I was using Kaspersky Endpoint Security for Windows for a while, and I wanted to test EDR.
I downloaded and executed script from GitHub, [EDR Testing Script](https://github.com/op7ic/EDR-Testing-Script) and it failed miserably. It allowed everything to be downloaded and executed, let remote shell scripts to be run, files to install, and it did that as a user. I didn’t even run that script as an admin. Worse thing is, KES uninstalled itself afterwards.
I thought maybe I did something wrong, I installed KES from the cloud management console again, did app and database updates, did critical areas scan, restarted computer, and executed script again. Well, KES uninstalled itself again.
My only relief is that I was executing a test script with no harmful elements. If Kaspersky’s business client is doing that, then how can I even trust consumer apps?
I was recommending Kaspersky to everyone but this incident changed my whole view on Kaspersky.
Edit. I am not even going to mention Windows Defender. It didn’t even give a single warning.