattern; the results will be available in the form of a table or as a text protocol, where you can immediately mark a group of keys for deleting or exporting them. Anti-rootkit quickly detects files masked by a rootkit and can easily delete them.

TCP/UDP open port analyzer. It is also protected by an anti-rootkit, and Windows XP even displays the process that is using it for each port. The analyzer is based on a timely updated database of ports of known system services and Trojan/Backdoor programs. The search for Trojan pest ports is included in the basic system scanning algorithm - if suspicious ports are detected, a warning is indicated in the protocol indicating which Trojan programs are capable of using this port for malicious purposes.

Analyzer of network sessions, shared resources of open files over the network. It works in Nt/W2K/XP and Win9X.

DPF Analyzer (Downloaded Program Files)– shows DPF elements, has a connection to AVZ systems.

Heuristic file deletion. If this option is enabled and dangerous files were removed during treatment, then an automatic system scan is performed, which includes IE extensions, classes, BHO, Winlogon, startup types, and the like. Detected links to a dangerous file are cleared and this is noted in the protocol. System treatment microprograms are actively used for cleaning.

System recovery firmware. They restore program launch settings, Internet Explorer, and other settings damaged by malware. You can start recovery manually; the user specifies the parameters to be restored.

Checking archives. Since version 3.60 AVZ archives and components are checked. Archives in TAR, GZIP, RAR, ZIP formats are being checked; MHT files and CHM emails; archives.

Control scripts. The administrator can write a script that will perform a set of specified operations on the user's PC. Such scripts are convenient to use on a corporate network.

Checking and curing NTFS stream.

Process Analyzer. Uses analysis firmware and neural networks. Used for advanced analysis, designed to locate suspicious processes in memory.

AVZGuard function. It combats difficult-to-remove dangerous programs and can also protect applications specified by the user.

Boot Cleaner Driver. Used to clean the system (registry keys, drivers, files) from KernelMode.

Process monitoring driver, as well as AVZPM drivers. Used to track startup, loading/unloading of drivers, stopping processes, to find masquerading drivers and to find changes in driver structures that create DKOM rootkits.

Direct access function for working with locked files. Allows the scanner to analyze blocked files and send them to quarantine.

Antivirus utility AVZ designed to detect and remove:

  • SpyWare and AdWare modules are the main purpose of the utility
  • Dialer (Trojan.Dialer)
  • Trojans
  • BackDoor modules
  • Network and mail worms
  • TrojanSpy, TrojanDownloader, TrojanDropper

Main features of the AVZ utility (in addition to the standard signature scanner)

Heuristic system check firmware. Firmware searches for known SpyWare and viruses based on indirect signs - based on analysis of the registry, files on disk and in memory.

Updated database of safe files. It includes digital signatures of tens of thousands of system files and files of known secure processes. The database is connected to all AVZ systems and works on the “friend/foe” principle - safe files are not quarantined, deletion and warnings are blocked for them, the database is used by an anti-rootkit, a file search system, and various analyzers. In particular, the built-in process manager highlights safe processes and services in color; searching for files on the disk can exclude known files from the search (which is very useful when searching for Trojan programs on the disk);

Built-in Rootkit detection system. The RootKit search is carried out without the use of signatures, based on a study of basic system libraries to intercept their functions. AVZ can not only detect RootKit, but also correctly block UserMode RootKit for its process and KernelMode RootKit at the system level. The RootKit countermeasures apply to all AVZ service functions; as a result, the AVZ scanner can detect masked processes, the registry search system “sees” masked keys, etc. The anti-rootkit is equipped with an analyzer that detects processes and services masked by RootKit. In my opinion, one of the main features of the RootKit countermeasures system is its functionality in Win9X (the widespread opinion about the absence of RootKit working on the Win9X platform is deeply erroneous - hundreds of Trojan programs are known that intercept API functions to mask their presence, to distort the operation of API functions or to monitor their use). Another feature is the universal detection and blocking system KernelMode RootKit, compatible with Windows NT, Windows 2000 pro/server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1

Keylogger and Trojan DLL detector. The search for Keylogger and Trojan DLLs is carried out based on system analysis without using a signature database, which allows you to confidently detect previously unknown Trojan DLLs and Keylogger;

Neuroanalyzer. In addition to the signature analyzer, AVZ contains a neuroemulator, which allows you to examine suspicious files using a neural network. Currently, the neural network is used in a keylogger detector.

