Spyware, Viruses, & Security forum

General discussion

Ekb Keylogger 1.5!A2 found in Scan on computer

by Fred_ME47 / January 24, 2009 3:53 AM PST

Gateway WinME (7yrs old)----Have new Vista computer, but until this one dies, I'll just use it.

I just ran a trojan scan at A-Squared. It came back with 4 entries of a Keylogger. "Trace.Directory.Ekb Keylogger 1.5!A2". I quarantined it, then figured I'd hit the key to delete it.

Deleting it was very bad for My computer. Now when I go to "Start/Programs/Accessories/System Tools---or "Programs", all (Internet Explorer, Media Player, Trillian Chat) have disappeared from menu.

If I go to "search", then I can access the programs, but If I do that scan again, well, the keylogger is back. No one else uses computer, so I figure some idiot from the chats I go to put it on.

I guess the only thing to do is "re-install" right?? Maybe a "black hat hacker" school would be even better, lol.

Thanks
Fred

Discussion is locked
You are posting a reply to: Ekb Keylogger 1.5!A2 found in Scan on computer
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Ekb Keylogger 1.5!A2 found in Scan on computer
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Why don't you try.......
by Marianna Schmudlach / January 24, 2009 4:18 AM PST

to an earlier Restore Point ?

Does it work?

Collapse -
Would, but.......
by Fred_ME47 / January 24, 2009 8:04 AM PST

I've had system restore disabled since I've had computer. Don't really know why, just do. I did go to "My Computer" and just made shortcuts to desktop, then dragged to where I wanted them. If I in fact to have a keylogger, oh well, not like I put personal info on computer.

Thanks for reply..sorry for sarcasm at end of 1st post.

Collapse -
Found an older thread for WinMe
by Marianna Schmudlach / January 24, 2009 11:20 AM PST
In reply to: Would, but.......

Lost System Tools

http://forums.cnet.com/5208-6141_102-0.html?forumID=8&threadID=99480&messageID=1141577&tag=posts;tree#1141577

Regarding: Trace.Directory.Ekb Keylogger 1.5! A2 - did you ask at the A2 forum?

http://forum.emsisoft.com/Default.aspx?g=forum&c=1

Btw. I did a search for: Ekb Keylogger 1.5

Ekb Key Logger is a FREE program which was designed to keep track of how your PC is used while you are away. Unlike most other so-called free keyloggers, this one will start each time the PC starts and has a log file that is easy to read. Everything that is typed will be recorded including chat, email and passwords.

http://www.softpedia.com/progDownload/Ekb-Key-Logger-Download-46784.html

Did YOU ever install it?

Collapse -
Thanks So Much for Help so Far..
by Fred_ME47 / January 24, 2009 1:20 PM PST

"Lost System Tools"...Yes, I've done that with exception of SysRestore

No, haven't yet asked in A2 forum, being I was a member here, I tried here first. Now, I guess I'll sign up at A2, but I did look through forums there for answers, found none.

Yes, I also found site about Ekb Key Logger, gotta love Google. No, I never installed program. No sense in spying on just Me, right?

I just ran scan again, same results. Don't know if any of this matters. I got site from forum at ZoneLabs, which when link supplied clicked on, took me to "wwww.windowsecurity.com". Had to say "yes" to active x, scanner said last update to scanner was on 1/22/09.

Here are where the objects were found:

c:\windows/desktop, c:\windows\startmenu, c:\windows\startmenu\programs\, and c:\windows\programs\startup.

I didn't do anything this time, like quarantine or delete.

Well, again, Thanks for Your time
Fred

Collapse -
Why didn't you also "repair" System Restore?
by Marianna Schmudlach / January 24, 2009 2:19 PM PST

It can be VERY handy Wink

Google is MY "best friend" Devil

The file: "Trace.Directory.Ekb Keylogger 1.5!A2" was found in:

c:\windows/desktop, c:\windows\startmenu, c:\windows\startmenu\programs\, and c:\windows\programs\startup.

hmm...... did you have a look in C:\Windows\Program Files IF the program ist still there?


Also have a look here :

Go to Start > run > type msconfig click o.k.

Click on Startup and have a look IF you can find: Ekb Key Logger

IF yes - does it have a checkmark in front of it? IF "yes" take the checkmark out, pls. and reboot the computer.

