Lsas.Blaster.Keyloger
Lsas.Blaster.Keyloger is a fabricated security threat used in a bogus security alert by the rogue security program System Security. The security alert claims that the system is infected with a worm called Lsas.Blaster.Keyloger (also known as Lsas.Blaster.Keylogger) and the said worm is attempting to send the victim's credit card details to a remote host using Internet Explorer. All security alerts displayed by rogueware such as System Security are not to be taken seriously, instead take extra measures to remove the rogue application as soon as possible.
File System Details
Lsas.Blaster.Keyloger may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %UserProfile%\Application Data\4946550101\[random number].exe | |
| 2. | %UserProfile%\Application Data\4946550101\[random number].bat | |
| 3. | %UserProfile%\Application Data\4946550101\[random number].cfg | |
| 4. | %UserProfile%\Start Menu\Programs\Security Tool.lnk | |
| 5. | %UserProfile%\Application Data\4946550101 | |
| 6. | %UserProfile%\Desktop\Security Tool.lnk |
Registry Details
Lsas.Blaster.Keyloger may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random number]"
HKEY_CURRENT_USER\Software\Security Tool
