I haven’t had much time to post anything lately as I was busy with other important things. Recently I had some time to enhance the Viktor Cleaner suite and release a new more automated version that can unload most modern AVs from memory (without reboots) and keep the system stable. I’ve tested these products so far (All was done on Win7 32bit)
And managed to silently unload and stop all those above AVs. It does not matter if you protect the AV with uninstall password, Viktor kills it no matter what. It works well in Metasploit shell (although I have not had time to do a full meterpreter script) it is usable via shell command (in some cases you need to System elevate). Of course you might say what is the reason behind all this if the AV can detect most Metasploit generated executables. There is a way to bypass any modern AV engine (tested) but Im not going to cover that now. Viktor does only what he is intended to do, he cleans.
I’ve uploaded the whole release here, but in order to make it a little interesting I’ve encrypted the file using bcrypt and hid the password in the file. If interested I can post hints how to decrypt this thing.