Home > All about the signs of the Zodiac

How to remove viruses using AVZ. Guide to using AVZ antivirus

31.12.2021

Every user has encountered system problems related to viruses and malware. The problems they cause are very serious. Sometimes you have to completely reinstall the system, or the equipment may malfunction. But you don’t always need to turn to specialists for help. Many problems can be solved on their own. This is where AVZ antivirus comes to the rescue. Let's take a closer look at how to work with it.

What is this program

AVZ does not work in real time like antiviruses installed on a PC. You don't have to install it. The utility is in Russian. Does not conflict with antiviruses installed on the system. I have Smart Security installed. In this case, the utility works great. There is no need to disable permanent antivirus.

When to use it

AVZ removes viruses such as AdWare, SpyWare and Trojans. If you notice that your PC is not working as usual: it freezes, the software loads slowly, it won’t turn off, try working with AVZ. Even if everything works as it should, periodically scan your PC with this utility.

How to download and install

Download the latest version from the official website: http://z-oleg.com/avz4.zip

The latest version includes support for Windows 10

Extract the downloaded archive to the “avz4” folder. If you want, change her name to something else. Next, launch it by clicking on the avz.exe file.
Before starting work, update the databases. In the window that opens, find the “Update” icon.

For Windows 7/10, for AVZ to work correctly, run it as an administrator. To do this, right-click on the avz.exe executable file. Next, select the appropriate item.

What to do before work

AVZ is a utility for troubleshooting problems caused by viruses. Therefore, before starting work, run, for example, a one-time utility. It will get rid of viruses, and AVZ will correct violations and delete files created by the virus. Will clean the system after removal.

How to use

Let's launch the utility. The main program window consists of three tabs:

On the first tab “Search Area”, select what to scan on the HDD. A little lower there will be three options. Check the boxes next to them. This will allow you to perform heuristic analysis, scan running processes, and identify malicious software.

File type

In this tab, select what to scan. If a simple check is being performed, check the “Potentially dangerous” box. If there are a lot of viruses - “All files”. The utility works with archives in addition to simple documents. In this tab, configure this check. Uncheck the checkbox next to archive checking.

Search options

A slider will appear at the top. Move it up to enable checking for keyboard hooks. The end result should look like the picture.
Next, configure what action to perform if a virus is found:

A check will run, the result of which will be displayed in the area called “Protocol”. After a short period of time (depending on the amount of information being checked), the scanning will end. Next, the program will indicate the scanning time and the threats found.
If threats are found, look at them by clicking on the button marked in the figure below.
If there are suspicious objects, the program will write the path to them, description, and type. Here you can move it to quarantine or delete it.

System functions

In addition to checking for viruses and malware, AVZ performs many functions. Let's talk about the most useful ones. To access them, click on "File". A context menu with all functions will open.
Let's look at the most important ones.

System Research

The function will collect information about the system. This is the technical and hardware part. This includes: system files, protocols, processes. By clicking on the “Research” link, a new window will open, where you indicate to the utility what information you need to collect. Having installed everything you need, click on “Start”.
In a new window, the program will offer to save the document. It contains the selected information in html format. Opens in any browser. Next, click “Save”.
Scanning will begin. After its completion, you will be able to view the selected information.

Recovery

These functions can return OS elements to their original state and remove settings. The malware wants to deny access to the “Registry Editor” or “Manager”. Tries to add parameters to the “hosts” system file. The restore option will unlock these items. To start, click on it and check the boxes for the actions you want to perform. I checked the 11, 13, 17 option. Next, click on “Run”.

Scripts

The list of options found in the “File” menu includes functions that work with scripts. These are “Run”, “Standard”.
By clicking on “Standard” a window will appear with a list of ready-made scripts. Check the boxes as needed. Next, click on “Run”.
Another option will launch the editor. Write the script yourself, or download from your PC. Next, click the “Run” button.

Quarantine and Infected option

By clicking on this item, view the potentially dangerous elements detected by the utility during scanning.
Delete the files (if found), or restore if they are not dangerous.
To have potentially dangerous software quarantined, check the appropriate boxes in the settings.

Services

To view the list of services offered by the program, click on the corresponding “Service” line.
Let's look at the most used ones.

