IronDefender

By Sumo3000 in Rogue Anti-Spyware Program

Translate To:

IronDefender is a fake security application that spreads with the help of sneaky Trojans. IronDefender will display fake scanners, security alerts and pop-up warnings in an attempt to convince a user that his/her machine is infested with malware. Then IronDefender will coerce the user into paying for its "full version" in order to remove the purportedly detected malware. IronDefender is unable to detect or remove computer malware therefore users should never waste their money on this rogueware.

Table of Contents

File System Details

IronDefender may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	c:\WINDOWS\[random characters].exe
Name: c:\WINDOWS\[random characters].exe Type: Executable File
2.	c:\WINDOWS\system32\[random characters].dll
Name: c:\WINDOWS\system32\[random characters].dll Type: Dynamic link library
3.	c:\Program Files\FDFCA\Uninstall.exe
Name: c:\Program Files\FDFCA\Uninstall.exe Type: Executable File
4.	c:\WINDOWS\system32\[random characters].exe
Name: c:\WINDOWS\system32\[random characters].exe Type: Executable File
5.	c:\Program Files\FDFCA\F0E84.exe
Name: c:\Program Files\FDFCA\F0E84.exe Type: Executable File
6.	c:\WINDOWS\[random characters].dll
Name: c:\WINDOWS\[random characters].dll Type: Dynamic link library
7.	%UserProfile%\Local Settings\Temp\[random characters].exe
Name: %UserProfile%\Local Settings\Temp\[random characters].exe Type: Executable File
8.	c:\WINDOWS\[random characters].bin
Name: c:\WINDOWS\[random characters].bin Type: Binary File
9.	c:\WINDOWS\system32\[random characters].cpl
Name: c:\WINDOWS\system32\[random characters].cpl
10.	c:\Program Files\FDFCA\
Name: c:\Program Files\FDFCA\
11.	c:\WINDOWS\system32\[random characters].bin
Name: c:\WINDOWS\system32\[random characters].bin Type: Binary File
12.	%UserProfile%\Desktop\IronDefender.lnk
Name: %UserProfile%\Desktop\IronDefender.lnk Type: Shortcut
13.	C:\Documents and Settings\\Start Menu\Programs\IronDefender.lnk
Name: C:\Documents and Settings\<username>\Start Menu\Programs\IronDefender.lnk Type: Shortcut
14.	c:\WINDOWS\[random characters].cpl
Name: c:\WINDOWS\[random characters].cpl
15.	%UserProfile%\Desktop\hash
Name: %UserProfile%\Desktop\hash

Registry Details

IronDefender may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IronDefender

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "F0E84.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\IronDefender

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "vur4.exe"

HKEY_CURRENT_USER\Software\IronDefender

HKEY_CURRENT_USER\Software "Install_Dir" = "C:\Program Files\FDFCA"

Messages

The following messages associated with IronDefender were found:

Spyware Alert!
Your computer is infected with spyware. It could damage your critical files or expose your private data on the Internet. Click here to register your copy of IronDefender and remove spyware threats from your PC.

Warning
Your computer is under a great risk! Malware applications are still running. This will lead to the loss of personal date and system damage.
Do you want to remove the malware and protect your system?

Security Center Alert!
Infiltration Alert!
Your computer is being at

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

IronDefender

File System Details

Registry Details

Messages

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen