Archived from groups: alt.comp.hardware.homebuilt,comp.sys.ibm.pc.hardware.video,alt.computer.security,alt.comp.virus (More info?)
Hello
Windows task manager showed KEYHOOK.EXE running as process on a PC I was
working with today. More than one result from Google indicated that this
was associated with an SIS keyboard driver, designed to do some kind of
filtering. But some indicated that this was full blown malware designed
to log keystrokes.
One description of keyhook.exe, and removal instructions can be found
here...
http://www.pestpatrol.com/pestinfo/b/backdoor_bo_plugin_keyhook.asp
I didn't find any DLLs, but I did find the .exe, removed it, its
associated registry entry, and then rebooted.
Reading the setup.ini file in a zipped driver package that I downloaded
for an SIS 315 based video card in this system, showed that keyhook.exe
was apparently installed with this video cards driver.
Here is a snippet from the setup.ini...
[Utility.KeyHook]
ID=Khooker
Name=Khooker
Display=0
Select=5
WriteReg="[RegWrite.KeyHook.Win9X]", "%OS_9X%"
WriteReg="[RegWrite.KeyHook.WinNT]", "%OS_NT%"
There are several other entries in the setup.ini related to keyhook.
Here is the page where the driver was found...
http://www.softwarepatch.com/utilities/sis315.html
Which eventually takes you too...
http://driver.sis.com/graphic/gpu/315/
Does keyhook.exe have anything to do with keylogging, and if so, why
would keyhook.exe be installed with a video card driver?
Thank in advance
Edward Crismond
Hello
Windows task manager showed KEYHOOK.EXE running as process on a PC I was
working with today. More than one result from Google indicated that this
was associated with an SIS keyboard driver, designed to do some kind of
filtering. But some indicated that this was full blown malware designed
to log keystrokes.
One description of keyhook.exe, and removal instructions can be found
here...
http://www.pestpatrol.com/pestinfo/b/backdoor_bo_plugin_keyhook.asp
I didn't find any DLLs, but I did find the .exe, removed it, its
associated registry entry, and then rebooted.
Reading the setup.ini file in a zipped driver package that I downloaded
for an SIS 315 based video card in this system, showed that keyhook.exe
was apparently installed with this video cards driver.
Here is a snippet from the setup.ini...
[Utility.KeyHook]
ID=Khooker
Name=Khooker
Display=0
Select=5
WriteReg="[RegWrite.KeyHook.Win9X]", "%OS_9X%"
WriteReg="[RegWrite.KeyHook.WinNT]", "%OS_NT%"
There are several other entries in the setup.ini related to keyhook.
Here is the page where the driver was found...
http://www.softwarepatch.com/utilities/sis315.html
Which eventually takes you too...
http://driver.sis.com/graphic/gpu/315/
Does keyhook.exe have anything to do with keylogging, and if so, why
would keyhook.exe be installed with a video card driver?
Thank in advance
Edward Crismond
Facebook
Twitter
Instagram