Process Manager

All executable files running on the system are displayed here. In a new window, look at their description and the path to them.
End the process if necessary. Select it from the list and click on the button with a black cross. Located to the right of the window.

This is a replacement for the dispatcher installed in the system. It is of particular value if it is blocked by a virus.

Services and Driver Manager

The second service on the list. By clicking on it, a window will open where you select the service using the switch: services, drivers all. Select the desired item and then disable, stop or delete it.

Startup Manager

Use it to configure settings for programs that start with the system. To disable, uncheck the box next to the selected item. The entry can be completely deleted. To do this, press the button with a black cross on it.

Once deleted, it cannot be restored. Therefore, check carefully so as not to erase important records.

Hosts File Manager

If a virus has written its own values in this file and blocked access, use this option. A new window will display its contents. It won't be possible to add anything. Just delete. This is done using the button with a black cross.

Launching utilities

The program allows you to work with popular applications. To do this, go to “Service” - “System”. By clicking on system utilities, you can:

AVZGuard

If you have a virus that cannot be removed, use the AVZGuard function. It adds the malware to the list of untrusted software that cannot be operated on. To activate, click on the AVZGuard line.

I would like to note that this function and AVZPM do not work for me, since these technologies are not supported by 64-bit versions of Windows operating systems. Read more about this in the official technical documentation at: http://z-oleg.com/secur/avz_doc/index.html?t_install.htm.

Conclusion

I recommend that all users download AVZ. Run the virus scan utility periodically. Its main task is to remove spyware, Trojans and SpyWare. But this does not mean that you do not need to use antiviruses that protect your PC in real time.

Modern antiviruses have acquired various additional functionality so much that some users have questions while using them. In this lesson we will tell you about all the key features of the AVZ antivirus.

Let's look at what AVZ is in as much detail as possible using practical examples. The following functions deserve the main attention of the average user.

Checking the system for viruses

Any antivirus should be able to detect malware on your computer and deal with it (treat or remove it). Naturally, this function is also present in AVZ. Let's see in practice what such a check is like.

Let's launch AVZ.
A small utility window will appear on the screen. In the area marked in the screenshot below, you will find three tabs. They all relate to the process of searching for vulnerabilities on a computer and contain different options.

On the first tab "Search area" you need to check the boxes for those folders and hard drive partitions that you want to scan. A little lower you will see three lines that allow you to enable additional options. We put marks in front of all positions. This will allow you to perform a special heuristic analysis, scan additional running processes and even identify potentially dangerous software.

After that, go to the tab "File Types". Here you can choose what data the utility should scan.
If you are doing a regular check, then just check the box "Potentially dangerous files". If viruses have taken deep roots, then you should choose "All files".
In addition to ordinary documents, AVZ easily scans archives, something that many other antiviruses cannot boast of. This tab is where you can enable or disable this check. We recommend unchecking the box next to scanning large archives if you want to achieve maximum results.
In total, your second tab should look like this.

Next we go to the last section "Search Options".
At the very top you will see a vertical slider. Move it all the way up. This will allow the utility to respond to all suspicious objects. In addition, we include checking API and RootKit interceptors, searching for keyloggers, and checking SPI/LSP settings. The general appearance of your last tab should be something like this.

Now you need to configure the actions that AVZ will take when a particular threat is detected. To do this, you first need to check the box next to the line "Carry out treatment" in the right area of the window.

Next to each type of threat, we recommend setting the parameter "Delete". The only exceptions are threats like "HackTool". Here we recommend leaving the parameter "Treat". In addition, check the two lines below the list of threats.

The second parameter will allow the utility to copy the unsafe document to a specially designated location. You can then view all the contents, and then safely delete them. This is done so that you can exclude from the list of infected data those that are not actually infected (activators, key generators, password generators, and so on).
When all the settings and search parameters have been set, you can begin the scanning itself. To do this, click the corresponding button "Start".

The verification process will begin. Her progress will be displayed in a special area "Protocol".
After some time, which depends on the amount of data being scanned, the scanning will be completed. A message indicating the completion of the operation will appear in the log. The total time spent on analyzing files will also be indicated, as well as statistics on scanning and identified threats.

By clicking on the button marked in the image below, you will be able to see in a separate window all the suspicious and dangerous objects that were identified by AVZ during the scan.

The path to the dangerous file, its description and type will be indicated here. If you check the box next to the name of such software, you can move it to quarantine or completely remove it from your computer. When the operation is complete, press the button "OK" at the very bottom.

After cleaning your computer, you can close the program window.

System functions

In addition to standard malware scanning, AVZ can perform a lot of other functions. Let's look at those that may be useful to the average user. In the main menu of the program at the very top, click on the line "File". As a result, a context menu will appear containing all available auxiliary functions.

The first three lines are responsible for starting, stopping and pausing the scan. These are analogues of the corresponding buttons in the AVZ main menu.

System Research

This function will allow the utility to collect all information about your system. This does not mean the technical part, but the hardware. Such information includes a list of processes, various modules, system files and protocols. After you click on the line "System Research", a separate window will appear. Here you can specify what information AVZ should collect. After checking all the necessary boxes, you should click the button "Start" at the very bottom.

After this, a save window will open. In it you can select the location of the document with detailed information, as well as indicate the name of the file itself. Please note that all information will be saved as an HTML file. It opens in any web browser. Having specified the path and name for the saved file, you need to click the button "Save".

As a result, the process of scanning the system and collecting information will start. At the very end, the utility will display a window in which you will be asked to immediately view all the collected information.

System Restore

Using this set of functions, you can return elements of the operating system to their original form and reset various settings. Most often, malware tries to block access to the Registry Editor, Task Manager and write its values in the system document. You can unlock such elements using the option "System Restore". To do this, just click on the name of the option itself, and then check the boxes for the actions that need to be performed.

After this you need to press the button “Perform marked operations” in the lower area of the window.

A window will appear on the screen in which you must confirm the action.

After some time, you will see a message indicating that all tasks have completed. Just close this window by clicking the button "OK".

Scripts

In the list of parameters there are two lines related to working with scripts in AVZ - "Standard scripts" And "Run script".

Clicking on a line "Standard scripts", you will open a window with a list of ready-made scripts. All you need to do is tick the boxes that you want to run. After that, click the button at the bottom of the window "Run".

In the second case, you will launch the script editor. Here you can write it yourself or download one from your computer. Don't forget to click the button after writing or uploading "Run" in the same window.

Database update

This item is the most important of the entire list. By clicking on the corresponding line, you will open the AVZ database update window.

We do not recommend changing settings in this window. Leave everything as it is and press the button "Start".

After some time, a message will appear on the screen indicating that the database update is complete. All you have to do is close this window.

Viewing the contents of the Quarantine and Infected folders

By clicking on these lines in the list of options, you can view all potentially dangerous files that AVZ detected while scanning your system.

In the windows that open, you can permanently delete such files or restore them if they actually do not pose a threat.

Please note that in order for suspicious files to be placed in these folders, you must check the appropriate boxes in the system scanning settings.

This is the last option from this list that the average user may need. As the name suggests, these parameters allow you to save the preliminary antivirus configuration (search method, scanning mode, etc.) to your computer, and also load it back.

When saving, you will only need to specify the file name, as well as the folder in which you want to save it. When loading a configuration, simply select the desired file with settings and click the button "Open".

Exit

It would seem that this is an obvious and well-known button. But it is worth mentioning that in some situations - when particularly dangerous software is detected - AVZ blocks all methods of closing itself, except for this button. In other words, you will not be able to close the program with a keyboard shortcut "Alt+F4" or by clicking on the banal cross in the corner. This is done so that viruses cannot interfere with the correct operation of AVZ. But by clicking this button, you can close the antivirus if necessary for sure.

In addition to the options described, there are also others in the list, but they most likely will not be needed by ordinary users. Therefore, we did not focus on them. If you still need help regarding the use of functions not described, write about it in the comments. And we move on.

List of services

In order to see the full list of services offered by AVZ, you need to click on the line "Service" at the very top of the program.

As in the last section, we will go over only those that may be useful to the average user.

Process Manager

By clicking on the very first line from the list, you will open a window "Process Manager". In it you can see a list of all executable files that are running on a computer or laptop at a given time. In the same window you can read a description of the process, find out its manufacturer and the full path to the executable file itself.

