Jump to content

AVP.exe process vulnerable to termination techniques used by Process Hacker

Recommended Posts



I am not sure whether this is a bug or not, but I realized that using Process Hacker, I was able to terminate the AVP.exe processes running by Kaspersky Internet Security 2014 on my computer.

I made sure to have the self-defense of the application enabled, but that did not prevent Process Hacker from terminating AVP.exe.


I realized that process hacker can be ran as a command line utility to kill a process. Process Hacker can be transported as a standalone app and so can be embedded in a packed malware. I think that it could

easily be invoked by malware to terminate KAV process which took a certain time to restart automatically in my PC. In the meantime, I was able to successfully download and start EICAR.COM that displayed the

payload meaning that the computer was not protected during this time. I don't know to what extent this could reduce the protection level of Kaspersky, but it certainly does, at least that AVP can be terminated is

I think something that should be addressed seriously.



Share this post

Link to post

  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.