Blaster Keylogger, also known as Lsas.Blaster.Keylogger, is a fake Trojan warning generated by the rogue anti-spyware known as System Security 2009. System Security 2009 gets installed through other Trojans which get downloaded from malicious websites. Once installed, System Security 2009 will conduct fake scans of the system and generate reports which show a large number of non-existent virus threats. Among these falsely generated threats will be the name of Lsas.Blaster.Keylogger. System Security 2009 will also display some fake warning s about how Blaster Keylogger will steal private data from the user’s computer such as credit card information. The aim of this is to get the user to pay for the software license of System Security 2009. Therefore, the user should not fall for this trick and should take immediate measures to remove System Security 2009 as soon as the warning for Blaster Keylogger is displayed.
In order to remove Blaster Keylogger, it is necessary to stop the processes, unregister DLL files, delete files and folders and remove registry entries of System Security 2009. Additionally, scanning the entire computer system using genuine antivirus software.
File Removal Procedures
The first step you must take in order to delete Blaster Keylogger is to stop the following processes:
- unins000.exe
- VDoca582.exe
The next step in Blaster Keylogger removal is to unregister the following DLL files:
- mozcrt19.dll
- sqlite3.dll
The final step in file removal is to delete the following files and folders:
- %UserProfile%\Application Data\Virus Doctor
- %UserProfile%\Application Data\Virus Doctor\settings.ini
- %UserProfile%\Application Data\Virus Doctor\uill.ini
- c:\Documents and Settings\All Users\Application Data\System Data Configuration\DB.ini
- c:\Documents and Settings\All Users\Application Data\System Data Configuration\fsvd6398.db
- c:\Documents and Settings\All Users\Application Data\System Data Configuration\config.cfg
- c:\Documents and Settings\All Users\Application Data\927e\Languages\VDDe.lng
- c:\Documents and Settings\All Users\Application Data\927e\System Data Configuration\DBInfo.ver
- c:\Documents and Settings\All Users\Application Data\927e\Languages\VDFr.lng
- c:\Documents and Settings\All Users\Application Data\927e\Languages\VDIt.lng
- c:\Documents and Settings\All Users\Application Data\927e\System Data Configuration
- c:\Documents and Settings\All Users\Application Data\927e\System Data Configuration\vd952342.bd
- c:\Documents and Settings\All Users\Application Data\System Data Configuration
Registry Removal Procedures
Removing the files of System Security 2009 alone is not enough to completely remove Blaster Keylogger. The following registry entries should be deleted as well:
- %UserProfile%HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Virus Doctor”
- %UserProfile%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Virus Doctor_is1
- %UserProfile%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “URVDoc[]”
Now it is safe to say that Blaster Keylogger has been completely removed from your computer.
Conclusion
It is not recommended for inexperienced users to attempt to delete Blaster Keylogger manually, as any mistake made during removal could result in your system getting damaged.
Outside Resources:
Speak Your Mind