You can also terminate a particular process. To do this, just select the required process from the list, and then click on the corresponding button in the form of a black cross on the right side of the window.

This service is an excellent replacement for the standard one. The service acquires particular value in situations where "Task Manager" blocked by a virus.

Services and Driver Manager

This is the second service in the general list. By clicking on the line with the same name, you will open the window for managing services and drivers. You can switch between them using a special switch.

In the same window, each item is accompanied by a description of the service itself, status (enabled or disabled), as well as the location of the executable file.

You can select the required item, after which you will have the options of enabling, disabling or completely removing the service/driver. These buttons are located at the top of the work area.

Startup Manager

This service will allow you to fully customize autorun settings. Moreover, unlike standard managers, this list also includes system modules. By clicking on the line with the same name, you will see the following.

In order to disable the selected element, you only need to uncheck the box next to its name. In addition, it is possible to completely delete the required entry. To do this, simply select the desired line and click on the button at the top of the window in the form of a black cross.

Please note that a deleted value cannot be returned. Therefore, be extremely careful not to erase vital system startup records.

Hosts File Manager

We mentioned a little above that the virus sometimes writes its own values into the system file "Hosts". And in some cases, malware also blocks access to it so that you cannot correct the changes made. This service will help you in such situations.

By clicking on the line shown in the image above in the list, you will open a manager window. You cannot add your own values here, but you can delete existing ones. To do this, select the desired line with the left mouse button, and then press the delete button, which is located in the upper area of the work area.

After this, a small window will appear in which you need to confirm the action. To do this, just press the button "Yes".

When the selected line is deleted, you just need to close this window.

Be careful not to delete lines whose purpose you don't know. To file "Hosts" Not only viruses, but also other programs can write their values.

System utilities

With AVZ you can also launch the most popular system utilities. You can see their list if you hover your mouse over the line with the corresponding name.

By clicking on the name of a particular utility, you will launch it. After this, you can make changes to (regedit), configure the system (msconfig) or check system files (sfc).

These are all the services we wanted to mention. Beginner users are unlikely to need a protocol manager, extensions, or other additional services. Such functions are more suitable for more advanced users.

AVZGuard

This function was developed to combat the most cunning viruses that cannot be removed using standard methods. It simply adds malware to a list of untrusted software that is prohibited from performing its operations. To enable this function you need to click on the line "AVZGuard" in the upper AVZ area. In the drop-down window, click on the item "Enable AVZGuard".

Be sure to close all third-party applications before enabling this feature, otherwise they will also be included in the list of untrusted software. The operation of such applications may be disrupted in the future.

All programs that are marked as trusted will be protected from deletion or modification. And the work of untrusted software will be suspended. This will allow you to safely remove dangerous files using a standard scan. After this, you should disable AVZGuard back. To do this, click again on a similar line at the top of the program window, and then click on the button to disable the function.

AVZPM

The technology indicated in the name will monitor all started, stopped and modified processes/drivers. To use it, you must first enable the corresponding service.

Click on the AVZPM line at the top of the window.
In the drop-down menu, click on the line “Install the advanced process monitoring driver”.

Within a few seconds, the necessary modules will be installed. Now, when changes are detected in any processes, you will receive a corresponding notification. If you no longer need such monitoring, you will need to simply click on the line marked in the image below in the previous drop-down window. This will unload all AVZ processes and remove previously installed drivers.

Please note that the AVZGuard and AVZPM buttons may be grayed out and inactive. This means that you have an x64 operating system installed. Unfortunately, the mentioned utilities do not work on an OS with this bit depth.

This brings this article to its logical conclusion. We tried to tell you how to use the most popular features in AVZ. If you still have questions after reading this lesson, you can ask them in the comments to this post. We will be happy to pay attention to each question and try to give the most detailed answer.

Hello dear friends! Today I want to write another article about the security of our computers and the fight against viruses. I want to do review of the AVZ antivirus utility and write how you can use it quickly remove the virus and cure the system from other threats.

There are a lot of good reviews about the AVZ antivirus utility on the Internet, and this is not strange, it is a really cool tool that will help you quickly remove a virus from your computer. And before moving on to the description of launching and working with AVZ, I’ll say a few more words about this miracle.

