hey guys i have a question regarding this, for instance lets say i already have access to the victims PC with a javascript worm or vbs so i can execute other files, is it possible to kill AV atleast temporary so i can execute my other rat without it getting detected runtime, i tried all sorts of methods and none work, i tried to delete or change registry keys for av(i even changed key ownership to admin and changed permissions also to admin so its not system or trusted installer but it still didnt let me do shit it was just access denied), then i tried killing the process itself ofcourse that doesnt do jack shit access denied, then i tried stopping the service it wont let me aswell, tried all sorts of methods via cmd,powershell, i even tried to open registry editor with system privliges because i read a post on github and stackoverflow how you cant change some important registry if you dont have system privliges but it didnt do jack shit aswell access denied.
I was trying all of this on Avast and then i read a bit on avast forums about it and it seems avast has some sort of self defense feature, so is there really no way to disable AVs if you already have access with the js or vbs worm?? or am i missing something i rly hope there is a way to avoid using crypters if you already have access with the worm.:evil:
We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.
Hack Tools Resurrection
Question
Snuff
hey guys i have a question regarding this, for instance lets say i already have access to the victims PC with a javascript worm or vbs so i can execute other files, is it possible to kill AV atleast temporary so i can execute my other rat without it getting detected runtime, i tried all sorts of methods and none work, i tried to delete or change registry keys for av(i even changed key ownership to admin and changed permissions also to admin so its not system or trusted installer but it still didnt let me do shit it was just access denied), then i tried killing the process itself ofcourse that doesnt do jack shit access denied, then i tried stopping the service it wont let me aswell, tried all sorts of methods via cmd,powershell, i even tried to open registry editor with system privliges because i read a post on github and stackoverflow how you cant change some important registry if you dont have system privliges but it didnt do jack shit aswell access denied.
I was trying all of this on Avast and then i read a bit on avast forums about it and it seems avast has some sort of self defense feature, so is there really no way to disable AVs if you already have access with the js or vbs worm?? or am i missing something i rly hope there is a way to avoid using crypters if you already have access with the worm.:evil:
Link to comment
Share on other sites
2 answers to this question
Recommended Posts