This Trojan gains access to your system via your Browser Configuration. It is most often found with Internet Explorer. Often it can be detected visually with your Manage Addons Tools option. You are looking for BHO CLSID (Helper Object, Class IDs) appearing in the list in their native form of groups of hex numbers in the 8-4-4-4-12 pattern. Such as the 06849E9F-C8D7-4D59-B87D-784B7D6BE083 described below.
The published name and other details are missing, of course (they are the bad guys). Depending on the strength of your virus protection, this Trojan may only be partially successful in installation, since the DLL and other software installation was aborted. Only the BHO entry was added to the IE configuration in this case. This is less harmful but still will cause crashes since IE tries to use the CLSID and finds no registry entry for the CLSID or DLL to use.
Some symptoms of this infection may be IE is slower, IE crashing, browsing requests do not return a new page with the first try.
One tool that is very helpful with removing these type of infections is the Glary Utilities. Glary has a free version that you can locate with Google. Use the Modules Tab and the Internet Assistant tool to see the details of your browser and detect this or similar infections as CLSID values as described above.
Here is one of the most common infections in a little more detail. You may or may not have CTLDLG32.DLL on your system but still have the CLSID reference in the BHO configuration. Glary will let you delete it.
|
CTLDLG32.DLL Application/Process Description
|
|
Summary of CTLDLG32.DLL |
|
Company Information |
|
Description of CTLDLG32.DLL |
|
Threat Level (1-10) |
|
Processes |
|
CLSID List |