matwachich Posted January 29, 2013 Posted January 29, 2013 Hi every body! I have a question: - Is it possible with AutoIt to list rootkit hidden files/registry keys/processes? I mean, like does anti-rootkit utilities like gmer or IceSword - If it's not possible using AutoIt, do you know any command line tool, or external ibrary that would help me doing that. Thanks!
JohnOne Posted February 1, 2013 Posted February 1, 2013 AutoIt is a scripting language/interpreter it is not an anti rootkit tool. To me, your question does not make any sense, you should ask a proper question if you would like a proper answer. AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans.
matwachich Posted February 1, 2013 Author Posted February 1, 2013 your question does not make any sense Sorry but I think the question is simple: How/is it possible to reproduce gmer's behaviour?AutoIt is a scripting language/interpreter it is not an anti rootkit tool.So does this mean that it's not possible?In this caseIf it's not possible using AutoIt, do you know any command line tool, or external ibrary that would help me doing that.PS: I can't make the question better than this!
JohnOne Posted February 1, 2013 Posted February 1, 2013 It's simple then, just get the source code of gmer and port it to AutoIt AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans.
matwachich Posted February 1, 2013 Author Posted February 1, 2013 After surfing on some open source anti-rootkits, I found that it's more complicated than I first thought. So, I found a small utility called catchme.exe that (I think) will be usefull to me. Solved. Thanks
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now