The fix is to restore the tcpip.sys the Tcpip and Tcpip6 keys from a backup, which can be found in C:\Windows\System32\config\RegBack. You have to do the restore from a bootdisk though as the files are in use inside of Windows. This is a problem however and I'm trying to figure out how to restore functionality to the deleted registry keys without using the boot disk method. Obviously if you have another registry backup this becomes much easier as you'd simply just import the keys. There are standard keys online, but since they're lacking some build specific strings, it doesn't fully restore connectivity. Long story short, pull the keys from the SYSTEM hive, restore the sys file and it will work. But getting the keys from the hive is going to be a challenge without a bootdisk, which is obviously going to be very time consuming. Not to be that guy, but Kaspersky needs to appreciate how big of a f__ up this is. You've managed to completely disable all network connectivity for large amounts of users in one swift motion. I feel bad for the people that are getting chewed out for bringing 100+ endpoint networks down. Huge financial burden.