Home Malware Programs Rogue Anti-Spyware Programs IE Defender

IE Defender

Posted: October 25, 2007

Threat Metric

Threat Level: 10/10
Infected PCs: 117
First Seen: July 24, 2009
Last Seen: January 20, 2021
OS(es) Affected: Windows

ScreenshotIE Defender is a rogue anti-spyware program due to its deceptive and aggressive advertising practices. IE Defender and its marketing affiliates are distributing and installing IE Defender's anti-spyware program through a download which is bundled with a trojan triggered by a browser helper object (BHO). Many of these trojan bundled downloads are located in sites which offer a "video codec" to be able to view free adult entertainment videos.

After your PC is infected with the trojan bundled download, it keeps showing up a pop-up stating "NOTICE: Your system is infected and your computer performance is not at the highest level. Full system optimization will greatly increase your computer's performance and prevent data loss". When you click on the popup, it will direct your IE to IEDefender.com to download IE Defender's anti-spyware program.

In addition, the Trojan which came bundled from either IE Defender and/or its affiliates hijacks your search engines, such as Google, Yahoo and MSN, and displays a fake error message within your search results claiming that your system is infected and offering to buy the IE Defender program. Once you click on this fake error message you will be redirected to IE Defender's home site where you will be tricked into buying IE Defender's anti-spyware application.

ScreenshotScreenshotScreenshotScreenshotScreenshot

Aliases

TROJ_AGENT.AJH [TrendMicro]Trojan Horse [Symantec]Rootkit.Win32.Podnuha.bhw [Sunbelt]Mal/BHO-Fam [Sophos]Medium Risk Malware [Prevx1]Trj/Downloader.MDW [Panda]Win32/Rootkit.Podnuha.BHW [NOD32]Trojan:Win32/Boaxxe.H [Microsoft]Trojan.BHO.Gen [McAfee-GW-Edition]Generic.dx [McAfee]Rootkit.Win32.Podnuha [Ikarus]W32/Podnuha.BHW!tr.rkit [Fortinet]Win32/Kvol!generic [eTrust-Vet]Trojan.Siggen.644 [DrWeb]TrojWare.Win32.Rootkit.Podnuha.~K [Comodo]
More aliases (141)

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to IE Defender may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



ieDefender[1].exe File name: ieDefender[1].exe
Size: 2.58 MB (2582694 bytes)
MD5: 7a974fed8ffba2b4c36291a75f5f00c0
Detection count: 90
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
a3gpcodec.dll File name: a3gpcodec.dll
Size: 247.29 KB (247296 bytes)
MD5: d02194a30b6316498631a1350280f1ce
Detection count: 81
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
websrc32.dll File name: websrc32.dll
Size: 240.12 KB (240128 bytes)
MD5: ced44819f4c99a21c4a64a80aee4ad4a
Detection count: 55
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
fkxlgaeu.dll File name: fkxlgaeu.dll
Size: 80.44 KB (80448 bytes)
MD5: 869afbf77259a551f12d7e7b374bf562
Detection count: 54
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
IntelVideo.dll File name: IntelVideo.dll
Size: 245.76 KB (245760 bytes)
MD5: 327e40b3ed4d28b6ee765fae9c6622af
Detection count: 54
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
ttvbonvgl.dll File name: ttvbonvgl.dll
Size: 286.72 KB (286720 bytes)
MD5: 7e555db5abc10ada062ab6d2aa1db783
Detection count: 51
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
version69ie7fix.dll File name: version69ie7fix.dll
Size: 1.66 MB (1667237 bytes)
MD5: 856af0f795d6ec7b3ec91d52250e4bdb
Detection count: 50
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
vturp.dll File name: vturp.dll
Size: 324.6 KB (324608 bytes)
MD5: 48af4b706721b7bfc3f251c547e0ab15
Detection count: 45
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
adspipe.dll File name: adspipe.dll
Size: 188.41 KB (188416 bytes)
MD5: 064b3b95808c2270d149126402edd78e
Detection count: 44
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
isfmdl.dll File name: isfmdl.dll
Size: 13.31 KB (13312 bytes)
MD5: e45a9594fbe3b5402c9151e4117f9d34
Detection count: 41
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
wiecjprp.dll File name: wiecjprp.dll
Size: 80.44 KB (80448 bytes)
MD5: ea02823961226a2bbfbf883dad98e1fe
Detection count: 35
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
ddccy.dll File name: ddccy.dll
Size: 316.51 KB (316512 bytes)
MD5: ca4f88b58b55e7189676fcd14b377362
Detection count: 34
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
nsaA7.dll File name: nsaA7.dll
Size: 139.26 KB (139264 bytes)
MD5: dedd376c1f4d3876609c3ad02c7d9ba9
Detection count: 33
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
pdswin.dll File name: pdswin.dll
Size: 224.25 KB (224256 bytes)
MD5: cf66c22c4a4992094a5e1be3d7cbc0fb
Detection count: 32
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
byvsr.dll File name: byvsr.dll
Size: 328.28 KB (328288 bytes)
MD5: b9631b35cc20e7c501f9592e9a75d40b
Detection count: 30
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
rqrqomn.dll File name: rqrqomn.dll
Size: 37.37 KB (37376 bytes)
MD5: cf60c8f84b40bbae06cb9fa0f4a51912
Detection count: 26
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
nsz379.dll File name: nsz379.dll
Size: 76.8 KB (76800 bytes)
MD5: 41727d3eeec276217333ef6737d6bb9b
Detection count: 25
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
vtutt.dll File name: vtutt.dll
Size: 331.77 KB (331776 bytes)
MD5: f8977192b6998354b97cb04aa03ffe72
Detection count: 23
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
ieDefender-setup[2].exe File name: ieDefender-setup[2].exe
Size: 2.74 MB (2743590 bytes)
MD5: ce7b1332dc2bfb7c24bfadf9c55faf74
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
ldqzxhsj.dll File name: ldqzxhsj.dll
Size: 165.47 KB (165472 bytes)
MD5: 7d82a04bf997449864057f278ef329ef
Detection count: 20
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
dx50codec.dll File name: dx50codec.dll
Size: 248.83 KB (248832 bytes)
MD5: 1ee34dfe18c9e6a572ea35b908c89e64
Detection count: 14
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009

More files

Registry Modifications

The following newly produced Registry Values are:

CLSID{F4D76F01-7896-458a-890F-E1F05C46069F}File name without pathASKPBAR.DLLIntelVideo.dll

4 Comments

  • jorge says:

    como desinstalar iedefender

  • ghostrider01 says:

    jorge, If you think, that to follow the manual IE Defender Removal Instructions is too difficult for you, you should use a reliable anti-spyware program.

  • Jay X says:

    thanks guy, this was realy bugging the hell outa me. A friend sent me a link over messenger. THE JERK!! now i have this thing on..... anyway gonna go uninstall it... thanks again.

  • Warren says:

    Do these instructions work with Windows Vista Home Premimun?