[nLited XP - TROJAN LYNDRA (FP?)]

Spyware Doctor is recommended by many websites as good and trusted software, but I understand it might be false positive, thank you for your help, I am not going to worry about it anymore:)

[nLited XP - TROJAN LYNDRA (FP?)]

I will give it a try..it however still does not answer the question about nLite. Is it possible that nLite is tweaking something with BITS so that it looks like malware? Should I bother with reinstalling of BITS everytime I install nLited XP or should I ignore it as false positive?

Thanks

[nLited XP - TROJAN LYNDRA (FP?)]

Hi,

just to give you an updated. The registry key is associated with the following file:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS]

"ServiceDLL"="C:\\WINDOWS\\system32\\BITS\\qmgr.dll"

Is this anything i should be worried about?

[nLited XP - TROJAN LYNDRA (FP?)]

what file(s) is it that spyware doctor is reporting as infected? that may help someone locate the source of the infection.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS, ServiceDLL

• Your host you are building the image with system is infected (the infection may may hidden from the host OS but still show up post install on the new OS -im not familiar with lyndra so i cant say either way)

When I install original version of XP on the VMWARE - SPYWARE DOCTOR test finds nothing - clean

An update package you are adding to the OS with nlite is infected

I am adding nothing to the nLite version of the original, just selecting some registry tweaks + removing some items (no extra stuff)

Spyware Doctor is reporting a false positive. this is apparently happening in those wonderful "Windows.XP._______.Edition.torrent" that plague IT people everywhere.

I thought the same, therefore I tested this with my own nLited version, the outcome was exactly the same, TROJAN LYNDRA detected

the one thing that i know isnt the source of the problem is nLite. it does not produce this kind of problem.

[nLited XP - TROJAN LYNDRA (FP?)]

nLite is absolutely clean! I suggest you run a virus scan and start over.

nLite is clean ^ fresh install ^ trojan detected implies FALSE POSITIVE??

[nLited XP - TROJAN LYNDRA (FP?)]

Is it possible that nLite is adding any malware into the XP installation?

Sure, and we love it. It allows Nuhi to gather statistics over nLite users and their surfing and buying habits. For instance, if you buy a big plasma online, we like to know your adress and pass by on a saturday night.

Are you serious ?

Can you not see were the infected file comes from ?

OK, I am a bit slow on this one, sorry guys

My only question is, everytime I install nLited Version of XP I get LYNDRA TROJAN detected using Spyware Doctor, have you ever experienced this? Is this a false positive triggered by nLite or is it actually some real malware (not saying nLite is responsible for it).

[nLited XP - TROJAN LYNDRA (FP?)]

Hi, just a while ago, I have created nLited version of my XP install, I have tested both versions (original and nLited) on VMWARE. I have run the Spyware Doctor Scan on both of the fresh clean installs.

Original Version comes out as clean.

nLited version shows TROJAN LYNDRA - (Password Stealer and KeyLogger) detected

Could you please clarify this? Is it possible that nLite is adding any malware into the XP installation? Or is it just that some functionality added by nLite is triggering False Positive?

thanks for your comments