Forum Thread: Post Exploiting - How to Disable Anti Virus?

My friends and colleagues were successful with my computer and the firewall was open but I do not accept it because some modules like the Metasploitte persistence are virus-aware and meanwhile I do not have administrator authority on the system against the virus;

ACCESS DENIED when I try to close with CMD.

When I try to delete the Regeditte Run to prevent it from running at the beginning, ACCESS DENIED.

ACCESS DENIED when I try to delete system files in Program Files.

I took the mistake.

Is there any other solution to shutting down or try to miss modules like Metisploitte Persistence somehow from AV so how can I get away from AV? In the meantime, were the bumodules written in perl or ruby?

Sorry Guys Google Translate :)

2 Responses

Anti-viruses operate at the kernel level meaning you require SYSTEM privileges to even think about touching them. You can try to delete all the files in user land but it will never work because, like all rootkits, anti-viruses will prevent the operating system from performing any actions that may tamper with its files. Another way to disable an anti-virus is through user interaction to manually disable it via its options where you should be able to disable real-time monitoring or active shields This can be done using some sort of remote desktop protocol.

Share Your Thoughts

  • Hot
  • Active