Jun 14, 2011

How to fight network worm: Net-Worm.Win32.kido

How to fight network worm Net-Worm.Win32.Kido

Methods of disinfection.

Regardless of the selected disinfection method, it is obligatory that the patch from Microsoft, that covers the vulnerability MS08-067, is installed. More information via the link: http://www.microsoft.com/technet/security/...n/MS08-067.mspx

A special utility should be used to remove this worm. Utility can be run locally on the infected PC, or remotely with the help of Kaspersky Administration Kit.

* To remove the virus locally:

1. Download the archive with the utility (klwk.zip) and extract the contents into a folder on the infected PC.

2. Run file run_klwk.bat

3. Wait till the scanning is complete.

* To remove the virus via Administration Kit:

1. Download the archive with the utility klwk.zip and extract contents into a folder.

2. In Administration Kit console create installation package for application klwk.com. In the installation package settings indicate command line parameters:

/path %WINDIR%\system32

3. Create a task for remote installation of the package to designated computers and run the task.

After the scanning is complete a window with the scan results will stay open, and it will be closed if any key is pressed.

To close this window automatically you can run the utility KLWK with additional parameter /y

/y /path %WINDIR%\system32


No comments:

Post a Comment