Content
Adware-Cydoor
- Type
- Program
- SubType
- Adware
- Discovery Date
- 12/06/2003
- Minimum DAT
- 4308 (12/10/2003)
- Updated DAT
- 5223 (02/05/2008)
- Minimum Engine
- 5.1.00
- Description Added
- 12/09/2003
- Description Modified
- 12/09/2003 11:37 PM (PT)
Tab Navigation
Characteristics
This is not a virus or trojan. It is a direct-marketing adware application. This application generates extra pop-up ads while using Internet Explorer.
This kind of application generally comes bundled with another program, which usually discloses the fact that it is ad-supported. It is currently bundled with file-sharing programs like Kazaa and Imesh, but may be bundled with other programs as well. Users agree to have the Adware installed in the license agreement, although they may not realise at first that this file was packaged with the product they installed.
Installation
Upon execution, the application installs itself into the %SYSDIR% directory as cd_clint.dll. The dll is loaded at runtime by applications using it.
(Where %Windir% is the Windows directory, for example C:\WINDOWS)
(Where %Sysdir% is the Windows System directory, for example C:\WINDOWS\SYSTEM)
For example:
C:\windows\system32\cd_clint.dll
Files used by this program are dropped in the following directory:
C:\windows\system32\AdCache
The following registry keys are added and they contain properties used by this program:
- HKEY_CURRENT_USER\Software\Cydoor
- HKEY_CURRENT_USER\Software\Cydoor Services
Users who would like to check for the presence of potentially unwanted programs on their system should run the command line scanner with the /PROGRAM switch.
Please note that VirusScan 7, and higher, has an option that enables users to detect this kind of program automatically (see below).
Aliases
Aliases
-
N/A
