How do programs cause an AV/firewall/system processes to shut down or get disabled?
Printable View
How do programs cause an AV/firewall/system processes to shut down or get disabled?
as long as you know the process that is running, you could easily write a script to stop the process.
viruses/worms have it built in their code to disable them. If the AV is not updated to catch that particular worm/virus, and the virus infects the computer, it will disable it.
Hmm...I don't know, but I'm going to guess. Modifications to the Windows registry perhaps?
So a virus would be dependent on the OS version as well as the versions of the other programs like AV's or firewalls?umm and if it were,wouldnt it take a LOT of code just to disable certain features?
Mainly by knowing what the process is called and just shutting it down. Most don't use rocket science
:D
some virus ARE version dependent. Or even language dependent (works on Russian Windows, but not on English version).
About shutdown services (windows or unix) is quite easy as nihil stated. All of them has standard name. I.E. you can find all NIS process and kill them. Or even delete them. Even on Unix you can kill those process (is special with you got malware while logged as an admin)
To spread evil, they dont want to infect ALL systems, just 1% will cause a big problem :)