IE Antivirus or IEAntivirus
IEAntiVirus Description
IE Antivirus 3.2, or IEAntivirus, is a rogue anti-spyware program that is promoted on the Web through trojan infested video codecs, which sneak past weak security system points and can be found on porn websites. The trojan that comes bundled with the video codec is known as Zlob. Once your computer is infected with Zlob, it will display popups that look similar to Microsoft Windows system alert messages. These fake alert messages have titles such as “Warning!”, “Critical System Error!” or “Your Computer Is Infected” to convince you that your computer is in danger and that you must click on the ‘OK’ button to fix the problem.
As soon as IE Antivirus is installed, it will perform a fake spyware scan that will result in exaggerated threat reports and then a warning message will pop up that will prompt you to purchase IE Antivirus’s full version. It is advised to delete any popups or system messages related to IE Antivirus or Zlob. No matter how legitimate IE Antivirus or it’s website (www.ieantivirus.com) may look, you should not download or purchase the IE Antivirus program.
IE Antivirus is meant to confuse you with it’s scare tactics and, in turn, convince you to purchase IE Antivirus’ full version. IE Antivirus comes from the same makers of Malware Bell and IEDefender.
Type: Rogue AntiSpyware Programs
How Can You Detect IEAntiVirus?
IEAntiVirus Technical Report
As new IEAntiVirus details are reported by our customers and findings from our Threat Research Center, we will update this section.
The following IEAntiVirus files with its MD5s were created in the system:
| File Name | File Size | MD5 |
|---|
| ieav[1].exe | 866355 | 0ae38eb15aae0feda6f4b455122dac20 |
| ieav.exe | 1529856 | 289c34ceceff2545ec771c3d999c6a04 |
| ksol.dll | 217600 | 93218435d771eff234e13d3ab02d5d7a |
| wsol.dll and_others | 225792 | c0f08e4fcc7aad8e804ac6735cd31d14 |
| kol.dll and_others | 218112 | 026a89da89194416bec317d495b39314 |
| tuvWqPiJ.dll | 281600 | 9e7bb5dcb0b67b4d398fdc86c105a0ea |
| kol.dll | 218112 | b253f96eb0df6120fd8fa6b3f407bdf3 |
| ieav.exe | 876367 | 476afae0ac740ac540a99760f8d0a1bc |
| ieav.exe | 1677312 | d147905dcb660587b4da7230d57404cd |
| vidas32.dll | 211968 | 349b62c73a9f956b9791130888e28604 |
| ieav.exe | 1812480 | f91dc8dd0fd8de86f81268284abe469f |
| fop32.dll | 216576 | feb062cd22eb714189aa7ce902bb78dd |
IEAntiVirus Video Demo
Click on the “How IEAntiVirus Infects Your Computer” video to see a IEAntiVirus infection in action! See through the eyes of an unsuspecting Internet user while him/her is being victimized by IEAntiVirus.
At the end of this video, there’s a link to download SpyHunter’s Free Spyware Scanner. SpyHunter’s Free Spyware Scanner is for detection purposes only. To remove IEAntiVirus, you must purchase SpyHunter’s full version.
Tip: Turn your sound ON and watch the video in Full Screen mode to fully experience how IEAntiVirus infects a computer. The video contains clickable buttons.
IEAntiVirus has typically the following processes in memory:
- %program_files%\ieantivirus\uninst.exe
- ieav.exe
- %program_files%\ieantivirus\ieav.exe
- kol.dll
- ieavinstaller.exe
- ksol.dll
- apdoxu.dll
IEAntiVirus created the following directories, files, paths:
- %ProgramFiles%\IEAntiVirus
IEAntiVirus creates the following registry entries:
- HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ie antivirus
- AppID\ksol.dll
- F856BB9E-855B-498D-883E-3509C550A031
- AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4
- 597AED5A-2DEA-431D-BE7E-F03BAB2AFB15
- HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run antispy
- AppID\E4DA88ED-E01E-4D88-ADC4-A3E1ED557C6A
- 99E591B6-A5AD-4A2D-B349-334020760EF2
- 968E6658-515B-4703-97DD-F256F5C88C72
- CF9146DB-16F1-4B79-8DA1-EE14C55D5B06
- HKEY_CURRENT_USER\software\ieantivirus
- E4DA88ED-E01E-4D88-ADC4-A3E1ED557C6A
- 29BF1B1F-0106-4881-A7C7-A71035C54825
- 15977918-3A04-4982-8E45-EDC618371EBE
- cdx.VideoStream
Important Article Disclaimer

English 
Deutsch
Español
Français
Portuguese
IE Antivirus Or IEAntivirus 











