Login | RSS

Categories



Archives


Meta:

IEDefender removal tool - IEDefender removal instructions

October 25th, 2007 by admin

What is IEDefender ?
iedefender.jpgIEDefender may hijack your browser with www.iedefender.com, claiming to download IEDefender fake malware remover. After you install this rogue anti-spyware (also may be installed in stealth mode through system security holes) it would allege to detect spyware in an attempt to convince you into purchasing IEDefender’s full version. IEDefender is not legitimate spyware remover, in addition it shows popups, open browser security holes to install other parasites. This software may slow your computer and cause system errors. To check your computer for IEDefender’s infection, download automatical scanner \ removal tool.

IEDefender features:

  • IEDefender shows fake security alerts
  • IEDefender hijacks your browser
  • IEDefender slows your computer
  • IEDefender may be installed by Trojan (Zlob)
  • IEDefender may update and recreate itself
  • IEDefender is difficult to remove

IEDefender’s screenshots:

iedefender1.jpg


iedefender.jpg

IEDefender manual removal instructions:

Remove or unregister IEDefender processes folders, files and links:
 IEDefender.exe
IEDefender.lnk
Uninstall IEDefender.lnk
alisj.dll

Unregister IEDefender registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97C6E0E9-1D24-48CA-11E7-DC22C5308ABA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97C6E0E9-1D24-48CA-11E7-DC22C5308ABA}\InProcServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D723C81-2C9F-44DD-8F94-A2D3A06845E9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D723C81-2C9F-44DD-8F94-A2D3A06845E9}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D723C81-2C9F-44DD-8F94-A2D3A06845E9}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D723C81-2C9F-44DD-8F94-A2D3A06845E9}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{41FC2EBD-79F5-4FE0-8558-708DCB7FE255}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{41FC2EBD-79F5-4FE0-8558-708DCB7FE255}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{41FC2EBD-79F5-4FE0-8558-708DCB7FE255}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{41FC2EBD-79F5-4FE0-8558-708DCB7FE255}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{45DB217B-965D-4917-A653-C2A871534B4C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{45DB217B-965D-4917-A653-C2A871534B4C}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{45DB217B-965D-4917-A653-C2A871534B4C}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{45DB217B-965D-4917-A653-C2A871534B4C}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48A95844-A761-4D96-8191-0913D493823E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48A95844-A761-4D96-8191-0913D493823E}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48A95844-A761-4D96-8191-0913D493823E}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48A95844-A761-4D96-8191-0913D493823E}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{60FD2747-818B-4242-A041-4C1209F3D3A6}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{60FD2747-818B-4242-A041-4C1209F3D3A6}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{60FD2747-818B-4242-A041-4C1209F3D3A6}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{60FD2747-818B-4242-A041-4C1209F3D3A6}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{70F731FD-6C5F-4D46-A29C-6B97FABEF0D0}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{70F731FD-6C5F-4D46-A29C-6B97FABEF0D0}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{70F731FD-6C5F-4D46-A29C-6B97FABEF0D0}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{70F731FD-6C5F-4D46-A29C-6B97FABEF0D0}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77F6ABAA-C14B-4E0C-975E-0CFFA568B0BE}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77F6ABAA-C14B-4E0C-975E-0CFFA568B0BE}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77F6ABAA-C14B-4E0C-975E-0CFFA568B0BE}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77F6ABAA-C14B-4E0C-975E-0CFFA568B0BE}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{78AA9209-DED5-4F37-93A0-89FBEE57E4FC}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{78AA9209-DED5-4F37-93A0-89FBEE57E4FC}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{78AA9209-DED5-4F37-93A0-89FBEE57E4FC}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{78AA9209-DED5-4F37-93A0-89FBEE57E4FC}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{869B656B-142E-47E6-B4F6-973D17E80BBF}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{869B656B-142E-47E6-B4F6-973D17E80BBF}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{869B656B-142E-47E6-B4F6-973D17E80BBF}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{869B656B-142E-47E6-B4F6-973D17E80BBF}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{89F84A04-F5EF-4F4A-AF97-7DA43DD0371F}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{89F84A04-F5EF-4F4A-AF97-7DA43DD0371F}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{89F84A04-F5EF-4F4A-AF97-7DA43DD0371F}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{89F84A04-F5EF-4F4A-AF97-7DA43DD0371F}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8F9C1393-41D7-4BE1-8752-098BC97514D2}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8F9C1393-41D7-4BE1-8752-098BC97514D2}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8F9C1393-41D7-4BE1-8752-098BC97514D2}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8F9C1393-41D7-4BE1-8752-098BC97514D2}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9097FA96-8EFD-4D04-8024-C920AB56BBEA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9097FA96-8EFD-4D04-8024-C920AB56BBEA}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9097FA96-8EFD-4D04-8024-C920AB56BBEA}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9097FA96-8EFD-4D04-8024-C920AB56BBEA}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ACD5D550-4481-4F05-B6D8-A78566BD81D3}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ACD5D550-4481-4F05-B6D8-A78566BD81D3}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ACD5D550-4481-4F05-B6D8-A78566BD81D3}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ACD5D550-4481-4F05-B6D8-A78566BD81D3}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BE096ECD-D62E-4B2D-BBA5-CBF9BFA4AB23}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BE096ECD-D62E-4B2D-BBA5-CBF9BFA4AB23}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BE096ECD-D62E-4B2D-BBA5-CBF9BFA4AB23}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BE096ECD-D62E-4B2D-BBA5-CBF9BFA4AB23}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDA20808-84A0-48C3-902A-7E31FF47EA6B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDA20808-84A0-48C3-902A-7E31FF47EA6B}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDA20808-84A0-48C3-902A-7E31FF47EA6B}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDA20808-84A0-48C3-902A-7E31FF47EA6B}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E9C4CBEB-7BDF-47FF-8EDF-D72B50BB50EF}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E9C4CBEB-7BDF-47FF-8EDF-D72B50BB50EF}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E9C4CBEB-7BDF-47FF-8EDF-D72B50BB50EF}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E9C4CBEB-7BDF-47FF-8EDF-D72B50BB50EF}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1AE427B0-E3B7-4D2E-A6B9-36605B0F214E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1AE427B0-E3B7-4D2E-A6B9-36605B0F214E}\1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1AE427B0-E3B7-4D2E-A6B9-36605B0F214E}\1.0\0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1AE427B0-E3B7-4D2E-A6B9-36605B0F214E}\1.0\0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1AE427B0-E3B7-4D2E-A6B9-36605B0F214E}\1.0\FLAGS
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1AE427B0-E3B7-4D2E-A6B9-36605B0F214E}\1.0\HELPDIR
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEDefender 3.8