Built-in Winsock SPI/LSP settings analyzer. Allows you to analyze settings, diagnose possible errors in settings and perform automatic treatment. The ability to automatically diagnose and treat is useful for novice users (utilities like LSPFix do not have automatic treatment). To study SPI/LSP manually, the program has a special LSP/SPI settings manager. The Winsock SPI/LSP analyzer is covered by the anti-rootkit;

Built-in manager of processes, services and drivers. Designed to study running processes and loaded libraries, running services and drivers. The work of the process manager is covered by the anti-rootkit (as a result, it “sees” processes masked by the rootkit). The process manager is linked to the AVZ safe file database; identified safe and system files are highlighted in color;

Built-in utility for searching files on disk. Allows you to search a file using various criteria; the capabilities of the search system exceed those of the system search. The operation of the search system is covered by the anti-rootkit (as a result, the search “sees” files masked by the rootkit and can delete them); the filter allows you to exclude files identified by AVZ as safe from the search results. Search results are available as a text log and as a table in which you can mark a group of files for later deletion or quarantine

Built-in utility for searching data in the registry. Allows you to search for keys and parameters according to a given pattern; search results are available in the form of a text protocol and in the form of a table in which you can mark several keys for their export or deletion. The operation of the search system is covered by the anti-rootkit (as a result, the search “sees” registry keys masked by the rootkit and can delete them)

Built-in TCP/UDP open port analyzer. It is covered by an anti-rootkit; in Windows XP, the process using the port is displayed for each port. The analyzer is based on an updated database of ports of known Trojan/Backdoor programs and known system services. The search for Trojan program ports is included in the main system scanning algorithm - when suspicious ports are detected, warnings are displayed in the protocol indicating which Trojan programs are likely to use this port

Built-in analyzer of shared resources, network sessions and files opened over the network. Works in Win9X and Nt/W2K/XP.

Built-in Downloaded Program Files (DPF) analyzer- displays DPF elements, connected to all AVZ systems.

System recovery firmware. Firmware restores Internet Explorer settings, program launch settings, and other system parameters damaged by malware. Restoration is started manually, the parameters to be restored are specified by the user.

Heuristic file deletion. Its essence is that if malicious files were deleted during treatment and this option is enabled, then an automatic system scan is performed, covering classes, BHO, IE and Explorer extensions, all types of autorun available to AVZ, Winlogon, SPI/LSP, etc. . All found links to a deleted file are automatically cleared, with information about what exactly was cleared and where it was recorded in the log. For this cleaning, the system treatment firmware engine is actively used;

Checking archives. Starting from version 3.60, AVZ supports scanning archives and compound files. Currently, archives in ZIP, RAR, CAB, GZIP, TAR formats are checked; emails and MHT files; CHM archives

Checking and treating NTFS streams. Checking NTFS streams is included in AVZ starting from version 3.75

Control scripts. Allow the administrator to write a script that performs a set of specified operations on the user’s PC. Scripts allow you to use AVZ on a corporate network, including its launch during system boot.

Process Analyzer. The analyzer uses neural networks and analysis firmware; it is turned on when advanced analysis is enabled at the maximum heuristic level and is designed to search for suspicious processes in memory.

AVZGuard system. Designed to combat hard-to-remove malware, it can, in addition to AVZ, protect user-specified applications, for example, other anti-spyware and anti-virus programs.

Direct disk access system for working with locked files. Works on FAT16/FAT32/NTFS, is supported on all operating systems of the NT line, allows the scanner to analyze locked files and quarantine them.

AVZPM Process Monitoring and Driver Driver. Designed to monitor the start and stop of processes and loading/unloading of drivers to search for masquerading drivers and detect distortions in the structures describing processes and drivers created by DKOM rootkits.

Boot Cleaner Driver. Designed to perform system cleaning (removing files, drivers and services, registry keys) from KernelMode. The cleaning operation can be performed both during the process of restarting the computer and during treatment.


Program version: 4.46
Interface language: Russian, English
Treatment: not required
System requirements: windows 10, 8.1, 8, 7, vista, xp

Description: AVZ - Free, fast working antivirus utility. Includes AVZ itself and additional utilities AVZGuard/AVZPM/BootCleaner.
The main purpose is to detect and remove SpyWare and AdWare modules, as well as Dialer (Trojan.Dialer), Trojan programs, BackDoor modules, network and email worms, TrojanSpy, TrojanDownloader, TrojanDropper.
In fact, AVZ is an analogue of the popular Ad-aware program (with its own characteristics, of course).
Additional options include a heuristic system check, built-in Rootkit detection system, Winsock SPI/LSP settings analyzer, built-in process, service and driver manager, TCP/UDP open port analyzer, Keylogger and Trojan DLL detector that works without using signatures (an original neuroemulator is used, which allows you to examine suspicious files using a neural network).

Help for working with the program http://z-oleg.com/secur/avz_doc/

Additional Information:

