I am stuck at post exploitation scenario.
using bugged pdf i am successfully getting a meterpreter prompt. i can successfully close the firewall and windows balloon on the target system(Win Xp Sp 3) using the meterpreter
But the problem is with antivirus.. Killav.rb command is not potent .so i am trying to disable the antivirus service using following command in shell.
sc config <service name> start= disabled
I am getting error as access denied, I have administrative rights, i am sure about that..
what i have found is that all latest AV be it avast, avg etc are coming with
SELF PROTECTION MODULE . and i think without disabling the module Anivirus cant be killed on the target system..
Can any one tell me how to disable the MODULE, once its diabled i can succesfully disable the AV..