Personal Inspector
Personal Inspector is a key logger which records all keystrokes.It can automatically track addresses and titles of all visited web pages, record all keystrokes (including passwords), save contents of Windows clipboard and take screen captures of the
desktop and working application windows. All collected data is stored in the secret directory on the local computer and can be accessed anytime from this machine or via the local network. It includes high risk threats that are typically installed
without user interaction through security exploits, and can severely compromise system security. Such threats may open illicit network connections, use polymorphic tactics to self-mutate, disable security software, modify system files, and install
additional malware.0
General information:
| Malware Name: |
Personal Inspector |
| Malware Type: |
Key Logger |
| Company Name: |
Personal Inspector |
| Company URL: |
http://personal-inspector.com/
|
| Threat Level: |
High Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation. |
Company Description:
Personal Inspector is an employee monitoring / parental control tool that monitors all computer activity and Internet usage. It can automatically track addresses and titles of all visited web pages, record all keystrokes (including passwords), save
contents of Windows clipboard and take screen captures of the desktop and working application windows. All collected data is stored in the secret directory on the local computer and can be accessed anytime from this machine or via the local network.
The software is very easy to use, small, fast-running and takes little system resources.
Spyware Description:
Personal Inspector is a key logger which records all keystrokes.It can automatically track addresses and titles of all visited web pages, record all keystrokes (including passwords), save contents of Windows clipboard and take screen captures of the
desktop and working application windows. All collected data is stored in the secret directory on the local computer and can be accessed anytime from this machine or via the local network. It includes high risk threats that are typically installed
without user interaction through security exploits, and can severely compromise system security. Such threats may open illicit network connections, use polymorphic tactics to self-mutate, disable security software, modify system files, and install
additional malware.0
Characteristics/Symptoms:
-> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0
Additional information might be found here:
Processes Running:
svcmon.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\WINDOWS\system32\PIN\Icons\TrayIcon00.ico |
1150 |
Icon |
| C:\WINDOWS\system32\PIN\Icons\TrayIcon02.ico |
1150 |
Icon |
| C:\WINDOWS\system32\PIN\Icons\TrayIcon03.ico |
1150 |
Icon |
Folder information Created after Installation:
| Folder Location |
| C:\WINDOWS\system32\PIN |
| C:\WINDOWS\system32\PIN\Icons |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstallPersonal-Inspector |
DisplayName |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\KMiNT21\PersonalInspector |
Start Menu Folder |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal-Inspector |
UninstallString |
