Wednesday, July 17, 2013

Avast antivirus services stopped by a malware:

Recently, i come across a malware which stops avast antivirus services, after the execution of the malware.

Its an upx packed file: unpacked it and found the strings which are targeted to stop mainly avast services- 


Already, Installed avast edition in windows xp environment or higher version.

Run that malware. After the restart of our system, we will find the following- avast services are stopped.
There is message we can see in the avast that system unsecured that avast antivirus program has been stopped and please restart the program.
There is option as start program in avast.
Then a process called visthaux.exe starts running in the process explorer. But that process unable to restart the avast service. 
Even restarting the system and tried to start the avast process- it didn't start.
Ok, then i try to scan my system, but when i press the start scanning: it through the message as unable to start scan-

Only thing Avast need to do- is to detect that malware. Today it detects the malware (prevention is better than cure).


No comments:

Operating system - Part 1:

 In our blog, we published several articles on OS concepts which mostly on the perspective for malware analysis/security research. In few in...