I am using KAV for Business. I freaking tired of the process of Installing my Office every other day as it is deleted by Kaspersky and virus like suchost.exe, iiiiii.exe, cool_game_setup.exe is found but can not be deleted by Kaspersky where as other antivirus is deleting it as normal anti virus. Because of those virus i am having broadcasting in my network frequent attack to all other uninfected PC. and finally collapse my systems..

I am tired of this problem please help.

Please create getsysteminfo as mentioned here, upload that txt-file to the parser and provide the link to there report here in the thread.

Also please attach the zipped virusinfo_syscure.zip; instructions, see: http://forum.kaspersky.com/index.php?s=&am...st&p=678334

Please find the getsystem info and awz log file hare. Please reply me ASAP. I am in mass.

My office programs are now getting deleted.

hi,
your machine is infected: C:\WINDOWS\system32\drivers\suchost.exe is a malware.
I think that a moderator (or a someone from KL Support) may give you an AVZ script to fix it.
M

Yes thanks for the reply, yes i also got to know this is caused by suchost.exe and its a virus. please give me the script ASAP. all my is getting effected.

edit: AVZ un-rar-ed and attach same.

I don't know why my post was moved. its OK but please give me a solution.

Run this script, instructions: http://forum.kaspersky.com/index.php?s=&am...st&p=678368

After run script, attach a Combofix log, please review and follow these instructions carefully.

Download it here -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it.

Now, please make sure no other programs are running, close all other windows and pause Kaspersky (right click the K icon and click pause protection > Choose the
option "resume manually" if still active) until after the scanning and removal process has taken place.

Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
It may take a while to complete scanning and this is normal.

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
scanning has completed.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post. Also, please don't
forget to resume the Kaspersky that you paused.

Ok i will do it and upload the report by the course of the day.

edit: del quote.

Please find the Combo fix log attached. I need solution ASAP my PCs are going down.

Please attach the other two Combofix logs: ComboFix2.txt 2009-05-07 14:15 and ComboFix3.txt 2009-05-07 08:07

Run this script, PC will reboot, instructions: http://forum.kaspersky.com/index.php?s=&am...st&p=678368

Run this script, PC will reboot:

Then, run this one:

A file called quarantine.zip should be created in C:\. Then please zip up C:\qoobox\quarantine and upload both it and C:\quarantine.zip to a filehost such as
http://rapidshare.com/ Then, Private Message me the Download link to the uploaded file. Click my user name and select Send message. Lastly, uninstall Combofix by:
pause Kaspersky > Start > run > type combofix /u > ok. Or Start > run > type 46 /u > ok. Restart Kaspersky.

Also, if you use Windows System restore, turn it off > reboot and do a full scan with Kaspersky. Then turn system restore back on, if you wish; this to remove malware
from system volume information files. How to turn it off/on: http://support.kaspersky.com/faq/?qid=208279208

Before doing the scan, Clear the Detected list: Detected > Active threats > right click > Disinfect all > right click > Clear list > then scan again > then post
screenshot of Detected > Active threats. With columns widened to show full name and object details.

Also, scan with Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam.php and attach its log, but Please Don't fix anything yet, until the log is reviewed.

this are the only 2 files created by Combo fix.

Ok i will do the needfull and upload the files.

Please find the AWZ and combo fix quarantine in this link as a zip file.

Please help me to resolve it ASAP.

edit: del quarantine link.

Edit: Delete quarantine link. Do Not Re Post It Again.

Please find the log for mbam. Please reply ASAP.

Fix what Malwarebytes detects. Then scan again with Malwarebytes and attach the new log. Is C:\WINDOWS\system32\drivers\suchost.exe detected again?

yes

Download and Save IceSword to your Desktop: http://mail.ustc.edu.cn/~jfpan/download/IceSword122en.zip
Unpack (right click > Extract) & execute it. In the left navigator choose "File". Go to the C:\Windows\system32\Drivers\ folders, look for suchost.exe
Right click it and choose Force delete. After that scan again.

Please find the report please reply with solution.

Fix the harmless registry entries that Malwarebytes detects.

Yes i have done it, but suchost is treturning and my office exe are deleted every day by kaspersky. KAV 6.0 for Business dont delete virus suchost.exe, iiiiii.exe, coolgamesetup.exe please give me solution for all this. its about a week and i am sending so many reports and qurentine files still no solution. whats the point of depending on a antivirus where its killing my application not viruses.

Hello PrinceBD,
let me allow to remember you that this is a forum, not the KL helpdesk. The help you got is for free and you should not pretend anything.
So, if you're unsatisfied about our tricks and you're thinking to lose time, you're free to open an official ticket...
M

I am frustrated. this is going for week still no solution. i have uploaded somany files and no result. THere is no point having a antivirus where its killing my application not viruses!!!!!!

I have send the forum link to international support lets see what they say next.

I actual post this thread to have so emergency support but I dont find any solution hare. People asked for so many things and i uploaded it one by one and they keep asking for more; I have wasted a week and uploaded so many Files. and know i am advices to take support form kaspersky international support. whats the point? I have send the link to them lets see waht they have to say.

There is no point using a antivirus which is killing my application not viruses.

I know its free and i know it is always a try. but no one have given me a solution till now. every one is saying upload this file and that file. All the tools you are offering to collect report not killing virus!!!!!!!!!!!!!!!!!!!!!!!!!!

Opening a ticket is not a big deal. you can do the same if you can not resist the pain, cause when you may have thanks you may also have the tendency to accept opposists.

listen man,
1) again, this is not the KL helpdesk (the entity in charge to give you official) support: here you find volunteers only and you should not pretend anything from them!
2) where is your reseller??? He should take care to give you a first support level....
3) do not throw s**t on the suggestions you got from this forum: you have a problem....KAV usually works pretty fine: your scenario looks quite complex and it might be necessary to test dozens of tricks to get rid of.....but if you're in a hurry, this is not the right place to find answers to your questions.
M