How to remove Lsas.Blaster.Keylogger a.k.a System Security 2009

This week my roommate call me over and says, "hey take a look at my computer...I think I might have a virus".

Understatement of the year.

His Toshiba Laptop was taken over by a nasty virus. My roommate is as computer literate as most of your grandmothers; Unless of course your Gmama is related to Bill Gates. I felt it was my obligation to help him thru this process since he would never have been able to fix this himself.

The computer was taken over by messages saying the computer was infected and it needed to install System Security 2009. This virus goes by other names including System Security and Lsas.Blaster.Keylogger

It kept running fake scans and demanded fake emergency installations of the virus' Anti-virus...if that even makes any sense.
Its a rogue program that uses frighten methods to inform that user's PC is infected with malware, spyware or viruses.

It runs a bunch of scans and produces numerous pop up windows. The virus tells you that System Security 2009 can fix it if you pay for it...obviously it wont...the antivirus is the virus.

Remove this ASAP or it will connect to the internet when it pleases, produce pop up ads and advertisements constantly, change your browser settings and stays on in your background.

The Virus/Spyware would not let us launch any programs like Ccleaner, Avira AntiVir Personal Anti Virus nor SuperAntiSpyware Free edition.

What happened to my laptop?
What happened to my laptop?

If you look for a fix for this online you will find a lot of links telling you to install and run Spyware Doctor. So we downloaded.

I believe here we went to SAFE MODE: (press F8 repeatedly as your computer is booting) and installed Spyware Doctor... or install in regular mode if it lets you.

Then re-booted in regular mode to install the latest updates to spyware doctor.

We ran the Spyware Doctor scan and it spotted the virus BUT now at this point they tell you you have to upgrade the Spyware Doctor to remove...what a sham! we managed to get the license key from the interweb ;0P we ran the Spyware Doctor scan again (cant remember if the scan was ran in safe-mode or regular, maybe both). BOOM! The corrupt files/virus/spyware or whatever you want to call this was removed.


Another sham!


2 Hours Later...The Fix

Skip to this part for the fix!

...2 hours later...

Frustrated as can be at this stage. I realized my roomate has Malwarebytes' Anti-Malware already installed on his laptop. So I decided to give it a try:

We rebooted in safe mode and ran the scan on Malwarebytes' Anti-Malware (note: as of today December 3rd, 2009 Malwarebytes' Anti-Malware new version 1.42 was released)


Malwarebytes' Anti-Malware scan found the dirty scoundrels...the rogue Spyware/virus, Lsas.Blaster.Keylogger or System Security has numerous names it goes by. Now just click to remove the dirty/corrupt files and restart your computer.

That should REMOVE it, FIX it!

Now that your computer removed the threats, at this point I would run your scans on:

  • Malwarebytes' Anti-Malware again in regular mode.
  • SuperAntiSpyware
  • Spyware Doctor(if you have full version)
  • AntiVirus: I recommend Avira AntiVir Personal- Free Edition or AVG
  • Ccleaner

Probably in that same order.

I really hope this hub helps at least one person out was such a pain to get rid of this and I found no direct solution to this problem online...just a bunch of links to fake solutions that were just trying to sell a product.

Feel free to leave a comment.

Stay safe and surf carefully!

More by this Author


No comments yet.

    Sign in or sign up and post using a HubPages Network account.

    0 of 8192 characters used
    Post Comment

    No HTML is allowed in comments, but URLs will be hyperlinked. Comments are not for promoting your articles or other sites.

    Click to Rate This Article