A Digital Age Deserves A Digital Leader

SiSBase.dll

SiSBase.dll

Postby ktjo » Fri Jul 16, 2004 7:22 pm

For some reason unknown to me, a file has gone missing in sistray.exe

I get two notices (nicely boxed with lovely little Red X):

The first says:

sistray.exe
entry point not found
?ReadKeyString@CSISReg@@SAHPAD0H0PAUHKEY-@@K@Z could not
be located in dynamic link library SiSBase.dll.

The second says:

keyhook.exe
procedure entry point
(and then repeats the information given above)

Making the *huge* assumption that I can d/l and install
this as a stand-alone file...can anyone point me in the
direction of a source for it??

If my assumption does what assumptions usually do :embarrassed:
hope you can ... HELP!!!

Thanks in advance,

K
PRO New Member
Posts: 6
Joined: Fri Jul 16, 2004 7:05 pm
Location: BC

Postby imnuts » Fri Jul 16, 2004 7:26 pm

what exactly are sistray.exe and keyhook.exe used for
Image
PRO SUPREME
User avatar
Posts: 7457
Joined: Wed Mar 24, 2004 5:19 am
Location: Boothwyn, Pennsylvania
Real Name: Mark

Postby SCgone » Fri Jul 16, 2004 7:31 pm

Both of these problems can be cause by trojans. If you use an antivirus product, make sure it's up to date. You should also try scanning with an online program such as Symantecs. There's a link to it on this page.

http://securityresponse.symantec.com/
PRO PLATINUM
Posts: 6879
Joined: Thu Mar 14, 2002 11:59 pm
Location: South Carolina, USA

Postby beamsabre » Fri Jul 16, 2004 9:21 pm

Start a spyware scan (AdAware and Spybot S & D), then run an antivirus scan. I'm banking its one of the other or both.
War dosen't prove who's right, only shows who's left.
PRO Level 3
User avatar
Posts: 51
Joined: Fri Jul 09, 2004 10:49 pm
Location: South Carolina

Postby ktjo » Fri Jul 16, 2004 11:57 pm

Thanks, but I've run both Adaware and Norton - nada.

In the meantime, I've still got the problem of the missing files.

Any suggestions on where I might find them would be appreciated.

Thanks again..:)
PRO New Member
Posts: 6
Joined: Fri Jul 16, 2004 7:05 pm
Location: BC

Postby DRAGON OF DARKNESS » Sat Jul 17, 2004 12:01 am

Search the internet for the missing files. ^*^
PRO Level 16
User avatar
Posts: 1826
Joined: Fri Jul 16, 2004 11:14 pm
Location: MIA > FLA > USA

Postby SCgone » Sat Jul 17, 2004 1:34 am

ktjo wrote:Thanks, but I've run both Adaware and Norton - nada.

In the meantime, I've still got the problem of the missing files.

Any suggestions on where I might find them would be appreciated.

Thanks again..:)


Do a search of your computer without the extention. They may have been renamed. Search for systray.* and keyhook.*
PRO PLATINUM
Posts: 6879
Joined: Thu Mar 14, 2002 11:59 pm
Location: South Carolina, USA

Postby phileysmiley » Sat Jul 17, 2004 1:49 am

Keyhook.exe records your keystrokes. See:

Method: Keystroke Recorders
Description: Keystroke recorders (aka. keyboard loggers, keyloggers, keystroke hookers, etc) are programs with the ability to record keys pressed on the keyboard. Usually, programs only need to monitor the keys being pressed in their own application, but sometimes programs need to be able to record all keys pressed in all programs. For example, a trojan might want to record all your keystrokes so as to see which usernames and passwords you type in, as well as any websites you visit, as well as any chat sessions you might have. To achieve this, the program must create a global keyboard hook. It achieves this by making a call to the SetWindowsHookEx function in user32.dll

Source
Media Director
User avatar
Posts: 13745
Joined: Mon Jun 21, 2004 4:20 pm
Location: Delray Beach FL USA
Real Name: Larry Richman

Postby phileysmiley » Sat Jul 17, 2004 1:52 am

Sistray.exe is also a trojan. See:

Trojan Characteristics:
This is a trojan which displays Italian messages, modifies the registry and shuts down the system after each reboot.

When executed it does the following:


Drops the files Sistray.exe and Sistrai.exe into folder C:\Windows\Command\
The file Sistrai.exe is a utility which shuts down the system and we detect it as 'Reboot-Q trojan'
Drops the file Explorer.exe into folder C:\Windows\System\

Replaces Autoexec.bat - The original is renamed to Autoexec.bac

Renames the MSconfig.exe in C:\Windows\System\ to system12.sys

The following registry keys are modified so that the system is shut down after every reboot.


HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsCurrentVersion\Run
"Sistray" C:\Windows\Command\sistrai.exe


HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsCurrentVersion\RunOnce
"Sistray" C:\Windows\Command\sistray.exe

It disables the Windows REGEDIT utility so that the user cannot edit the registry by setting the the following key value to 1:


HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools

It also removes the Run option from the Start menu as well as 'Favourites, 'Documents' and 'logoff' by setting the their key values to 1 from the following registry location.


HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer


Source
Media Director
User avatar
Posts: 13745
Joined: Mon Jun 21, 2004 4:20 pm
Location: Delray Beach FL USA
Real Name: Larry Richman

Postby imnuts » Sat Jul 17, 2004 2:06 am

basically, they aren't good things to have running in the background
Image
PRO SUPREME
User avatar
Posts: 7457
Joined: Wed Mar 24, 2004 5:19 am
Location: Boothwyn, Pennsylvania
Real Name: Mark

Next

Return to General Windows Support

Who is online

Users browsing this forum: No registered users and 8 guests