Wiretap Professional
|
Description:
|
Keylogger
|
|
Risk Level:
|
Low
|
|
Date of First Occurence:
|
Tuesday, July 08, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
REMOVER SPYWARE »
Geographical Distribution of Threat "Wiretap Professional"
Threat Info
View All
Detected Items
- Detected Files:
%PROGRAMFILES%\Wiretap Professional\ShellExecuteHook.dll
MD5: E2202567DC183C2294B648147D029173 Size:456704
%PROGRAMFILES%\Wiretap Professional\ie.dll
MD5: 0A1CE7DC823CDB025EB6E992A19D51C4 Size:491008
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%PROGRAMFILES%\Wiretap Professional\Hook.dll
%PROGRAMFILES%\Wiretap Professional\ie.dll
%PROGRAMFILES%\Wiretap Professional\scvhost.exe
%PROGRAMFILES%\Wiretap Professional\ShellExecuteHook.dll
%PROGRAMFILES%\Wiretap Professional\wiretap.dll
%START_PROGRAMSALL%\Wiretap Professional\Uninstall Wiretap Professional.lnk
%START_PROGRAMSALL%\Wiretap Professional\Wiretap Help File.lnk
%START_PROGRAMSALL%\Wiretap Professional\Wiretap Professional.lnk
- Files by Directories
%PROGRAMFILES%\Wiretap Professional %START_PROGRAMSALL%\Wiretap Professional
- Files by CLSID or Name
CLSID=935FA400-243D-11D3-B06E-857B2AE2BE64
CLSID=E8B31A72-AACE-412D-AA2C-D03FA6FCCDEF
- Registry Keys
HKCR\Applications\scvhost.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9626-LMIT
- Registry Values
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=scvhost
«
Go to Software Database
