Re: replacement AV tray icon

[Jerome Athias <jerome () netpeas com>]

Hi & Hacky New Year!

I think that it's a good idea (since it allready exists in my pocket ;p)
It's so easy to make a fake AV trayicon and some windows based on
screenshots.
For the AV guardian, you could do the same killav-cron job ;)

I would do my best to help

PS: sorry & thanks to the moderator ;p

Le 07/01/2011 00:07, Robin Wood a écrit :
> I had an idea earlier after reading Mubix's latest blog post on
> killing AV. Sometimes when the AV dies it takes out the tray icon as
> well, I know most people won't notice but some might, could we have an
> app that contained all the different icons so when killav kicks in and
> kills it it can fire up the app telling it to use the appropriate
> icon, that way even an observant user won't notice.
>
> This also got me thinking about the AV apps that restart themselves. I
> know that some have a second process that watches to see if the main
> one dies and if it spots it it respawns it. I don't know how the
> guardian process checks but if it is by just checking for process
> names then we could use the app that shows the tray icon to also have
> the same process name, that way the guardian wouldn't know that the AV
> had been killed and so would never restart it.
>
> Does anyone think this is likely to help?
>
> Robin
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework