IE Defender

IE Defender Description

Type: Rogue AntiSpyware Programs

ScreenshotIE Defender is classified as a rogue anti-spyware application because of its misleading and aggressive advertising practices. IE Defender creators and their marketing affiliates propagate and install IE Defender's rogue anti-spyware application through a download that is bundled with a Trojan generated by a Browser Helper object (BHO). Most of these Trojan bundled downloads circulate in web sites that offer a "video codec" to view free adult entertainment videos.

Once your computer gets infected with the Trojan, it will start showing up an annoying pop-up message: "NOTICE: Your system is infected and your computer performance is not at the highest level. Full system optimization will greatly increase your computer's performance and prevent data loss". Do NOT click on this fake error message because it will redirect your IE to IE Defender's website where you will be forced to download IE Defender's anti-spyware application.

Moreover, the Trojan, which has come bundled from either IE Defender and/or their affiliates, hijacks your search engines (such as Google, Yahoo and MSN) and displays a fake warning message within your search results claiming that your computer is in serious danger because of hazardous parasites in your system. This is the manner how they attempt to trick the users into purchasing IE Defender full commercial version. Again, do NOT click on this fake error message because it will direct you IE Defender's homepage where you will be offered to purchase IE Defender's application.ScreenshotScreenshot

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software Detection
TrendMicro TROJ_AGENT.AJH
Symantec Trojan Horse
Sunbelt Rootkit.Win32.Podnuha.bhw
Sophos Mal/BHO-Fam
Prevx1 Medium Risk Malware
Panda Trj/Downloader.MDW
NOD32 Win32/Rootkit.Podnuha.BHW
Microsoft Trojan:Win32/Boaxxe.H
McAfee-GW-Edition Trojan.BHO.Gen
McAfee Generic.dx
Ikarus Rootkit.Win32.Podnuha
Fortinet W32/Podnuha.BHW!tr.rkit
eTrust-Vet Win32/Kvol!generic
DrWeb Trojan.Siggen.644
Comodo TrojWare.Win32.Rootkit.Podnuha.~K

Technical Information

Screenshots & Other Imagery

SpyHunter Detects & Remove IE Defender

File System Details

IE Defender creates the following file(s):
Expand All | Collapse All
# File Name MD5 Detection Count
1 ASKPBAR.DLL a483d19ac62c92525d73542d14e36d04 10
2 ssqro.dll 42921295d6480d1406bbb905e727e0b5 0
3 ldqzxhsj.dll 7d82a04bf997449864057f278ef329ef 0
4 vtutt.dll f8977192b6998354b97cb04aa03ffe72 0
5 nsz379.dll 41727d3eeec276217333ef6737d6bb9b 0
6 rqrqomn.dll cf60c8f84b40bbae06cb9fa0f4a51912 0
7 crypt32d.dll b9c228372922f8901791e9c11274d5c7 0
8 byvsr.dll b9631b35cc20e7c501f9592e9a75d40b 0
9 pdswin.dll cf66c22c4a4992094a5e1be3d7cbc0fb 0
10 nsaA7.dll dedd376c1f4d3876609c3ad02c7d9ba9 0
11 ddccy.dll ca4f88b58b55e7189676fcd14b377362 0
12 wiecjprp.dll ea02823961226a2bbfbf883dad98e1fe 0
13 pdnmcqhd.dll d663c72bfee4337e597ebd4da1aa84ef 0
14 isfmdl.dll e45a9594fbe3b5402c9151e4117f9d34 0
15 adspipe.dll 064b3b95808c2270d149126402edd78e 0
16 vturp.dll 48af4b706721b7bfc3f251c547e0ab15 0
17 cbxwwvu.dll c269e79dd1ef978b39e98b096128e060 0
18 wvurqpp.dll 1b4e81943d0c8b6a87b9db81cfd8bb3d 0
19 version69ie7fix.dll 856af0f795d6ec7b3ec91d52250e4bdb 0
20 ttvbonvgl.dll 7e555db5abc10ada062ab6d2aa1db783 0
21 fkxlgaeu.dll 869afbf77259a551f12d7e7b374bf562 0
22 websrc32.dll ced44819f4c99a21c4a64a80aee4ad4a 0
23 IntelVideo.dll 327e40b3ed4d28b6ee765fae9c6622af 0
24 mwgvsu.dll 396955766b2e512bc3545a24bc485dbe 0
25 a3gpcodec.dll d02194a30b6316498631a1350280f1ce 0
26 XunLeiBHO_Now.dll 29c3bffe619b600215def6631cd7f25c 0
27 dx50codec.dll 1ee34dfe18c9e6a572ea35b908c89e64 0
28 ieDefender-setup[2].exe ce7b1332dc2bfb7c24bfadf9c55faf74 0
29 ieDefender[1].exe 7a974fed8ffba2b4c36291a75f5f00c0 0
More files

Registry Details

IE Defender creates the following registry entry or registry entries:
CLSID
{F4D76F01-7896-458a-890F-E1F05C46069F}
File name without path
ASKPBAR.DLL
IntelVideo.dll

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.
By Domesticus in Rogue Anti-Spyware Program
Translate To:
English
Threat Scorecard
Threat Level: 100 % (High)
Infected Computers: 50
First Seen: July 24, 2009
Last Seen: January 20, 2021
OS(es) Affected: Windows