AgentSmith15 Posted October 24, 2007 Share Posted October 24, 2007 (edited) Hey everyone, I have a program that is blocking AutoIt and AHK and the like. This unfortunatly legit program is utilizes a rootkit to hide itself and it's drivers that it loads and injects itself into every process in the process list. I guess my question boils down to does AutoIt use drivers to emulate keystrokes and mouse movement? Is that how AutoIt is blocked or are there otherways as well? I guess the program is hooking User32.dll and catching all the sendkeys? Is there a another way? EDIT: I'm sorry for posting in the "Developer Chat" because this has nothing to do with developing, but this is the place where people know the source inside and out. Thank you for your time and consideration. Edited October 24, 2007 by AgentSmith15 [center][/center] Link to comment Share on other sites More sharing options...
Richard Robertson Posted October 24, 2007 Share Posted October 24, 2007 AutoIt uses mouse and keyboard "events". It uses the function SendInput (if I remember correctly) and that single function may be hooked. Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted October 24, 2007 Moderators Share Posted October 24, 2007 I'm curious, what program/game would you download knowing that it's installing a rootkit, and taking control away from you? I can see this being a training exercise in a virtual environment, but you're posting as if it is on your main PC. Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now