The AVZ utility is not an antivirus; more precisely, it is not a permanent antivirus that works all the time and searches for viruses in real time. This is a small utility that does not even need to be installed; you just need to extract it from the archive and run it on your computer. Another big plus is that AVZ does not conflict with other permanent antiviruses. For example, I have ESET NOD32 installed, and without even uninstalling or closing it, I scanned my computer with the AVZ utility. Although it is recommended to disable your antivirus, it is not necessary.

When and why is AVZ used?

As I already wrote, the AVZ utility can quickly remove various AdWare, SpyWare, Trojan viruses, etc. If you notice strange things in the operation of your computer, it has become slow, or the virus has already made itself felt, then it’s time to try AVZ, By the way, I forgot to write, it’s completely free. Even for prevention, you can scan your computer with this antivirus utility, otherwise your antivirus is unlikely to be able to protect you from all threats.

In short, if there is something wrong with your computer, then you definitely need to scan it with the AVZ utility, and if it doesn’t help, then look for other solutions to the problem.

Where to download and how to scan your computer with the AVZ utility?

I used AVZ version 4.39 for testing. At the moment, this is the newest version. So we download it from my blog but the link. For new versions and other information, see the author’s website z-oleg.com.

Download the archive and extract the “avz4” folder from it (with changes in versions, the folder name may be different). To launch AVZ, go to this folder and run “avz.exe”.

A program window will open. First, let's update the anti-virus database. To do this, click on the button that I marked in the screenshot. And click on the “Start” button. The program will inform you that everything is updated, click “Ok”.

Now you can start setting up and running a computer scan for viruses, spyware and other nasties.

On the start tab “Search area” configure it like this:

We tick the disks that we want to scan, I checked all three local disks.
Check the boxes below “Check running processes”, “Heuristic system check” And “Searching for potential vulnerabilities”. We move to the right.
In the section “Treatment Method”, put a tick “Carry out treatment”. We put the delete option everywhere, just opposite “HackTool” we select “Treat”.
Below we tick all three points.

Go to the “File Types” tab and set the settings.

The settings in this section determine how long the program will scan our computer. If you want to do a quick check, then leave everything as is. But it’s worth remembering that the longer AVZ scans your computer, the more likely it is to find a threat.

Therefore, for a quick search we leave everything as it is, for the middle one we mark the item “All files”, and for a very long scan we mark “All files” and uncheck “Don't check archives anymore”.

It is advisable to tick two boxes: “Block RootKit User-Mode” And “Block RootKit Kernel-Mode”.

That's it, the setup is complete. Click on the “Start” button, agree to the warning and the scanning will begin. It is better not to touch the computer or press anything. Moreover, the utility itself will block almost all actions. After scanning is completed, close the program and restart your computer.

Having a utility like AVZ in stock and using it sometimes is very good. But don’t forget about antiviruses, which allow you to protect your computer throughout its operation. Therefore, be sure to install yourself a good antivirus.

Also on the site:

Review and work with the AVZ antivirus utility. A great way to quickly remove a virus. updated: January 12, 2015 by: admin

An excellent program for removing viruses and restoring the system is AVZ (Zaitsev Anti-Virus). You can download AVZ by clicking on the orange button after generating links.And if a virus blocks the download, then try downloading the entire anti-virus set!

The main capabilities of AVZ are virus detection and removal.

AVZ antivirus utility is designed to detect and remove:

SpyWare and AdWare modules are the main purpose of the utility
Dialer (Trojan.Dialer)
Trojan programs
BackDoor modules
Network and mail worms
TrojanSpy, TrojanDownloader, TrojanDropper

The utility is a direct analogue of the TrojanHunter and LavaSoft Ad-aware 6 programs. The primary task of the program is to remove SpyWare and Trojan programs.

Features of the AVZ utility (in addition to the standard signature scanner) are:

Heuristic system check firmware. Firmware searches for known SpyWare and viruses based on indirect signs - based on analysis of the registry, files on disk and in memory.
Updated database of secure files. It includes digital signatures of tens of thousands of system files and files of known secure processes. The database is connected to all AVZ systems and works on the “friend/foe” principle - safe files are not quarantined, deletion and warnings are blocked for them, the database is used by an anti-rootkit, a file search system, and various analyzers. In particular, the built-in process manager highlights safe processes and services in color; searching for files on the disk can exclude known files from the search (which is very useful when searching for Trojan programs on the disk);
Built-in Rootkit detection system. The RootKit search is carried out without the use of signatures, based on a study of basic system libraries to intercept their functions. AVZ can not only detect RootKit, but also correctly block UserMode RootKit for its process and KernelMode RootKit at the system level. The RootKit countermeasures apply to all AVZ service functions; as a result, the AVZ scanner can detect masked processes, the registry search system “sees” masked keys, etc. The anti-rootkit is equipped with an analyzer that detects processes and services masked by RootKit. In my opinion, one of the main features of the RootKit countermeasures system is its functionality in Win9X (the widespread opinion about the absence of RootKit working on the Win9X platform is deeply erroneous - hundreds of Trojan programs are known that intercept API functions to mask their presence, to distort the operation of API functions or to monitor their use). Another feature is the universal detection and blocking system KernelMode RootKit, compatible with Windows NT, Windows 2000 pro/server, XP, XP SP1, XP SP2, Windows 2003 Server, Windows 2003 Server SP1
Keylogger and Trojan DLL detector. The search for Keylogger and Trojan DLLs is carried out based on system analysis without using a signature database, which allows you to confidently detect previously unknown Trojan DLLs and Keylogger;
Neuroanalyzer. In addition to the signature analyzer, AVZ contains a neuroemulator, which allows you to examine suspicious files using a neural network. Currently, the neural network is used in a keylogger detector.
Built-in Winsock SPI/LSP settings analyzer. Allows you to analyze settings, diagnose possible errors in settings and perform automatic treatment. The ability to automatically diagnose and treat is useful for novice users (utilities like LSPFix do not have automatic treatment). To study SPI/LSP manually, the program has a special LSP/SPI settings manager. The Winsock SPI/LSP analyzer is covered by the anti-rootkit;
Built-in manager of processes, services and drivers. Designed to study running processes and loaded libraries, running services and drivers. The work of the process manager is covered by the anti-rootkit (as a result, it “sees” processes masked by the rootkit). The process manager is linked to the AVZ safe file database; identified safe and system files are highlighted in color;
Built-in utility for searching files on disk. Allows you to search a file using various criteria; the capabilities of the search system exceed those of the system search. The operation of the search system is covered by the anti-rootkit (as a result, the search “sees” files masked by the rootkit and can delete them); the filter allows you to exclude files identified by AVZ as safe from the search results. Search results are available as a text log and as a table in which you can mark a group of files for later deletion or quarantine
Built-in utility for searching data in the registry. Allows you to search for keys and parameters according to a given pattern; search results are available in the form of a text protocol and in the form of a table in which you can mark several keys for their export or deletion. The operation of the search system is covered by the anti-rootkit (as a result, the search “sees” registry keys masked by the rootkit and can delete them)
Built-in analyzer of open TCP/UDP ports. It is covered by an anti-rootkit; in Windows XP, the process using the port is displayed for each port. The analyzer is based on an updated database of ports of known Trojan/Backdoor programs and known system services. The search for Trojan program ports is included in the main system scanning algorithm - when suspicious ports are detected, warnings are displayed in the protocol indicating which Trojan programs are likely to use this port
Built-in analyzer of shared resources, network sessions and files opened over the network. Works in Win9X and Nt/W2K/XP.
Built-in Downloaded Program Files (DPF) analyzer - displays DPF elements, connected to all AVZ systems.
System recovery firmware. Firmware restores Internet Explorer settings, program launch parameters, and other system parameters damaged by malware. Restoration is started manually, the parameters to be restored are specified by the user.
Heuristic file deletion. Its essence is that if malicious files were deleted during treatment and this option is enabled, then an automatic system scan is performed, covering classes, BHO, IE and Explorer extensions, all types of autorun available to AVZ, Winlogon, SPI/LSP, etc. . All found links to a deleted file are automatically cleared, with information about what exactly was cleared and where it was recorded in the log. For this cleaning, the system treatment firmware engine is actively used;
Checking archives. Starting from version 3.60, AVZ supports scanning archives and compound files. Currently, archives in ZIP, RAR, CAB, GZIP, TAR formats are checked; emails and MHT files; CHM archives
Checking and treating NTFS streams. Checking NTFS streams is included in AVZ starting from version 3.75
Control scripts. Allow the administrator to write a script that performs a set of specified operations on the user’s PC. Scripts allow you to use AVZ on a corporate network, including its launch during system boot.
Process analyzer. The analyzer uses neural networks and analysis firmware; it is turned on when advanced analysis is enabled at the maximum heuristic level and is designed to search for suspicious processes in memory.
AVZGuard system. Designed to combat hard-to-remove malware, it can, in addition to AVZ, protect user-specified applications, for example, other anti-spyware and anti-virus programs.
Direct disk access system for working with locked files. Works on FAT16/FAT32/NTFS, is supported on all operating systems of the NT line, allows the scanner to analyze locked files and quarantine them.
Driver for monitoring processes and drivers AVZPM. Designed to monitor the start and stop of processes and loading/unloading of drivers to search for masquerading drivers and detect distortions in the structures describing processes and drivers created by DKOM rootkits.
Boot Cleaner Driver. Designed to perform system cleaning (removing files, drivers and services, registry keys) from KernelMode. The cleaning operation can be performed both during the process of restarting the computer and during treatment.

