Lsas.Blaster.Keylogger
Lsas.Blaster.Keylogger is a phony security threat displayed in a fake security alert from rogue anti-spyware application called System Security 2009. This fake alert states that Internet Explorer is infected with the worm Lsas.Blaster.Keylogger (sometimes referred to as Lsas.Blaster.Keyloger) and that this worm is trying to send your credit card details using Internet Explorer to connect to a remote host. System Security displays this fake alert in order to scare you into purchasing the program. Simply ignore this fake alert and remove System Security from your computer immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 00308937.exe 2 config.udb 3 pc00308937ins 4 System Security 2009 Support.lnk 5 System Security 2009.lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\Software\00308937HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "00308937"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}SystemSecurity2009
I will be pleased to receive email from you folks as it pertains to the evil intent of those that write malicious code. You most likely know taht Norton found nothing wrong with your site. Taht is why I was pleased to reference your solution to lsas.blaster. I deleted references to 44017218.exe versus 00308937.exe
Dave Delorme