AVZ antivirus utility designed to detect and remove:
* SpyWare and AdWare modules - this is the main purpose utility
* Dialer (Trojan.Dialer)
* Trojan horses
* BackDoor modules
* Network and mail worms
* TrojanSpy, TrojanDownloader, TrojanDropper
The utility is a direct analog programs TrojanHunter and LavaSoft Ad-aware 6. The primary objective of the program is the removal of SpyWare and Trojans.
* Firmware Heuristic system check. Firmware conduct searches of known SpyWare and viruses by circumstantial evidence - based on analysis of the registry files on disk and in memory.
* Updated database of sound files. It includes the digital signatures of tens of thousands of system files and files of known safe processes. The base is connected to all systems AVZ and works on the principle of "your / someone else" - not safe files are moved to the quarantine, they blocked removal and a warning, the base used anti-rootkit, searchable files, and various analyzers. In particular, the built-in process manager allocates safe processes and services color, search for files on disk can be excluded from scanning certain files (which is very useful when searching for disk Trojans);
* Built-in detection system Rootkit. Search RootKit goes without signatures based on the study of basic system library for hooking their functions. AVZ can not only detect RootKit, but also to produce the correct blocking of UserMode RootKit for your process and KernelMode RootKit at the system level. Countering RootKit applies to all service functions AVZ, AVZ by the scanner can detect masked processes, the system will search the registry "sees" the masked keys, etc. Rootkit is equipped with an analyzer, which conducts the discovery processes and services, masked RootKit. One of the main features in my opinion of anti RootKit is its ability to work in Win9X (rasprostranennnoe opinion about places without RootKit, working on the platform, Win9X profoundly mistaken - Hundreds of Trojan programs intercepting API functions to hide their presence, for the distortion of the API functions for tracking the their use). Another feature is the universal system of detecting and blocking KernelMode RootKit, operable under Windows NT, Windows 2000 pro / server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1
* Detector keylogger (Keylogger) and Trojan DLL. Search Keylogger and Trojan DLL is based on an analysis of the system without using signature databases, allowing confident enough to detect previously unknown trojan DLL and Keylogger;
* Neyroanalizator. Trace of the signature analyzer provides AVZ neyroemulyator, which allows the investigation of suspicious files using neural network. Currently, the neural network used in the detector keyloggers.
* Built-in analyzer Winsock SPI / LSP settings. Allows us to analyze the settings, to diagnose possible errors in setting up and produce an automatic treatment. The possibility of automatic diagnosis and treatment is useful for novice users (such as utilities, auto LSPFix treatment is not available). To investigate the SPI / LSP manually in the program has special settings manager LSP / SPI. Work analyzer, Winsock SPI / LSP is subject to anti-rootkit;
* Built-in controller processes, services and drivers. Designed to study the running processes and loaded libraries, running services and drivers. Manager to work processes covered by the anti-rootkit (as a consequence - it "sees" the masked rootkit process). Manager processes associated with the base of safe files AVZ, and detected by the security and system files are highlighted;
* Built-in utility for finding files on the disk. Allows you to search for files by various criteria, the search capabilities of the system exceed the capabilities of the system searches. A job search system is subject to anti-rootkit (as a result - search "sees" rootkit masked files and can delete them), the filter allows you to exclude files from search results, identified as safe AVZ. Search results are available as text-based protocol and a table where you can mark a group of files for deletion or quarantining
* Built-in utility for searching data in the registry. Allows you to search for keys and parameters for a given pattern, the search results are available as text-based protocol and a table where you can point out a few keys to be exported or deleted. A job search system is subject to anti-rootkit (as a result - search "sees" the masked rootkit registry keys, and can remove them)
* Built-in analyzer open ports TCP / UDP. It is subject to the action of anti-rootkit in Windows XP for each port is displayed using the port process. The analyzer is based on the updated database of known Trojan ports / Backdoor programs, and known system services. Search ports Trojans included in the basic algorithm for checking the system - when it detects suspicious ports in the protocol Warnings showing how trojan program tend to use this port
* Built-in analyzer shared resources, networking sessions and open files on the network. Works for Win9X and Nt/W2K/XP.
* Built-in analyzer Downloaded Program Files (DPF) - items displays DPF, is connected to all ssitemam AVZ.
* Firmware recovery. Firmware spend restore settings Internet Explorer, the startup parameters, programs and other system settings damaged by malware. Restoration started manually restore settings specified by the user.
* Heuristic deleting files. Its essence is that if in the course of treatment remove malicious files and this option is enabled, it is an automatic system research, covering classes, BHO, the expansion of IE and Explorer, all available AVZ kinds of auto, Winlogon, SPI / LSP, etc. . All found references to the deleted file is automatically purged on the record about what exactly and where it was cleaned. For this cleaning is actively used by the engine firmware treatment system;
* Check the archives. Starting with version 3.60 AVZ supports the verification of files and multiple files. At the moment, checked the archives format ZIP, RAR, CAB, GZIP, TAR; e-mails and MHT files; CHM files
* Testing and Treatment of flows NTFS. Check NTFS streams included in the AVZ since version 3.75
* Scripts control. Allow the administrator to write a script that executes on the user's PC set of defined operations. AVZ scripts allow you to apply on a corporate network, including its launch at system startup.
* The analyzer processes. The analyzer uses a neural network analysis and firmware, it is included with enhanced analysis at the maximum level heuristics and is designed to search for suspicious processes in memory.
* System AVZGuard. Designed to combat trudnoudalimymi malicious programs, except for AVZ can protect the user application, such as other anti-spyware and antivirus programs.
* The system of direct access to the drive to work with locked files. Powered by FAT16/FAT32/NTFS, is supported on all operating systems line NT, enables the scanner to analyze the locked files and place them in quarantine.
* Driver monitoring processes and drivers AVZPM. Designed to track the start and stop processes and loading / unloading of drivers to find the masked drivers and detect distortions in describing the processes and drivers structures created DKOM rootkits.
* Driver Boot Cleaner. Designed to perform system cleaning (deleting files, drivers and services, and registry keys) from KernelMode. Cleaning operation can be performed both in the process of rebooting the computer, and in the course of treatment.