Collapse -
Maybe I'll restore "System Restore" now...
by Fred_ME47 / January 25, 2009 8:39 AM PST

Yes, I've searched everywhere on computer for signs of this Keylogger.

I've found nothing.

Not in C;:\Windows\Program Files, msconfig/startup, even went into the registry searching under "ekb", "keylogger", and "ctkey.exe", both with and without the ".exe". Even went to "start/search" and typed in "*.exe", nothing found.

I realize this program is supposed to be stealth and starts up before anything else, but "if" it did exist on My computer, wouldn't I have found something??

Just a side note, yesterday when I went to check on My Yahoo email, My account was already signed in. I never signed in. Oh well.


Thanks for replies/help
Fred

Collapse -
The link I found on Google before I posted here...
by Fred_ME47 / January 25, 2009 11:43 AM PST

"http://www.securitystronghold.com/"

"Ekb Key Logger and ctkey.exe - Easily eliminate this problem"...that was the Header when I typed in Ekb Keylogger.

This is also from there site:

How to fix Ekb Key Logger

This problem can be solved manually by deleting all registry keys and files connected with this software, removing it from starup list and unregistering all corresponding DLLs. Additionally missing DLL's should be restored from distribution in case they are corrupted by Ekb Key Logger. To fix this threat, you should:

1. Kill the following processes and delete the appropriate files:

? ctkey.exe
? ctkey.lnk
? ekb key.exe
? ekb key.lnk
? ekb_uninstaller.exe
? grazy.ico
? verify.ini

All of the names above don't exist on My computer. I've searched everywhere. Also, I did register at A-Squared and posted the same. See what they have to say.

Just wanted You to know that I did try and find out on My own first...

Thanks So Much for All
Fred

Collapse -
Just a thought.....
by Marianna Schmudlach / January 25, 2009 2:10 PM PST

Fred, I believe you !

I was thinking, do you have a firewall on your computer?

Also...... do you have "view hidden files" on your computer enabled?

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.
2. Double-click on the My Computer icon.
3. Select the Tools menu and click Folder Options.
4. After the new window appears select the View tab.
5. Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
6. Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
7. Remove the checkmark from the checkbox labeled Hide protected operating system files.
8. Press the Apply button and then the OK button and shutdown My Computer.
9. Now your computer is configured to show all hidden files.

Collapse -
still thinking...........
by Marianna Schmudlach / January 25, 2009 2:24 PM PST
In reply to: Just a thought.....

Have you looked in the registry, IF you can find any entry ?

Like: Ekb Key or something similar?

Collapse -
How do I Remove a Keylogger?
by Marianna Schmudlach / January 25, 2009 2:41 PM PST

When you suspect that you are infected with a keylogger, do NOT type any personal information. Even if you are typing in a normal word document, the keylogger still keeps track of everything you type.

If you desperately need to login to your Email or somewhere secure and password protected, there is one way to get around the keylogger.

Click Start -> All Programs -> Accessories -> Accessibility -> On-Screen Keyboard


More info here: http://www.tech-faq.com/remove-keylogger.shtml

Collapse -
Fred...... WinPatrol should be able.......
by Marianna Schmudlach / January 25, 2009 3:14 PM PST
Collapse -
Wow, Thanks for All the Help
by Fred_ME47 / January 25, 2009 6:09 PM PST

I did get a reply from A-Squared, Lynx replied, and very quickly too. Impressive.

He pointed Me to the version for WinMe, Version 3.5, downloaded, did scan, got an all clear. That confused Me, guess the 1st scan I did must have had a glitch in it or something.

In answer to Your questions:

Yes, have ZoneAlarm Free...have Hidden Files to be shown...Did check Registry, nothing...I try to make it a habit not to type personal info, I have used a credit card a couple of times, but that was before I knew of logger...even if address begins with "https", will key logger still get that?...Yes, I'll try WinPatrol 14.0 as well.

Had Spybot, but Ekb wasn't one of the keyloggers it detects. Use SuperAntiSpyware as well

Again, Thanks for All Your Help, Very Much Appreciated
Fred

Collapse -
Does this mean, your computer is really clean??
by Marianna Schmudlach / January 26, 2009 12:20 AM PST
In reply to: Just a thought.....

IF WinPatrol also can NOT find anything, make sure, your System Restore is working again and make a NEW restore point !

Maybe it would be SAFER to change all your passwords !

You Are Very Welcome and Happy SAFE Computing !

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.