Jump to content
scar11

AVP.exe process vulnerable to termination techniques used by Process Hacker

Recommended Posts

Hello,

 

I am not sure whether this is a bug or not, but I realized that using Process Hacker, I was able to terminate the AVP.exe processes running by Kaspersky Internet Security 2014 on my computer.

I made sure to have the self-defense of the application enabled, but that did not prevent Process Hacker from terminating AVP.exe.

 

I realized that process hacker can be ran as a command line utility to kill a process. Process Hacker can be transported as a standalone app and so can be embedded in a packed malware. I think that it could

easily be invoked by malware to terminate KAV process which took a certain time to restart automatically in my PC. In the meantime, I was able to successfully download and start EICAR.COM that displayed the

payload meaning that the computer was not protected during this time. I don't know to what extent this could reduce the protection level of Kaspersky, but it certainly does, at least that AVP can be terminated is

I think something that should be addressed seriously.

 

Thanks

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.