IEDefender Removal Tool

Posted in Spyware, Malware, Rogue Anti-Spyware, Hijacker |

2 Responses

  1. Fix Slow Computer: spyware, trojan horse, virus removals » Blog Archive » How to remove Unknown Trojan Message - Unknown Trojan Remover Says:
    February 11th, 2008 at 3:35 pm

    […] About Unknown Trojan Warning “Your computer was infected by Unknown Trojan” is a fake popup message generated by rogue anti-spyware programs (IEDefender, FilesSecure). Some real trojan horses (Trojan.Zlob, Trojan.Downloader) will display excessive popup advertisements that your computer was infected by unknown trojan to tirck users to purchase commercial versions of promoted rogues. Unknown trojan message can slow your browser and cause serious system errors. Download Unknown Trojan removal tool to get rid of this annoying message. […]

  2. Fix Slow Computer: spyware, trojan horse, virus removals » Blog Archive » How to remove IE AntiVirus 3.2 - IE AntiVirus 3.2 Remover (IEAntiVirus 3.2) Says:
    April 25th, 2008 at 9:14 pm

    […] IE AntiVirus 3.2 (IEAntivirus) is the latest clone of well-known IEDefender rogue anti-spyware with extra aggressive behaviour. IE AntiVirus spreads through browser exploits or may be installed by trojan downloaders. Once IE AntiVirus is installed, it may generate a number of unwanted pop-up and pop-under advertisements. IE AntiVirus may show security notifications stating that your system is in danger in order to lure you into buying its promoted anti-spyware software. Remember that IE AntiVirus is a dangerous malware - it may secretly install other spyware, slow your pc and cause system erros. IE AntiVirus is very difficult to manually remove because it has the ability to recreate and updateitself. […]

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.