ERROR_VIRUS_INFECTED - Operation did not complete successfully because the file contains a virus or potentially unwanted software.

[adamsheasec]

Hi!

I've tried to run this, but I dont know why it's giving me this error message. I used msfvenom to create my own dll with just the standard command.

Here is the full issue:

Any help at all would be appreciated! Thanks in advance.

[jtsfvieira]

So, means that you have a good antivirus ;)

[adamsheasec]

I thought so! But I'm running this against a Windows Server 2019 VM with Defender turned off and no other AVs, and I'm still getting this issue. If that's the case, then it shouldn't be picked up by an AV, right?

[Samson196]

I heard from a little birdy that the .dll file needs to be obfuscated... a little bit of AV bypassing...

[solftclone]

You can turn off the real time protection. That will help. I also encountered same issue. But turning off that real time protection on victim machine solved that

[Cyberopss]

I encountered the same issue. It occurs due to windows defender because manually turning off real time protection does not really turn off the defender

There are 2 ways to solve the issue

1. Disabling windows defender from the server Manager

• Log in to your Windows Server 2016.

• Click on the Server Manager.

• Go to Manage and click on Remove roles and features.

• Untick the Windows Defender and click on Next. In the last step, click on the Remove button.

2. Second way around is to turn off windows defender from group policy

Although I tried first one and it worked for me
Okay seee ya