Lsas.Trojan-Spy.DOS.Keycopy

By Sumo3000 in Fake Error Messages

Translate To:

Lsas.Trojan-Spy.DOS.Keycopy is a non-existent trojan virus that is reported in fake security alerts initiated by the rogue anti-spyware application Malware Destructor 2009. The Lsas.Trojan-Spy.DOS.Keycopy pop-up reads as follows:

"WINDOWS SECURITY ALERT!
Lsas.Trojan-Spy.DOS.Keycopy is suspected to have infected your PC.
This type of virus intercepts entered data and transmits it to a remote server.
Windows Internet Explorer 8
"C:\WINDOWS\ie8\spuninst
Data interception was detected while visiting a website: http://"

The goal of this fabricated security report is to intimidate users into purchasing the fake spyware remover Malware Destructor 2009, by causing them to think that the system is infected with a counterfeit trojan virus called Lsas.Trojan-Spy.DOS.Keycopy.

File System Details

Lsas.Trojan-Spy.DOS.Keycopy may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%UserProfile%\Recent\ANTIGEN.sys
Name: %UserProfile%\Recent\ANTIGEN.sys Type: System file
2.	%UserProfile%\Recent\FW.dll
Name: %UserProfile%\Recent\FW.dll Type: Dynamic link library
3.	%UserProfile%\Recent\tempdoc.exe
Name: %UserProfile%\Recent\tempdoc.exe Type: Executable File
4.	%Documents and Settings%\All Users\Application Data\345d567\sqlite3.dll
Name: %Documents and Settings%\All Users\Application Data\345d567\sqlite3.dll Type: Dynamic link library
5.	%UserProfile%\Recent\ANTIGEN.exe
Name: %UserProfile%\Recent\ANTIGEN.exe Type: Executable File
6.	%UserProfile%\Recent\FS.sys
Name: %UserProfile%\Recent\FS.sys Type: System file
7.	%UserProfile%\Recent\PE.dll
Name: %UserProfile%\Recent\PE.dll Type: Dynamic link library
8.	%Documents and Settings%\All Users\Application Data\345d567\mozcrt19.dll
Name: %Documents and Settings%\All Users\Application Data\345d567\mozcrt19.dll Type: Dynamic link library
9.	%UserProfile%\Local Settings\Temp\del.bat
Name: %UserProfile%\Local Settings\Temp\del.bat Type: Batch file
10.	%UserProfile%\Recent\energy.exe
Name: %UserProfile%\Recent\energy.exe Type: Executable File
11.	%UserProfile%\Recent\hymt.exe
Name: %UserProfile%\Recent\hymt.exe Type: Executable File
12.	%Documents and Settings%\All Users\Application Data\345d567\MD345d.exe
Name: %Documents and Settings%\All Users\Application Data\345d567\MD345d.exe Type: Executable File
13.	%UserProfile%\Application Data\Malware Destructor 2009\Instructions.ini
Name: %UserProfile%\Application Data\Malware Destructor 2009\Instructions.ini
14.	%UserProfile%\Recent\FS.tmp
Name: %UserProfile%\Recent\FS.tmp Type: Temporary File
15.	%UserProfile%\Recent\tjd.tmp
Name: %UserProfile%\Recent\tjd.tmp Type: Temporary File
16.	%Documents and Settings%\All Users\Application Data\345d567
Name: %Documents and Settings%\All Users\Application Data\345d567
17.	%Documents and Settings%\All Users\Application Data\345d567\MDestrSys\vd952342.bd
Name: %Documents and Settings%\All Users\Application Data\345d567\MDestrSys\vd952342.bd
18.	%WINDOWS%\Temp\IMT7.xml
Name: %WINDOWS%\Temp\IMT7.xml
19.	%UserProfile%\Application Data\Malware Destructor 2009\cookies.sqlite
Name: %UserProfile%\Application Data\Malware Destructor 2009\cookies.sqlite
20.	%UserProfile%\Desktop\Malware Destructor 2009.lnk
Name: %UserProfile%\Desktop\Malware Destructor 2009.lnk Type: Shortcut
21.	%UserProfile%\Recent\energy.tmp
Name: %UserProfile%\Recent\energy.tmp Type: Temporary File
22.	%UserProfile%\Recent\PE.tmp
Name: %UserProfile%\Recent\PE.tmp Type: Temporary File
23.	%UserProfile%\Start Menu\Programs\Malware Destructor 2009.lnk
Name: %UserProfile%\Start Menu\Programs\Malware Destructor 2009.lnk Type: Shortcut
24.	%Documents and Settings%\All Users\Application Data\345d567\MdestrSys
Name: %Documents and Settings%\All Users\Application Data\345d567\MdestrSys
25.	%Documents and Settings%\All Users\Application Data\MDestrSys\mdestr.cfg
Name: %Documents and Settings%\All Users\Application Data\MDestrSys\mdestr.cfg
26.	%WINDOWS%\Temp\IMT9.xml
Name: %WINDOWS%\Temp\IMT9.xml
27.	%UserProfile%\Application Data\Malware Destructor 2009
Name: %UserProfile%\Application Data\Malware Destructor 2009
28.	%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Destructor 2009.lnk
Name: %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Destructor 2009.lnk Type: Shortcut
29.	%UserProfile%\Recent\cb.drv
Name: %UserProfile%\Recent\cb.drv Type: Device Driver
30.	%UserProfile%\Recent\kernel32.drv
Name: %UserProfile%\Recent\kernel32.drv Type: Device Driver
31.	%UserProfile%\Start Menu\Malware Destructor 2009.lnk
Name: %UserProfile%\Start Menu\Malware Destructor 2009.lnk Type: Shortcut
32.	%Documents and Settings%\All Users\Application Data\345d567\384.mof
Name: %Documents and Settings%\All Users\Application Data\345d567\384.mof
33.	%Documents and Settings%\All Users\Application Data\MdestrSys
Name: %Documents and Settings%\All Users\Application Data\MdestrSys
34.	%WINDOWS%\Temp\IMT8.xml
Name: %WINDOWS%\Temp\IMT8.xml

Registry Details

Lsas.Trojan-Spy.DOS.Keycopy may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft

HKEY_CLASSES_ROOT\MD345d.DocHostUIHandler

HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Lsas.Trojan-Spy.DOS.Keycopy

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen