No. Secure antivirus deployments would include a "tamper protection" password.
You cannot uninstall the AV without knowing that password, even in safe mode.
My methods bypasses the tamper protection mechanisms in the AV.
Roberto
> On Dec 8, 2020, at 11:13 AM, Exibar wrote:
>
> Would this not
I tested your POC on Windows 10 home, build 1904, and it failed to disable
Windows Defender. Windows Defender still loads in safe mode, so renaming the
"C:\Program Files (x86)\Windows Defender" folder fails because an executable in
the folder is running. To disable Windows Defender, you need t
Would this not be the same as uninstalling the AV application in safemode?
-Original Message-
From: Fulldisclosure [mailto:fulldisclosure-boun...@seclists.org] On Behalf
Of Roberto Franceschetti
Sent: Sunday, December 6, 2020 9:01 PM
To: fulldisclosure@seclists.org
Subject: [FD] Disable Wi
