AVZ Antiviral Toolkit – advanced scanner and manager

avz_icon ComboFix may be last resort that to blow away stubborn malware (with parts of Windows while at it :) but when even that fails there is no choice left except down and dirty hunt after pesky malware.

AVZ is set of utilities honed to detect all flavors of hard to detect malware (such as rootkits). And to get rid of it.

What it does

AVZ combines few related functions and capabilities for viable chance to detect malware that hides really well. Basically it:

  • detects things that interfere or integrate too deep with system;
  • checks them for signs of malware behavior;
  • runs against white list of known safe components;
  • provides tools to remove malware, while protecting itself and other tools from it.
avz_inerface

It has regular scan process with option to scan files, but there is extensive set of tools to manage autorun, processes and pretty much every other place that might get unwanted malware hooked to it.

Case study

I had freaking ugly very educational encounter today with computer that was complete mess of driver conflicts (cracked Daemon Tools Pro had showdown with cracked DrWeb, ouch).

After few hours of untangling and restoring system files I had system perfectly clean and working… Except that explorer.exe process completely trashed it with maxed out CPU usage and I had no idea where it came from. And 3.4GHz Pentium D spiking CPU makes computing experience really miserable.

Process Explorer and Process Monitor couldn’t detect a thing – all that came up was thread that originated out of non-descript memory space and spiked CPU, without any file activity. System was earlier through every portable antivirus scanner I use, so as clean as I could get it. It was complete H2IK sequence, worst I saw lately.

Quick (literally) scan with AVZ lighted up some obscure piece of driver (let it rest in peace) that interfered with numerous system APIs. And all was good without it.

Strong features

  • every sub-tool in AVZ makes use of main engine, so sees more and better than generic managers;
  • AVZPM – optional driver for extensive process checks;
  • AVZGuard – tool that restricts process and registry activity, except from trusted executables to guard them against aggressive malware;
  • saves the day.

Overall

AVZ is semi-official product of Kaspersky Labs (seems they got it by hiring developer). Parts of AVZ are reused in other Kaspersky products such as AVPTool, but as for manual diagnostics it still has edge over rest.

Works without installation as any decent anti-malware tool should. And if you are down in trouble deep to this one then you won’t care about traces left.

Home (in Russian) http://www.z-oleg.com/secur/avz/

Download http://z-oleg.com/avz4.zip

Related Posts

3 Comments

  • This is a cool tool I haven’t used in a while. I’ll certainly use it on my next assignment of cleaning up a troublesome computer. Cheers.

  • @Jonny

    Yeah, what I like that it gives access to advanced stuff but still keeps process relatively streamlined and easy to control.

    Plenty of anti-rootkits just dump bulk of cryptic data on you.

  • This is a cool
    AVZ nice

Comments are closed.