Powered by Windows XP Pro

Install and Setup Tips for KAV 5.0

Select a Tip

 

Below you will find instructions for setting up Kaspersky 5.0. You most likely ended up here after it was determined that normal removal tools were not able to remove the type of infection you have. Go here to download the free KAV Personal 5.0 Trial (good for 30 days) http://www.kaspersky.com/index.html or [site1] [site2] [site3] [site4]

In the event you can not reach any of the above locations, it's been reported that some users are blocked from the KAV site due to changes in the HOSTS file. If you cannot get to the download link provided or are having trouble updating KAV, try the following:

Download the Hoster from here: http://www.funkytoad.com/download/hoster.zip
Unzip, double-click Hoster.exe click Restore Original Hosts and click Ok  Exit Program.
Note: if you were using a custom Hosts file you will need to replace it later.

Once at the Kaspersky site, click on Downloads on the left menu.

  • Then scroll down and click on trial versions
  • Select: Kaspersky Anti-Virus Personal 5.0
  • You will be presented with a list of locations (select a location closest to you)
  • Click Save, then navigate to the location of the download.
  • Double-click on kav5.0trial_personalen.exe to start the install.
  • You will see this screen showing the default folder it will install into. Click Next.

During the install if KAV detects another AV running on your PC it will advise you to uninstall it. You can do that or you can disable the existing AV program and then press Yes to continue.

The way to disable resident protection differs for different anti-virus programs. You might try right clicking on the icon for your AV program in the Windows System tray (on the lower right hand part of the screen) and looking at the different options.

Alternatively, you may disable your Antivirus from starting with Windows using Msconfig.

  • Start > Run (type) msconfig and click Ok. Click on the Startup Tab
  • Uncheck all the startups relating to your AntiVirus and reboot.

The important thing is to set your current AV not to scan as your files are accessed, so that KAV can do its job. Next you will see this screen showing the default folder it will install into. Click on Next.

Next you will see the Kaspersky Anti-Virus Personal 5.0 Setup Wizard. It will advise you to close all other applications before starting setup. Do that and then press *Next* to continue.

You will then be presented with the License Agreement. Read that and when done you can agree to continue. Next is the Customer Information screen. Just fill that in as you prefer and click on Next to continue. You will be presented with some important KAV notes. You can save these if needed to refer to later.

Important! remove the green checkmark the box that says Operate according to Recommended settings. This is so you can do a custom install. [required step]

Press Next to continue after you have read those and unchecked the box for recommended settings.

On the next screen, please uncheck the box for "Use real-time protection against network attacks "
This has been known to cause problems on PCs running certain firewalls, you can try enabling it later after the initial install and scan.

You may leave the iStreams technology box checked if you like but it is generally recommended not to checkmark that box if you are going to uninstall KAV again after the infection has been removed.

Next select the Destination folder. Click Next to continue, you will get the Finish screen.

KAV will now open. If you are running a firewall, allow KAV to connect to get the updates it needs. Wait while the updates are downloaded and installed.

Now get the "extended database" of updates as well, to remove other Malware that exists.

  • Look under Settings, and then Configure Updater select: Extended Database.
  • Click *OK* and then "Check for Updates" you will get another update which will install.
  • Now click on Settings and select: Configure On-demand scan settings
  • Select Perform recommended action and click Ok.
  • You might prefer to set the scan level to maximum (just to be sure that nothing is hiding)


Preparing to scan your machine

Close KAV and any open programs you have running.

Then reboot, on restart, restart in Safe Mode [required step] (instructions here)

  • Physically Disconnect from the Internet.
  • Open KAV but do not start the scan yet (now and this is very important)
  • Press Ctrl + ALT+DEL and bring up Task Manager.
  • Click the Processes tab and End Process on any of your Antivirus programs. (required step!)
  • Next right-click on Explorer.exe, select stop process

Now your desktop will go blank and you will have no Taskbar or menu etc. you will still have Task Manager and KAV open on desktop so do not close them.

  • Start a full system scan. Click on the protection tab, Select: Scan My Computer
  • It will take some time probably 2 or 3 hours and will delete any infected files it finds.
  • When completed, click on the Task Manger Click File > New Task (run)
    (type) explorer to regain the desktop etc. Close KAV and the Task Manager.
  • Reboot back into normal mode.

Additional cleanup may be needed. Please be sure to post in the Forum if you have any questions or problems with the above instructions.
 
IMPORTANT NOTE! These type Malware infections may change the default Security Settings, your Trusted Zone, etc. Please be sure to check all of your security settings after disinfecting.

If you are asked to post a KAV log from your scan. Here's how: Click on View Reports

  • When you go to View reports, you will see a list.
  • Right-click on the report Full Scan and a menu opens.
  • Select: Export detailed report to file which allows you to save it.
  • It defaults as a .csv file, however select: save as .txt.
  • Give it a name and click Save to save the log.

     


Then you can post your report to a Forum reply for review. (recommended)
Note: you should post the report in a separate reply as it can be quite large.

In the event you uninstall the Trial version, don't forget to re-enable any disabled Startup entries for your existing Antivirus program.


If you have lost Explorer.exe from attempted cleaning with another AV or tool
Please contact Microsoft's PCSAFETY. This is a free service and toll-free call.

1-866-PCSAFETY
or 1-866-727-2338
This phone number is for virus and other security-related support.
It is available 24 hours a day for the U.S. and Canada.

For support outside the United States and Canada, please contact your Microsoft Help and Support worldwide. Go to this page and choose your region from the box in the upper right corner:
http://support.microsoft.com/?pr=SecurityHome
 
Editors Note: this article was recreated from an article posted at CastleCops.
The original article was created by CalamityJane - Microsoft MVP Windows-Security.



 

ASAP Proud member Alliance of Security Analysis Professionals since 2004
Copyright © 1998 - 2005 All rights reserved.
http://mvps.org/winhelp2002/kav5.htm