IE Defender
Posted: October 25, 2007
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 164 |
| First Seen: | July 24, 2009 |
|---|---|
| Last Seen: | May 6, 2024 |
| OS(es) Affected: | Windows |
IE Defender is a rogue anti-spyware program due to its deceptive and aggressive advertising practices. IE Defender and its marketing affiliates are distributing and installing IE Defender's anti-spyware program through a download which is bundled with a trojan triggered by a browser helper object (BHO). Many of these trojan bundled downloads are located in sites which offer a "video codec" to be able to view free adult entertainment videos.
After your PC is infected with the trojan bundled download, it keeps showing up a pop-up stating "NOTICE: Your system is infected and your computer performance is not at the highest level. Full system optimization will greatly increase your computer's performance and prevent data loss". When you click on the popup, it will direct your IE to IEDefender.com to download IE Defender's anti-spyware program.
In addition, the Trojan which came bundled from either IE Defender and/or its affiliates hijacks your search engines, such as Google, Yahoo and MSN, and displays a fake error message within your search results claiming that your system is infected and offering to buy the IE Defender program. Once you click on this fake error message you will be redirected to IE Defender's home site where you will be tricked into buying IE Defender's anti-spyware application.
Aliases
TROJ_AGENT.AJH [TrendMicro]Trojan Horse [Symantec]Rootkit.Win32.Podnuha.bhw [Sunbelt]Mal/BHO-Fam [Sophos]Medium Risk Malware [Prevx1]Trj/Downloader.MDW [Panda]Win32/Rootkit.Podnuha.BHW [NOD32]Trojan:Win32/Boaxxe.H [Microsoft]Trojan.BHO.Gen [McAfee-GW-Edition]Generic.dx [McAfee]Rootkit.Win32.Podnuha [Ikarus]W32/Podnuha.BHW!tr.rkit [Fortinet]Win32/Kvol!generic [eTrust-Vet]Trojan.Siggen.644 [DrWeb]TrojWare.Win32.Rootkit.Podnuha.~K [Comodo]
More aliases (141)
More aliases (141)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:iedefender.exe
File name: iedefender.exeSize: 1.37 MB (1372672 bytes)
MD5: 7debb3de3e5ca3835d3d0067529a2318
Detection count: 85
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
a3gpcodec.dll
File name: a3gpcodec.dllSize: 247.29 KB (247296 bytes)
MD5: d02194a30b6316498631a1350280f1ce
Detection count: 81
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
VideoMP3.dll
File name: VideoMP3.dllSize: 220.16 KB (220160 bytes)
MD5: 39e0acc720b428e31ebb3ef4e3c43a8f
Detection count: 74
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
VideoMP3.dll
File name: VideoMP3.dllSize: 218.11 KB (218112 bytes)
MD5: 5244d884fb31be263bf145c01c9f9918
Detection count: 74
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
vkcxxfvi.dll
File name: vkcxxfvi.dllSize: 80.44 KB (80448 bytes)
MD5: 7df5417b22988d88e8080a44392ade95
Detection count: 66
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
VideoMP3.dll
File name: VideoMP3.dllSize: 218.62 KB (218624 bytes)
MD5: a2ba20a4c6194e0f544ee5d3a55f4731
Detection count: 66
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
advpac.dll
File name: advpac.dllSize: 84.99 KB (84992 bytes)
MD5: bcf3a381bbe26d9c1ec24bac8b18f567
Detection count: 65
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
ddcdedd.dll
File name: ddcdedd.dllSize: 37.37 KB (37376 bytes)
MD5: 1bc5752bd72f44f004d9f061dd7f9e00
Detection count: 64
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
nsn2B.dll
File name: nsn2B.dllSize: 49.66 KB (49664 bytes)
MD5: 05c505be23642e3b1e47bb4ae46ceb37
Detection count: 63
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
mscfg32.dll
File name: mscfg32.dllSize: 223.23 KB (223232 bytes)
MD5: d739f0e2f5d4605f6283bd3789f762d2
Detection count: 60
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
mljji.dll
File name: mljji.dllSize: 324.6 KB (324608 bytes)
MD5: 22292bb833bda29e499aa310fbac8ad4
Detection count: 56
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
IntelVideo.dll
File name: IntelVideo.dllSize: 245.76 KB (245760 bytes)
MD5: 327e40b3ed4d28b6ee765fae9c6622af
Detection count: 54
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
tufxleqe.dll
File name: tufxleqe.dllSize: 77.37 KB (77376 bytes)
MD5: e06e0cb0b3756a20f13ddb2d93169f22
Detection count: 40
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
nsaA7.dll
File name: nsaA7.dllSize: 139.26 KB (139264 bytes)
MD5: dedd376c1f4d3876609c3ad02c7d9ba9
Detection count: 33
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
pdswin.dll
File name: pdswin.dllSize: 224.25 KB (224256 bytes)
MD5: cf66c22c4a4992094a5e1be3d7cbc0fb
Detection count: 32
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
ttvbonsmf.dll
File name: ttvbonsmf.dllSize: 266.24 KB (266240 bytes)
MD5: 3fcc5dd78a3dab27cfab081bc3dd6b22
Detection count: 31
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
byvsr.dll
File name: byvsr.dllSize: 328.28 KB (328288 bytes)
MD5: b9631b35cc20e7c501f9592e9a75d40b
Detection count: 30
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
ieDefender-setup[2].exe
File name: ieDefender-setup[2].exeSize: 2.74 MB (2743590 bytes)
MD5: ce7b1332dc2bfb7c24bfadf9c55faf74
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
windivx.dll
File name: windivx.dllSize: 225.79 KB (225792 bytes)
MD5: c82a2b61005e211c70cbd989a79d665f
Detection count: 15
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
dx50codec.dll
File name: dx50codec.dllSize: 248.83 KB (248832 bytes)
MD5: 1ee34dfe18c9e6a572ea35b908c89e64
Detection count: 14
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
C:\rogueware samples\folder\infested 11 11 2022\XP Antispyware\iedefender-setup.exe
File name: iedefender-setup.exeSize: 2.58 MB (2582694 bytes)
MD5: 7a974fed8ffba2b4c36291a75f5f00c0
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: C:\rogueware samples\folder\infested 11 11 2022\XP Antispyware\iedefender-setup.exe
Group: Malware file
Last Updated: May 6, 2024
VideoMP3.dll
File name: VideoMP3.dllSize: 223.23 KB (223232 bytes)
MD5: 428c6d6ac084f4a7d369ca6c1d6d056b
Detection count: 1
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
More files
Registry Modifications
The following newly produced Registry Values are:
CLSID{F4D76F01-7896-458a-890F-E1F05C46069F}File name without pathASKPBAR.DLLIntelVideo.dll
CLSID{F4D76F01-7896-458a-890F-E1F05C46069F}File name without pathASKPBAR.DLLIntelVideo.dll
como desinstalar iedefender
jorge, If you think, that to follow the manual IE Defender Removal Instructions is too difficult for you, you should use a reliable anti-spyware program.
thanks guy, this was realy bugging the hell outa me. A friend sent me a link over messenger. THE JERK!! now i have this thing on..... anyway gonna go uninstall it... thanks again.
Do these instructions work with Windows Vista Home Premimun?