McAfee AV bypass for Metasploit payloads

[DPorcello at vermontmutual.com (David Porcello)]

Hi all,

I'm doing an in-house pen-test and I'm having a heck of a time building an msfpayload executable that evades McAfee AV 
detection. I've tried all the techniques in Metasploit Unleashed (section 08 / Antivirus Bypass), including the 
windows/shell/reverse_tcp method that's only detected by 3 out of 32 major AV engines (unfortunately McAfee being one 
of them). I even tried a simple windows/exec payload to net stop the AV services, but that's caught as well. McAfee's 
detecting all of these as "Downloader-BQQ".

Anyone have any other tricks?

Thanks in advance!
dave.

NOTICE: The information contained in this e-mail and any attachments is intended solely for the recipient(s) named 
above, and may be confidential and legally privileged. If you received this e-mail in error, please notify the sender 
immediately by return e-mail and delete the original message and any copy of it from your computer system. If you are 
not the intended recipient, you are hereby notified that any review, disclosure, retransmission, dissemination, 
distribution, copying, or other use of this e-mail, or any of its contents, is strictly prohibited.

Although this e-mail and any attachments are believed to be free of any virus or other defects, it is the 
responsibility of the recipient to ensure that it is virus-free and no responsibility is accepted by the sender for any 
loss or damage arising if such a virus or defect exists.