Dangerous Trojan Removal Guide

Do you know what Dangerous Trojan is?

Dangerous Trojan is a new error message similar to Unknown Trojan which we posted a few months ago. We have identified the Dangerous Trojan message as being related to the IEDefender group. Dangerous Trojan pops up messages in an attempt to get computer users to download and install Files Secure which is a dangerous rogue application.

Do you ever get the following message?

System Error!
Your system was infected by dangerous Trojan.
Note: Your critical files can be lost!
Click OK to download antimalware application to clean your system! (Recommended)

The above message is what Dangerous Trojan will prompt on your computer if you are infected. It is recommended that users do not click on this message, it may redirect you to a malicious site to download rogue software. We have discovered that Dangerous Trojan may change Google and Yahoo search results to display fake pornographic youtube video.

In non-techie terms: There is no doubt that Dangerous Trojan is properly named because it is actually a Dangerous Trojan infection. Dangerous Trojan should be removed as soon as possible if you are infected or you run the risk of further damaging your system. Do not under any circumstances purchase or download any software that is related to Dangerous Trojan or it's popup messages.

Tags: .
  • Sridhar

    great job done. it worked

  • cez

    Thank you.

    I didn't have safe search on in google. Clicked something by accident ended up on that icky site and was infected. Bing Bang Boom! Sheesh. First one in almost three years!

    The removal tool worked like a charm!

    A note to those looking for help via google, even tho the trojan hijacks the hyperlink you can still cut and paste the url from the listing.

    cez

  • Cordzill

    Hey,

    So I had a very similar thing occur to me over the last few days, and have finally gotten rid of it. Assumably the above works fine (from the comments posted) but for those who were in my shoes, with lovely "dangerous trogan" messages trying to download IEAV.exe (or something around those lines), here is what I did:

    1. Tracked events in Windows Defender (of all things) and found the following:

    ---------------------------

    Description:
    This program has potentially unwanted behavior.

    Advice:
    Permit this detected item only if you trust the program or the software publisher.

    Resources:
    clsid:
    HKLM\SOFTWARE\CLASSES\CLSID\{50AB4474-F8B5-4F66-BAC5-4251E765B827}

    regkey:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50AB4474-F8B5-4F66-BAC5-4251E765B827}

    regkey:
    HKLM\SOFTWARE\CLASSES\TYPELIB\{6549E485-C533-4E58-BA92-9FBCD2F6E839}\1.0

    regkey:
    HKLM\SOFTWARE\CLASSES\CLSID\{50AB4474-F8B5-4F66-BAC5-4251E765B827}

    bho:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50AB4474-F8B5-4F66-BAC5-4251E765B827}

    typelibversion:
    HKLM\SOFTWARE\CLASSES\TYPELIB\{6549E485-C533-4E58-BA92-9FBCD2F6E839}\1.0

    file:
    C:\WINDOWS\tupost32.dll

    --------------------------------------

    2. Now I am not sure if the registry info here is common for all cases, but i proceeded to open RegEdit (Start Menu --> run --> Regedit)

    3. Find the keys above in the registry (HKLM = HKey_Local_Machine) and delete them.

    4. Tupost32.dll is still in my windows folder at this stage as I am unsure of its function, however the popup warning messages have stopped.

    This was done after numerous software scans which didnt seam to solve the problem.

    I hope this helps some people and makes a bit of sense. I am by no means a computer wizz, so am unaware if I have done the 'right' thing, but have undoubtedly managed to solve the problem at hand.