UniversalTechSupport
Welcome To UniversalTechSupport

LSAS.BLASTER.KEYLOGGER:

Go down

LSAS.BLASTER.KEYLOGGER:

Post by Admin on Wed Nov 13, 2013 11:52 pm


LSAS.BLASTER.KEYLOGGER:

Lsas.Blaster.Keylogger is a fake threat that appears in a phony security alert from rogue antispyware Virus Fighter. This popup reads:


This type of virus intercepts the entered data and transmits it to remote server.

Attention! Privacy information can be transmitted
- Credt card details | Transfered detected
- Personal logins and passwords | Transfered detected
- Browsing habits
- Email accounts


Steps to resolve:

Stop Lsas.Blaster.Keylogger processes:

c:Documents and SettingsAll UsersApplication Data927eunins000.exe
c:Documents and SettingsAll UsersApplication Data927eVDoca582.exe




Delete Dll's:

c:Documents and SettingsAll UsersApplication Data927emozcrt19.dll
c:Documents and SettingsAll UsersApplication Data927esqlite3.dll

Remove files:

c:Documents and SettingsAll UsersApplication Data927e
c:Documents and SettingsAll UsersApplication Data927eunins000.dat
c:Documents and SettingsAll UsersApplication Data927eLanguages
c:Documents and SettingsAll UsersApplication DataSystem Data Configurationconfig.cfg
c:Documents and SettingsAll UsersApplication DataSystem Data ConfigurationDB.ini
c:Documents and SettingsAll UsersApplication DataSystem Data Configurationfsvd6398.db
%UserProfile%Application DataVirus Doctor
%UserProfile%Application DataVirus Doctorsettings.ini
%UserProfile%Application DataVirus Doctoruill.ini
%UserProfile%DesktopVirus Doctor.lnk
%UserProfile%Start MenuVirus Doctor.lnk
%UserProfile%Start MenuProgramsVirus Doctor.lnk
%UserProfile%Application DataMicrosoftInternet ExplorerQuick LaunchVirus Doctor.lnk
c:Documents and SettingsAll UsersApplication Data927eLanguagesVDDe.lng
c:Documents and SettingsAll UsersApplication Data927eLanguagesVDFr.lng
c:Documents and SettingsAll UsersApplication Data927eLanguagesVDIt.lng
c:Documents and SettingsAll UsersApplication Data927eSystem Data Configuration
c:Documents and SettingsAll UsersApplication Data927eSystem Data ConfigurationDBInfo.ver
c:Documents and SettingsAll UsersApplication Data927eSystem Data Configurationvd952342.bd
c:Documents and SettingsAll UsersApplication DataSystem Data Configuration

Clear the registry keys:

%UserProfile%HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “Virus Doctor”
%UserProfile%HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallVirus Doctor_is1
%UserProfile%HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet Settings5.0User AgentPost Platform “URVDoc[]”

Clear the folder:

%UserProfile%Application DataVirus Doctor





Admin
Admin

Posts : 181
Join date : 2013-11-13

View user profile http://universaltechsupport.4rumer.com

Back to top Go down

Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum