Dwarden,
Don't mean to upset the "apple cart" but it would be hard to encrypt an Av file with a modecum of success.
Encryption is a touchy issue and for general purpose applications like an AV, should be avoided.
However, your comment was a good one. The only thig that does help somewhat is a process guard which can be set to "prevent" AV shutdown from such an executable. ( I have one installed). This way, your AV continues to function and should be able to deal with the intruder.
What happens quite often is as Igor stated....
the exe file modifies or shutdowns the AV to the point of uselessness.
You can download "freeware" process guards.
Good luck
but even if your process guard works, if configuration is changed, you as user are not aware of such change, also this virus can go in multiple stages ...
first it will alter avast configuration file and add exclusion to various files/folders etc
second it wait till computer / avast restart ...
third execute real trojan / virus ...
i know the content of that code in someway dangerous, but if it become directed against avast, it will be very hard to defend before you know there is something like this ...
same problem got Kerio Personal Firewall and Tiny Personal Firewall and some other PF ... they got configurations in pure mode (xml etc) and were like open doors to mess with ...
avast can have e.g. md5 hash of own configuration file, if something alter it then md5 change, Avast see someone messed with and it will tell user in warning ...
that will be simple compromise ...
thoughts ?