Heuristic system check microprograms. Firmware searches for known SpyWare and viruses based on indirect signs - based on analysis of the registry, files on disk and in memory.
Updated database of secure files. It includes digital signatures of tens of thousands of system files and files of known secure processes. The database is connected to all AVZ systems and works on the “friend/foe” principle - safe files are not quarantined, deletion and warnings are blocked for them, the database is used by an anti-rootkit, a file search system, and various analyzers. In particular, the built-in process manager highlights safe processes and services in color; searching for files on the disk can exclude known files from the search (which is very useful when searching for Trojan programs on the disk);
Built-in Rootkit detection system. The RootKit search is carried out without the use of signatures, based on a study of basic system libraries to intercept their functions. AVZ can not only detect RootKit, but also correctly block UserMode RootKit for its process and KernelMode RootKit at the system level. The RootKit countermeasures apply to all AVZ service functions; as a result, the AVZ scanner can detect masked processes, the registry search system “sees” masked keys, etc. The anti-rootkit is equipped with an analyzer that detects processes and services masked by RootKit. In my opinion, one of the main features of the RootKit countermeasures system is its functionality in Win9X (the widespread opinion about the absence of RootKit working on the Win9X platform is deeply erroneous - hundreds of Trojan programs are known that intercept API functions to mask their presence, to distort the operation of API functions or to monitor their use). Another feature is the universal detection and blocking system KernelMode RootKit, compatible with Windows NT, Windows 2000 pro/server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1
Keylogger and Trojan DLL detector. The search for Keylogger and Trojan DLLs is carried out based on system analysis without using a signature database, which allows you to confidently detect previously unknown Trojan DLLs and Keylogger;
Neuroanalyzer. In addition to the signature analyzer, AVZ contains a neuroemulator, which allows you to examine suspicious files using a neural network. Currently, the neural network is used in a keylogger detector.
Built-in Winsock SPI/LSP settings analyzer. Allows you to analyze settings, diagnose possible errors in settings and perform automatic treatment. The ability to automatically diagnose and treat is useful for novice users (utilities like LSPFix do not have automatic treatment). To study SPI/LSP manually, the program has a special LSP/SPI settings manager. The Winsock SPI/LSP analyzer is covered by the anti-rootkit;
Built-in manager of processes, services and drivers. Designed to study running processes and loaded libraries, running services and drivers. The work of the process manager is covered by the anti-rootkit (as a result, it “sees” processes masked by the rootkit). The process manager is linked to the AVZ safe file database; identified safe and system files are highlighted in color;
Built-in utility for searching files on disk. Allows you to search a file using various criteria; the capabilities of the search system exceed those of the system search. The operation of the search system is covered by the anti-rootkit (as a result, the search “sees” files masked by the rootkit and can delete them); the filter allows you to exclude files identified by AVZ as safe from the search results. Search results are available as a text log and as a table in which you can mark a group of files for later deletion or quarantine
Built-in utility for searching data in the registry. Allows you to search for keys and parameters according to a given pattern; search results are available in the form of a text protocol and in the form of a table in which you can mark several keys for their export or deletion. The operation of the search system is covered by the anti-rootkit (as a result, the search “sees” registry keys masked by the rootkit and can delete them)
Built-in analyzer of open TCP/UDP ports. It is covered by an anti-rootkit; in Windows XP, the process using the port is displayed for each port. The analyzer is based on an updated database of ports of known Trojan/Backdoor programs and known system services. The search for Trojan program ports is included in the main system scanning algorithm - when suspicious ports are detected, warnings are displayed in the protocol indicating which Trojan programs are likely to use this port
Built-in analyzer of shared resources, network sessions and files opened over the network. Works in Win9X and Nt/W2K/XP.
Built-in Downloaded Program Files (DPF) analyzer - displays DPF elements, connected to all AVZ systems.
System recovery firmware. Firmware restores Internet Explorer settings, program launch settings, and other system parameters damaged by malware. Restoration is started manually, the parameters to be restored are specified by the user.
Heuristic file deletion. Its essence is that if malicious files were deleted during treatment and this option is enabled, then an automatic system scan is performed, covering classes, BHO, IE and Explorer extensions, all types of autorun available to AVZ, Winlogon, SPI/LSP, etc. . All found links to a deleted file are automatically cleared, with information about what exactly was cleared and where it was recorded in the log. For this cleaning, the system treatment firmware engine is actively used;
Checking archives. Starting from version 3.60, AVZ supports scanning archives and compound files. Currently, archives in ZIP, RAR, CAB, GZIP, TAR formats are checked; emails and MHT files; CHM archives
Checking and treating NTFS streams. Checking NTFS streams is included in AVZ starting from version 3.75
Control scripts. Allow the administrator to write a script that performs a set of specified operations on the user’s PC. Scripts allow you to use AVZ on a corporate network, including its launch during system boot.
Process analyzer. The analyzer uses neural networks and analysis firmware; it is turned on when advanced analysis is enabled at the maximum heuristic level and is designed to search for suspicious processes in memory.
AVZGuard system. Designed to combat hard-to-remove malware, it can, in addition to AVZ, protect user-specified applications, for example, other anti-spyware and anti-virus programs.
Direct disk access system for working with locked files. Works on FAT16/FAT32/NTFS, is supported on all operating systems of the NT line, allows the scanner to analyze locked files and quarantine them.
AVZPM process and driver monitoring driver. Designed to monitor the start and stop of processes and loading/unloading of drivers to search for masquerading drivers and detect distortions in the structures describing processes and drivers created by DKOM rootkits.
Boot Cleaner Driver. Designed to perform system cleaning (removing files, drivers and services, registry keys) from KernelMode. The cleaning operation can be performed both during the process of restarting the computer and during treatment.
changelog 4.46: Improvements and modifications for compatibility with Windows 10

Download torrent