Kaspersky Lab Forum > Script KidoKiller

Kaspersky Lab Forum > Forum para usuarios hispanohablantes > Virus

victorm

2.07.2009 18:10

Buen día a tod@s.

¿Existe la posibilidad de crear un script para ejecutar KidoKiller usando política de Active Directory?
De ser así, ¿cual es la secuencia de comandos?

Muchas gracias por su atención y respuestas.

Caos

2.07.2009 18:42

Lo normal es a través del Administration kit:

Revisa: http://support.kaspersky.com/viruses/solutions?qid=208279973

QUOTE

Switches to manage the utility KK.exe from the command prompt:

Switch

Description

-p <scan path>
scan a defined folder

-f
scan hard disks, scan portable hard disks

-n
scan network disks

-r
scan removable drives

-y
end program without pressing any key

-s
silent mode (without a black window)

-l <file name>
write info into a log

-v
extended log maintenance (the switch -v works only if the -l switch is entered in the command prompt)

-z
restore the services

* Background Intelligent Transfer Service (BITS),
* Windows Automatic Update Service (wuauserv),
* Error Reporting Service (ERSvc/WerSvc

-х
restore display of hidden system files

-a
disable auto start from all drives

-m
mode to monitor threads, tasks, services.
When in this mode, the utility constantly resides in memory and will periodically perform scans of threads, services, and scheduler tasks. If an infection is detected, it will perform disinfection and continue monitoring.

-j
restore the registry branch SafeBoot (if the registry branch is deleted, computer cannot boot in safe mode)

-help
show additional information about the utility

For example, in order to scan a flash-drive and to generate and write a detailed report into a file report.txt (which will be created in the setup folder of the utility KK.exe), use the following command:

KK.exe -r -y -l report.txt -v

QUOTE

-p <Scan path> - scan a defined folder
-f - scan hard disks
-n - scan network disks
-r - scan removable drives
-y - end program without pressing any key
-s - silent mode (without a black window)
-l <file name> - write info into a log
-v - extended log maintenance (the switch -v works only if the -l switch is entered in the command prompt)
-m - mode to monitor threads, tasks, services
-j - restore the registry branch SafeBoot (if the registry branch is deleted, computer cannot boot in safe mode)
-z – restore the services

* Background Intelligent Transfer Service (BITS),
* Windows Automatic Update Service (wuauserv),
* Error Reporting Service (ERSvc/WerSvc)

-x – restore display of hidden system files
-a – disable auto start from all drives

La línea de comandos dependera de donde este localizado el kido, etc..

victorm

2.07.2009 19:13

Hola Caos, muchas gracias de antemano por responder!

Eso mismo lo había planteado con el cliente, pero él afirma que la Consola esta disfuncional y estoy haciendo esfuerzos por rehabilitarla.

Pensaría que esos mismos comandos pueden inscribirse en un archivo bat mientras rehabilito la consola, ¿que opinas al respecto?

Buen día Caos!

Caos

2.07.2009 19:44

Hola,

Puedes ejecutar los comandos manualmente (pienso que con un .bat también) en cada puesto infectado, verifica que comandos necesitas en cada caso.
La recomendación es que lo desconectes de la red, ejecutes la utilidad, etc...

Saludos

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.