$_SERVER["REMOTE_ADDR"] = preg_replace('/.*,\s*/','', $_SERVER["HTTP_X_FORWARDED_FOR"]);
Notice: Undefined index: related in /data/www/spywareguide/product_show.php on line 49
Notice: Undefined variable: incprefix in /data/www/spywareguide/product_show.php on line 241
Program that delivers advertisements on your PC.
Note that many websites have their own advertising, unrelated to adware.
Cytron is an Internet Explorer Browser Helper Object. It scans the content of pages being viewed for keywords and opens pop-up advertising when they are detected.
Installed by ActiveX drive-by download on a page pointed to by mail claiming you have received an 'e-card'. The ActiveX control purports to be a viewer for e-cards.
pqnelhleyy 2cc963de 63945871
When IE is started for the first time it attempts to connect to Cytron's servers to download a list of keywords to look for, and URLs of pop-ups to open.
According to various reports, it also sends itself to everybody listed in your address book, with an email claiming you have sent them a greeting card. Once they open it, they too are infected.
Cytron/potd installs potd.dll into Downloaded Program Files; with Cytron/sec the filename is sec.dll instead.
First deregister the Cytron BHO. Open a DOS command prompt (Start->Programs->Accessories) and enter the following commands:
regsvr32 /u "%WinDir%\Downloaded Program Files\potd.dll"
You should then be able to delete the 'TargetingSource' entry in Downloaded Program Files (in the Windows folder), and the registry key HKEY_CURRENT_USER\Software\POTD (Start->Run->regedit).