Restoring system parameters.

Restoring startup parameters.exe .com .pif
Reset IE settings
Restoring desktop settings
Remove all user restrictions
Deleting a message in Winlogon
Restoring File Explorer settings
Removing system process debuggers
Restoring Safe Mode boot settings
Unblocking the task manager
Cleaning the host file
Correcting SPI/LSP settings
Resetting SPI/LSP and TCP/IP settings
Unlocking Registry Editor
Cleaning MountPoints Keys
Replacing DNS servers
Removing the proxy setting for the IE/EDGE server
Removing Google Restrictions

Program tools:

Process Manager
Services and Driver Manager
Kernel space modules
Internal DLL Manager
Search the registry
Search files
Search by Coocie
Startup Manager
Browser Extension Manager
Control Panel Applet Manager (cpl)
Explorer Extensions Manager
Print Extension Manager
Task Scheduler Manager
Protocol and Handler Manager
DPF Manager
Active Setup Manager
Winsock SPI Manager
Hosts File Manager
TCP/UDP Port Manager
Network Shares and Network Connections Manager
A set of system utilities
Checking a file against the database of safe files
Checking a file against the Microsoft Security Catalog
Calculating MD5 sums of files

Here is a rather large kit to save your computer from various infections!

In short, if there is something wrong with your computer, then you definitely need to scan it with the AVZ utility, and if it doesn’t help, then look for other solutions to the problem.

Where to download and how to scan your computer with the AVZ utility?

I used AVZ version 4.39 for testing. At the moment, this is the newest version. So we download it from my blog but this link. For new versions and other information, see the author’s website z-oleg.com.

Download the archive and extract the “avz4” folder from it (with changes in versions, the folder name may be different). To launch AVZ, go to this folder and run “avz.exe”.

Now you can start setting up and running a computer scan for viruses, spyware and other nasties.

On the start tab “Search area” we configure it like this:

We tick the disks that we want to scan, I checked all three local disks.
Below, check the boxes “Check running processes”, “Heuristic system check” and “Search for potential vulnerabilities”. We move to the right.
In the “Treatment method” section, check the “Perform treatment” checkbox. Place the Delete option everywhere, just opposite “HackTool” and select “Disinfect”.
Below we tick all three points.

Go to the “File Types” tab and set the settings.

Therefore, for a quick search, we leave everything as it is, for the middle one, check the “All files” item, and for a very long scan, check “All files” and uncheck “Do not check archives anymore.”

It is advisable to check two boxes, “Block RootKit User-Mode” and “Block RootKit Kernel-Mode”.

But the AVZ utility can not only search for and remove viruses, but also has many more useful functions in its arsenal. Click on the “Tools” menu, a list will appear with the ability to launch different managers that can be useful in solving various problems. For example, “Host File Manager”, by selecting it, you will be able to delete lines from this file. By the way, I already wrote about the Host file, read I can’t log into VKontakte. Editing the hosts file.