Wiretap

Description: Keylogger
Risk Level: High
Date of First Occurence: Tuesday, July 10, 2007
Software Developer: (unknown)
Brief Info: Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
Removal: This threat can be removed using "Spyware Terminator"

SCAN & REMOVE NOW »

Geographical Distribution of Threat "Wiretap"

Threat Info

View All

Detecting items list:

  1. Files by Name %ProgramFiles%\Wiretap Professional\scvhost.exe %ProgramFiles%\Wiretap Professional\ShellExecuteHook.dll %ProgramFiles%\Wiretap Professional\Hook.dll %ProgramFiles%\Wiretap Professional\irunin.ini %ProgramFiles%\Wiretap Professional\irunin.dat %ProgramFiles%\Wiretap Professional\irunin.lng %ProgramFiles%\Wiretap Professional\irunin.bmp %ProgramFiles%\Wiretap Professional\aide.htm %ProgramFiles%\Wiretap Professional\ayuda.htm %ProgramFiles%\Wiretap Professional\config.xml %ProgramFiles%\Wiretap Professional\config.~xml %ProgramFiles%\Wiretap Professional\help.htm %ProgramFiles%\Wiretap Professional\hilfe.htm %ProgramFiles%\Wiretap Professional\Languages\English.lng %ProgramFiles%\Wiretap Professional\Languages\French.lng %ProgramFiles%\Wiretap Professional\Languages\German.lng %ProgramFiles%\Wiretap Professional\Languages\Spanish.lng %ProgramFiles%\Wiretap Professional\Help\English\RD.gif %ProgramFiles%\Wiretap Professional\Help\English\get_flash_player.gif %ProgramFiles%\Wiretap Professional\Help\English\help.css %ProgramFiles%\Wiretap Professional\Help\English\helpcontents.css %ProgramFiles%\Wiretap Professional\Help\English\left.htm %ProgramFiles%\Wiretap Professional\Help\English\main.htm %ProgramFiles%\Wiretap Professional\Help\English\nic.gif %START_PROGRAMSALL%\Wiretap Professional\Uninstall Wiretap Professional.lnk %START_PROGRAMSALL%\Wiretap Professional\Wiretap Help File.lnk %START_PROGRAMSALL%\Wiretap Professional\Wiretap Professional.lnk
  2. Files by Directories %ProgramFiles%\Wiretap Professional %START_PROGRAMSALL%\Wiretap Professional
  3. Files by CLSID or Name CLSID=935FA400-243D-11D3-B06E-857B2AE2BE64
  4. Registry Keys HKLM\SOFTWARE\Classes\Applications\scvhost.exe HKLM\SOFTWARE\Classes\ShellExecuteHook.TShellExecuteHook HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wtp_is1
  5. Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=scvhost Value=%ProgramFiles%\Wiretap Professional\scvhost.exe

« Go to Software Database