- slide 1 of 4
What Is IE Antivirus (ieav.exe)?
IE Antivirus or ieav.exe is malware, anti-spyware trojan to me to be precise. Other similar malware programs such as Malware Bell, IE Defender, and Files Secure cause the same type of annoyances as IE Antivirus. Though it does not cause damage to your data or steal your passwords, ieav.exe is an annoying piece of malware. IE Antivirus (ieav.exe) causes pop up messages to appear, stating that your computer is infected, and that you must purchase the software to remove the infection. Some security experts would call this scare-ware, malware designed to scare you into purchasing and installing more malware into your system.
If you are constantly seeing this pop up, or another similar pop up, you are probably infected with IE Antivirus (ieav.exe) or another similar type of malware.
- slide 2 of 4
How to Get Rid of this Pesky Malware
Getting rid of ieav.exe is not as simple as deleting one file or pressing one button, and does require a few steps. Don't be worried however, as this tutorial will guide you, step by step, into removing this pesky little piece of malware.
Step One - Check If ieav.exe Is Actively Running
The first step is to see if ieav.exe is actively running. You need to go to your task manager to check. You can either press CTRL+SHIFT+ESC, to immediately have your task manager show up, or press CTRL+ALT+DEL then click on Task Manager. Once the Task Manager is running, look at the processes running in the Processes tab and see if you can find ieav.exe and ieavinstaller.exe. If any of these are running, right click on each and click on End Process Tree.
Step Two - Deleting ieav.exe
Now that step one is complete, you can delete ieav.exe without Windows stopping you. Windows does not allow a user to delete files if they are currently running, which is why step one is very critical in this process. Deleting ieav.exe is not as simple as deleting one executable file, as the malware leaves bits and pieces of itself all over your computer. Let's start by going into the root folder that ieav.exe will usually plant itself in:
- C:\Program Files\ieantivirus\
If you cannot find this directory, check your other drives to ensure that it hasn't planted itself in your other drives (D:\, H:\. Z:\, etc.). In this folder you will see a few executables. Do not run any of them. Instead, delete the entire folder and delete it from your recycle bin. The next paths we want to check for are:
- %\Desktop Directory\ie antivirus 3.2.lnk
- %\Programs\ie antivirus 3.2.lnk
As every computer is configured differently, the directory above is a general directory. You'll have to locate your main desktop directory, and depending on the user that's logged in, the directory can be different. If you're having trouble finding this path, do a search in Windows for ie antivirus 3.2.link. Once Windows finds the files, delete them and clear them from your recycle bin.
You've now successfully gotten off the traces of the malware but you're not done yet. IE Antivirus also snakes its way into your registry settings so that it is harder to kill.
Step Three - Cleaning Up Your Registry
Many tutorials will state that only an expert should handle messing with registry keys as one wrong move can cause your computer to stop working. I somewhat agree, but don't believe only computer experts should handle this part. Just be sure to take your time and read each step thoroughly before deleting or modifying any registry keys. The key to this portion is taking your time.
Run registry editor by going to your Start button, then clicking Run... From there, type Regedit to get the registry editor.
The first registry folder you're going to look for is:
Once you've found this folder, right click it and press Delete. If you're having trouble finding this folder, you can actually search in your registry editor. Simply go to Edit then press Find, then search for the term ieantivirus.
The next registry folder you want to look for is:
Do not delete this registry folder! You are looking for a specific key in the folder above. Unlike the previous step, you are not deleting the folder, you are deleting a key. On the right hand side of the registry editor, you will see a list of keys. You are looking for antispy. If you see it, right click it and press Delete.
The next registry folder you want to look for is:
You are performing the same action here. Look for the antispy registry key, right click it, then press Delete.
The final registry folder to delete is:
- HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ie antivirus
In this case, you are deleting the folder. Right click the ie antivirus folder and press Delete. You've now effectively deleted the main portions of ieav.exe, but there are still some supplemental files that need to be removed.
- slide 3 of 4
Removal of Supplemental Files
Step Four - Identifying the .DLL Files
This is a very tricky step. IE Antivirus (ieav.exe) may have left .dll files in your computer. Open Windows Explorer and browse down to C:\Windows\System32\. Now, right click and arrange by modified date. Since the .dll files created by ieav.exe are randomly named, this part of the process will be different for every user. Once the files have been arranged by date, look at the most newly created .dll files. Highlight each one and look for Type: Module, if you note any, delete these files.
- slide 4 of 4
Removal of ieav.exe Complete!
You've now successfully manually removed ieav.exe from your computer. This isn't as simple as deleting one file, but rather lookng through various folders and registry files to fully clean your computer. Missing out on deleting all files could lead to ieav.exe popping up again and then propogating through your system again.