Cydoor is a company that makes a little product that you may accidentally install on your PC with some other program especially those freeware programs and hacks by that guy who calls himself F.O.S.I.

At any rate Cydoor grabs your e-mails and other information along with browser and surfing data and sends it to Cydoor who then sells it to marketing geeks who hate humanity and never end with thinking of ways to sell you junk you really don't need.

I got three cydoor event infections on my PC.

PC Tools Spyware Doctor couldn't fix it
Norton 360 couldn't fix it
Both identified it though

On the web there are various walk throughs even one on the Symantec site that purport to walk you through a manual fix and removal. All require that you edit your registry. None of the online instructions were of any use for me because the places they told me to look in my registry for the DLL and other files didn't have any of the named files. They weren't there.

the files (registry entries) in question are:

cd_install_336.exe
cd_*.DLL
cd_clint.dll
cydoor

-and- any name for a Peer-to-Peer software on your computer even if you have never installed it. In my case it was: KaZaA. And I havbe never installed a P-toP network. Peer-to-Peer utilities are the delight of internet criminals who need to use your computer as a ware house for encrypted child porn files. And that's how they gain entry.

I found the CYDOOR entries by hitting CONTROL F (ctl F) while in the registry editor subroutine and doing a 'find" for them using wild card asterisk: "cd*"

I renamed the entries with REM in front of the name which tells the Operating System to ignore those files and that was the end of my CYDOOR infection.

If I had to find them using the biblical method (seek and ye shall find) I'd have never found them 'cause they were buried so deep in the registry.

Anyone else using your machine? It's my understanding that Kazaa installs cydoor, not the other way around. Hence the reason it might not have been removed by some anti-virus programs is that removing it may cause certain programs--like Kazaa--to stop working.

I personally like ad-aware and spybot S&D for removal of this kind of stuff.

Cliff, sorry you had to go through that mess. Thanks for the tips.
Ben

Go to the Spybot forum. They are very helpful and will help you out.

http://forums.spybot.info/

A quick search there gave this to me -

http://forums.spybot.info/showthread.php?t=39607&highlight=cydoor

I love my new mac mini....:D

I love my new mac mini....:D

What did all that love cost you?

Anyone else using your machine? It's my understanding that Kazaa installs cydoor, not the other way around.

No other users. KaZaA was on a disk of other programs that a friend gave me. I haven't installed a tenth of the stuff on that disk but I did make a copy of it in a directory on my hard drive.

So I also REM-med out that file. Seems it may have self installed.

If you were to Google spybot, you will get wrong websites. The REAL spybot s&d is here. http://www.safer-networking.org/en/index.html
Used in conjunction with spyware blaster, http://www.javacoolsoftware.com/spywareblaster.html they make a nice package.
When asked, install teatimer.

What did all that love cost you?
$549:cool:

I love my new mac mini....:D

+1

(except mine isn't exactly new... good ol' G4 processor :p)

I will recommend Ad-aware. I picked up a nasty piece of malware recently and Norton wasn't capable, but Ad-aware took care of it.

And for all of those folks enjoying your Macs -- don't rub it in. You don't want all the PC folks going over to Macs. The main protection that Macs have currently is that Mac market share is so small compared to PCs that most malware isn't written for Mac (which is Linux based if I remember). If we all go over to Macs . . . guess who comes into the crosshairs?

Cheers,

Chris

Go to http://malwarebytes.org and download the free software. When you are finished downloading it install it, update it and run it on full scan. The do whatever it tells you to and there is a good chance it will fix it. This is a great program. It has fixed many problems that other programs wouldn't even touch. It is fast after you do your full scan, just do the fast scan. Good luck.

Go to http://malwarebytes.org and download the free software. When you are finished downloading it install it, update it and run it on full scan. The do whatever it tells you to and there is a good chance it will fix it. This is a great program. It has fixed many problems that other programs wouldn't even touch. It is fast after you do your full scan, just do the fast scan. Good luck.

I agree it is an excellent program but it did not pick up the problem I had once. After much looking I discovered the hosts file had extra code that was causing a redirect on searches. It took a long time to find that.

If you can't get it solved then go to http://daniweb.com and go to the virus forum (http://www.sawmillcreek.org/showthread.php?t=107696&goto=newpost). They have some real Guru's over there.

I love my new mac mini....:D

I'm not willing to put my faith in security through obscurity. ;)

BTW, in the pwn2own competition, Safari got hacked in 10 seconds. Took hours to do the same to Firefox and IE8.

http://www.pocket-lint.com/news/news.phtml/23051/24075/Safari-hacked-seconds-Pwn2Own-contest.phtml

$549:cool:


That's not a bad price

That's not a bad price

yeah it only costs me 25 grand a year to send my daughter to college to qualify for the $50 discount;)