False detection on file tcpip.sys at October 25, 2013

Status
Not open for further replies.
Petrovic

Petrovic

Level 64
Thread author
Verified
Honorary Member
Top Poster
Well-known
Apr 25, 2013
5,356
On Friday, October 25, 2013, Kaspersky Lab has released anti-virus databases, which was mistakenly added detection system file tcpip.sys. This anti-virus databases detected as a malicious file tcpip.sys in Kaspersky Anti-Virus 6.0 for Windows Workstations running under Windows 7 (32-bit), put the file in Quarantine and delete the registry keys that refer to the file.

Our specialist have created the article with solution for this issue.

False detection on file tcpip.sys at October 25, 2013


Additionally, we would like to advise that we have automated solutions for not yet rebooted (the network works) as well as for already rebooted machines (the network is not available).
Please send a private message to (KL CentralSupport user) in order to get this fix.

Please accept our apologies for the inconvenience with the false positive detection of the tcpip.sys.

http://forum.kaspersky.com/index.php?showtopic=277201&hl=tcpip.sys

Method 1:
The computer has not been restarted, the network works:
Update anti-virus databases, make sure it is done and applied.
Run kaspersky_tcpip_fix.exe with administrator permissions.
Check if file tcpip.sys has been restored in folder C:\Windows\system32\drivers.
If file has not been restored, manually restore it from Quarantine.
If your network uses special settings (does not apply through DHCP), then:
Run regextr.exe <path to the backup of the SYSTEM hive – usually %windir%\system32\config\Regback\SYSTEM> <output reg-file e.g. extract.reg> with administrator permissions.
Run (apply) file extract.reg.
Reboot PC.
Method 2:
The computer has rebooted, the network is not available:
Disable anti-virus protection in case to exclude detection of file again.
Run kaspersky_tcpip_fix.exe with administrator permissions.
Check if file tcpip.sys has been restored in folder C:\Windows\system32\drivers.
If file has not been restored, manually restore it from Quarantine.
If your network uses special settings (does not apply through DHCP), then:
Run regextr.exe <path to the backup of the SYSTEM hive – usually %windir%\system32\config\Regback\SYSTEM> <output reg-file e.g. extract.reg> with administrator permissions.
Run (apply) file extract.reg.
Reboot PC.
Update anti-virus databases, make sure it is done and applied.
Enable anti-virus protection.
Click to expand...

http://support.kaspersky.com/tcpip
 
Status
Not open for further replies.

Similar threads

CyberDevil
    • Like
    • Hundred Points
    • +Reputation
Serious Discussion Services to check file security online
Replies
37
Views
1,518
General Security Discussions
CyberDevil
CyberDevil
Lord Ami
    • Like
    • +Reputation
    • Sad
New Update F-Secure beta version updates
Replies
81
Views
5,067
F-Secure
bazang
bazang
Shadowra
    • Like
    • +Reputation
    • Applause
App Review Malwarebytes Anti-Malware Premium
Replies
8
Views
1,307
Video Reviews - Security and Privacy
nickstar1
nickstar1

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top