Help - Search - Members
Full Version: anti virus won't run!
Kaspersky Lab Forum > English User Forum > Virus-related issues
gavin1116
Hey all

I had Kaspersky 7 (or something similar) and renewed online for another 2 years. I downloaded the 2009 edition and uninstalled the old version ect. 2009 installed, but doesnt work, so i uninstalled and went back to 7, and it still doesn't work! i click on the icon and it doesnt run the program.

I see everyone wants to see a GSI report, i'm new to this, so i assume this is right

http://www.getsysteminfo.com/read.php?file...8841f700f904893

i assume i copy that link, from a tutorial on here i read

if anyone can help, then THANK YOU in advance =]
richbuff
Welcome. Free up another 5 GB of disk space, and then do disk maintenance, such as defrag and disk cleanup, etc.

Please attach the zipped virusinfo_syscure.zip; instructions, see: http://forum.kaspersky.com/index.php?s=&am...st&p=678334 Download AVZ from here: http://www.malwarecrawler.com/a-v-z.exe

gavin1116
thanks for taking the time to reply.

Disk frag takes too long, so i shall try taking some files off so there is less to sort out.

I will try the AVZ log thing when i get time.



I tried installing the anti virus 2009 again, its after it says the installation is complete, then i click next, but nothing happens =\
gavin1116
I did the AVZ scan.

I have attached my results

A BIG thank you to anyone that can help
richbuff
Run this script, instructions: http://forum.kaspersky.com/index.php?s=&am...st&p=678368
CODE
begin
QuarantineFile('?','');
QuarantineFile('C:\WINDOWS\system32\drivers\ws2_32sik.sys','');
DeleteService('ws2_32sik');
StopService('ws2_32sik');
QuarantineFile('C:\WINDOWS\System32\drivers\83aff54c.sys','');
DeleteService('83aff54c');
StopService('83aff54c');
QuarantineFile('C:\WINDOWS\system32\drivers\mpkmlsw.sys','');
DeleteService('fzbwqlhp');
StopService('fzbwqlhp');
QuarantineFile('C:\WINDOWS\system32\drivers\ksi32sk.sys','');
DeleteService('ksi32sk');
StopService('ksi32sk');
QuarantineFile('C:\WINDOWS\system32\drivers\pmulp.sys','');
DeleteService('mswwz');
StopService('mswwz');
QuarantineFile('C:\WINDOWS\system32\drivers\netsik.sys','');
DeleteService('netsik');
StopService('netsik');
QuarantineFile('C:\DOCUME~1\Owner\LOCALS~1\Temp\oUltraf.sys','');
DeleteService('oUltraf');
StopService('oUltraf');
QuarantineFile('C:\WINDOWS\system32\drivers\systemntmi.sys','');
DeleteService('systemntmi');
StopService('systemntmi');
QuarantineFile('C:\WINDOWS\system32\drivers\uriehlxb.sys','');
DeleteService('wtmiki');
StopService('wtmiki');
QuarantineFile('C:\WINDOWS\system32\drivers\vzidhhue.sys','');
DeleteService('yuinlbws');
StopService('yuinlbws');
QuarantineFile('C:\Documents and Settings\Owner\.exe','');
QuarantineFile('C:\Documents and Settings\Owner\Owner.exe','');
QuarantineFile('C:\WINDOWS\system32\MsSip1.dll','');
QuarantineFile('C:\WINDOWS\system32\MsSip2.dll','');
QuarantineFile('C:\WINDOWS\system32\MsSip3.dll','');
QuarantineFile('C:\WINDOWS\system32\digiwet.dll','');
QuarantineFile('C:\windows\ld08.exe','');
QuarantineFile('byXOhihG.dll','');
QuarantineFile('xsfxpq.dll','');
DeleteFile('xsfxpq.dll');
DeleteFile('byXOhihG.dll');
DeleteFile('C:\windows\ld08.exe');
DeleteFile('C:\WINDOWS\system32\digiwet.dll');
DeleteFile('C:\WINDOWS\system32\MsSip3.dll');
DeleteFile('C:\WINDOWS\system32\MsSip2.dll');
DeleteFile('C:\WINDOWS\system32\MsSip1.dll');
DeleteFile('C:\Documents and Settings\Owner\Owner.exe');
DeleteFile('C:\Documents and Settings\Owner\.exe');
DeleteFile('C:\WINDOWS\system32\drivers\vzidhhue.sys');
DeleteFile('C:\WINDOWS\system32\drivers\uriehlxb.sys');
DeleteFile('C:\WINDOWS\system32\drivers\systemntmi.sys');
DeleteFile('C:\DOCUME~1\Owner\LOCALS~1\Temp\oUltraf.sys');
DeleteFile('C:\WINDOWS\system32\drivers\netsik.sys');
DeleteFile('C:\WINDOWS\system32\drivers\pmulp.sys');
DeleteFile('C:\WINDOWS\system32\drivers\ksi32sk.sys');
DeleteFile('C:\WINDOWS\system32\drivers\mpkmlsw.sys');
DeleteFile('C:\WINDOWS\System32\drivers\83aff54c.sys');
DeleteFile('C:\WINDOWS\system32\drivers\ws2_32sik.sys');
DeleteFile('?');
end.

After run script, attach a Combofix log, please review and follow these instructions carefully.

Download it here -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it.

Now, please make sure no other programs are running, close all other windows and pause Kaspersky (right click the K icon and click pause protection > Choose the
option "resume manually" if still active) until after the scanning and removal process has taken place.

Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
It may take a while to complete scanning and this is normal.

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
scanning has completed.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post. Also, please don't
forget to resume the Kaspersky that you paused.

gavin1116
Thanks so much, i appreciate it. i shall try it and post my results when its all done =]
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2014 Invision Power Services, Inc.