Dee, Pollux and Tuntankamon found a false positive in this thread: https://www.wilderssecurity.com/showthread.php?t=42414 I agree with you guys ! Kudos to the three of you for finding this one !!! What is it all about: TDS-3 with Radius-file from Friday 23-July-2004 gave a positive warning that rundll32.exe was infected with Adware.Cydoor. This is a false positive from TDS-3. I too started a full system scan by TDS-3. As soon as I saw a warning from TDS-3 on my D-partition, I let it stop scanning D and my other partitions, and let TDS-3 only further scan C. My scandump by TDS-3: Scan Control Dumped @ 01:25:11 24-07-04 Positive identification (in archive): Adware.Cydoor File: rundll32.exe (In d:\ers9x\zipped\vitalw1.zip) Positive identification (in archive): Adware.Cydoor File: rundll32.exe (In d:\ers9x\zipped\vitalw2.zip) Positive identification: Adware.Cydoor File: c:\windows\rundll32.exe Positive identification: Adware.Cydoor File: c:\program files\greatis\regrunsuite\files\rundll32.exe - end scandump - Just to tell you a bit more: I run W 98 SE. ERS9X is a software backup program (giving you the capability to backup the most important parts of your OS on a FAT32-system; Paul and Snap will know what I'm talking about; the program is mentioned on the Wilders-org site ). RegRun does not need any further introduction : a great program for your registry. The mere fact that TDS-3 gave alerts on rundll32.exe in the "archives" of those programs, proves already more or less that this is a false positive. Later I'll run my other scanners to give more prove; but I'm already sure that this is a false positive by TDS-3.