If your computer is being attacked by an unknown worm (you are using Kaspersky Anti-Virus with the last updates available and it does not detect suspicious objects) and you do not know how to protect your computer from the worm, use the utility kldump.exe. This utility creates dump files of network attacks. You can then send such dump files to Kaspersky Lab for analysis.
Run the utility on the computer which is experiencing the unknown network attack. It is necessary to reproduce the situation on the same computer to get an adequate dump file.
If you run the utility without any switches, the full list of applicable switches will be displayed. It is strongly recommended to start the utility with one of the following switches:
You can use the following command line switches to start the utility:
-f – network attack dump file name
-r : - remote address and port from which packages come (separated by a colon)
-l : - local address and port to which packages come (separated by a colon)
-p – network protocol to create the dump for: tcp, udp or icmp.
-b – log broadcasts into the dump file
After creating a network attack dump file, send it to the following e-mail address: newattack@kaspersky.com. Subject = New network attack. If your network attack dump file has registered a previously unknown network attack, its detection will be added to the Intrusion Detection System database.
Knowledge base
Product Info
System requirements
196 
2009 Oct 07 18:00
If you run the utility without any switches, the full list of applicable switches will be displayed. It is strongly recommended to start the utility with one of the following switches: 