Remove Ehks
Removal instructions

Severity scale:  
  (44/100)
Ehks | Type: Keyloggers
Variants: Ehks 2.0, Ehks 2.1, Ehks 2.2

From the publisher:
-= ev0luti0n HTTP keylogger 2.0 beta =-
~ expl0it_shad0w ~
Introduction
Hey again all, im back with ehks v2beta. Ive changed this version alot. It seems by the feedback you guys gave me last time, that v1 wasent good. Most of the feedback was negative and it didnt work. And alot of you infected your selfs and asked me about where to find the missing (.dll). There was never a missing (.dll), it was a fake error meesage, like I stated in the readme file. Anyway Ive took out the fake error message this time, so you might have to bind it with another application/jpeg or whatever.
NOTE: DONT OPEN SERVER.EXE unless you want to infect your self....
Instructions
Follow these instructions.
1. Rename 'Sever.exe' to what ever you want, make it convincing, not like 'TROJAN.exe' or 'KEYLOGGER.exe'.
2. Send it to them and tell them its a new hacking tool, NOTE: Try binding it with a real one. If you know how.
( Once the victim opens it, it hides in memory and records all the key stokes on the computer, so you can view them with an Internet Browser like MSIE. )
3> Connect to there machine on port 80 with an Internet browser, as stated above. Type in there IP address into it and just hit Enter. For example if the victims IP address was 127.0.0.1 you type in http://127.0.0.1 or just 127.0.0.1. There IP WONT be 127.0.0.1.
(or)
If you have Physical Machine Access, rather than remote, you can just opne up an internet browser on there machine and type in http://127.0.0.1 and this should bring it up.
Features/Misc
Heres whats been added in version 2beta.
* Better Stealthing code - hopefully wont crash.
* Better Keylogging code - you can now see the windows handle and what they are typing in it.
* Better HTML log file - much more user friendly.
* Added Anti-firewall/Anti-AntiVirus - this will hopefully stop most firewalls and anti-viruses.
expl0it_shad0w

ehks v2.1 is simply a keylogger which lets you check the log files remotely via a web browser (e.g, Internet Explorer) Connect to there machine on port 80 with an Internet browser. This version is 100% Different, ive completely re-built it.
Supported Version of Windows, * win9x - Ive only tested on a 9x box, so if you guys are gonna test on a different machine, let me know im uncertain as to weather or nto it works win XP, some beta testers say yes, some say no, im looking, into this for the next version. The keylogger doesnt run under NT, I have tried, but feel free to try for your selfs, and give me feedback on the result.
Features/Misc
Ehks has been 100% re-built. Heres whats been added/changed in version 2.1.
* Better Stealthing code - hopefully wont crash.
* Changed Keylogging code - you can now see the windows handle.
* Changed HTML log file - alot better, so people have said anyway.
* Added Anti-firewall/Anti-AntiVirus - this will stop most firewalls and AVS's
* Added Function to get dialup, share, and other chached passwords.
* Added Function to get Machine Info
* Multi-Log File Support - all log files have there own unique filename
* Added Mutex usegae, to stop cant write to file error's hopefully
expl0it_shad0w' Ehks properties:
• Takes and sends out screenshots of user activity
• Sends out logs by FTP or email
• Logs keystrokes
• Hides from the user
• Stays resident in background

Automatic Ehks removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Ehks you agree with our Privacy Policy and Agreement of Use.
Do it now!
Download
remover for Ehks Happiness
Guarantee
Compatible with Microsoft
SpyHunter is recommended remover to uninstall Ehks. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove Ehks using SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.

Alternate Software

STOPzilla
We are testing STOPzilla's efficiency at removing Ehks (2004-11-11 07:50:03)
SpyHunter
We are testing SpyHunter's efficiency at removing Ehks (2004-11-11 07:50:03)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing Ehks (2004-11-11 07:50:03)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing Ehks (2004-11-11 07:50:03)
Virus Removal Phone Support
1-877-657-9614
Help Line to remove Ehks

Ehks manual removal

Kill processes:
client.exe, ehks21.exe, server.exe, spooi32.exe, ymupdater.exe
Delete registry values:
HKEY_LOCAL_MACHINE \ software \ microsoft \ windows \ currentversion \ run \ spoolersubsystemprocess
HKEY_LOCAL_MACHINE \ software \ microsoft \ windows \ currentversion \ run \ ymupdater
Delete files:
client.exe, ehks21.exe, server.exe, evlog.dat, evo_12-11-22_11-20.html, smsg.html, spooi32.exe, ymupdater.exe

Geolocation of Ehks

This map reveals the prevalence of Ehks. Countries and regions that have been affected the most are: Germany.

QR code for Ehks removal instructions

Ehks qrcode QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.
The reason we add QR code to the website is that parasites like Ehks are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall Ehks right in your pocket.
Simply use the QR scanner and read removal instructions from mobile device.

Information added: 2004-06-28 05:57
Information updated: 2004-11-11 05:12

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Users comments about Ehks:

Post Comment

Attention: Use this form only if you have additional information about Ehks parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)
Like us on Facebook
News
Subscribe
Ask us
Parasites
Tags
Files
What's your antispyware?
Compare
I failed to remove Ehks using SpyHunter.

Email


Close
add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!