Spybot S&D threw up three detections today, all were Cydoor. What was strange was that it found them in my program downloads folder, the products had been there for some years and have been scanned many times with Spybot S&D and never found to be infected.
Two of these Cydoor infections were in an old and newer version of the AdAware installer (AdAware itself is not installed). The third Cydoor infection was in uk_pix_download.exe which is the installer for the BonusPrint photo uploader. Although uk_pix_download.exe was reported to be infected with Cydoor the actual program file in Bonusprint Pix, the Bonus Print uploader, is clean or at least no spyware including Cydoor was found in it.
How does an installer that doesn't connect to the Internet and is used once have spyware in it yet the actual program it installs which does connect to the Internet has no spyware? I think something is amiss here. I'm not even going to try to get into the detections found in AdAware :![]()