PersonInspect
|
Description:
|
Keylogger
|
|
Risk Level:
|
Low
|
|
Date of First Occurence:
|
Tuesday, April 29, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SUPPRIMER SPYWARE »
Geographical Distribution of Threat "PersonInspect"
Threat Info
View All
Detected Items
- Detected Files:
%SYSDIR%\PIN\svcmon.exe
MD5: A917B5352AE358F91DEB3C3334226263 Size:766178
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%START_PROGRAMS%\Personal Inspector\Links\Download lastest version.lnk
%START_PROGRAMS%\Personal Inspector\Links\Mail to support.lnk
%START_PROGRAMS%\Personal Inspector\Links\Program s home page.lnk
%START_PROGRAMS%\Personal Inspector\Links\Registration.lnk
%START_PROGRAMS%\Personal Inspector\Personal Inspector.lnk
%START_PROGRAMS%\Personal Inspector\Uninstall.lnk
%START_PROGRAMS%\Personal Inspector\View Report.lnk
%sysdir%\PIN\Links\Download lastest version.url
%sysdir%\PIN\Links\Mail to support.url
%sysdir%\PIN\Links\Program s home page.url
%sysdir%\PIN\Links\Registration.url
%sysdir%\PIN\RegDll.bat
%sysdir%\PIN\rView.exe
%sysdir%\PIN\svcmon.cfg
%sysdir%\PIN\svcmon.dll
%sysdir%\PIN\svcmon.exe
%sysdir%\PIN\svcmon.rep
%sysdir%\PIN\svcmonh.dll
%sysdir%\PIN\svcmoni.dll
%sysdir%\PIN\Uninstall.exe
%sysdir%\PIN\UnRegDll.bat
%sysdir%\system.pi
- Files by Directories
%START_PROGRAMS%\Personal Inspector
%sysdir%\PIN
- Files by CLSID or Name
CLSID=85DDD882-701E-401B-8A7D-D51227048214
- Registry Keys
HKLM\SOFTWARE\Classes\Iewatcher.ViewSource
HKLM\SOFTWARE\Classes\Iewatcher.ViewSource.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal-Inspector
HKLM\SOFTWARE\KMiNT21\PersonalInspector
- Registry Values
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=svcmon
«
Go to Software Database
