IEAntiVirus Description

IE Antivirus 3.2, or IEAntivirus, is a rogue anti-spyware program that is promoted on the Web through trojan infested video codecs, which sneak past weak security system points and can be found on porn websites. The trojan that comes bundled with the video codec is known as Zlob. Once your computer is infected with Zlob, it will display popups that look similar to Microsoft Windows system alert messages. These fake alert messages have titles such as “Warning!”, “Critical System Error!” or “Your Computer Is Infected” to convince you that your computer is in danger and that you must click on the ‘OK’ button to fix the problem.

As soon as IE Antivirus is installed, it will perform a fake spyware scan that will result in exaggerated threat reports and then a warning message will pop up that will prompt you to purchase IE Antivirus’s full version. It is advised to delete any popups or system messages related to IE Antivirus or Zlob. No matter how legitimate IE Antivirus or it’s website (www.ieantivirus.com) may look, you should not download or purchase the IE Antivirus program.

IE Antivirus is meant to confuse you with it’s scare tactics and, in turn, convince you to purchase IE Antivirus’ full version. IE Antivirus comes from the same makers of Malware Bell and IEDefender.

Type: Rogue AntiSpyware Programs

How Can You Detect IEAntiVirus?

IEAntiVirus Technical Report

As new IEAntiVirus details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following IEAntiVirus files with its MD5s were created in the system:

IEAntiVirus Video Demo

Click on the “How IEAntiVirus Infects Your Computer” video to see a IEAntiVirus infection in action! See through the eyes of an unsuspecting Internet user while him/her is being victimized by IEAntiVirus.

At the end of this video, there’s a link to download SpyHunter’s Free Spyware Scanner. SpyHunter’s Free Spyware Scanner is for detection purposes only. To remove IEAntiVirus, you must purchase SpyHunter’s full version.

Tip: Turn your sound ON and watch the video in Full Screen mode to fully experience how IEAntiVirus infects a computer. The video contains clickable buttons.

IEAntiVirus has typically the following processes in memory:

• %program_files%\ieantivirus\uninst.exe
• ieav.exe
• %program_files%\ieantivirus\ieav.exe
• kol.dll
• ieavinstaller.exe
• ksol.dll
• apdoxu.dll

IEAntiVirus created the following directories, files, paths:

• %ProgramFiles%\IEAntiVirus

IEAntiVirus creates the following registry entries:

• HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ie antivirus
• AppID\ksol.dll
• F856BB9E-855B-498D-883E-3509C550A031
• AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4
• 597AED5A-2DEA-431D-BE7E-F03BAB2AFB15
• HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run antispy
• AppID\E4DA88ED-E01E-4D88-ADC4-A3E1ED557C6A
• 99E591B6-A5AD-4A2D-B349-334020760EF2
• 968E6658-515B-4703-97DD-F256F5C88C72
• CF9146DB-16F1-4B79-8DA1-EE14C55D5B06
• HKEY_CURRENT_USER\software\ieantivirus
• E4DA88ED-E01E-4D88-ADC4-A3E1ED557C6A
• 29BF1B1F-0106-4881-A7C7-A71035C54825
• 15977918-3A04-4982-8E45-EDC618371EBE
• cdx.VideoStream

Important Article Disclaimer