Trojan-Spy.Lindra not detected by Nod32 but detected by Spyware Doctor

Discussion in 'ESET NOD32 Antivirus' started by clarence77, May 21, 2008.

Thread Status:
Not open for further replies.
  1. clarence77

    clarence77 Registered Member

    Joined:
    May 21, 2008
    Posts:
    2
    Out of curiosity I downloaded Spyware Doctor starter pack from Google due to its great review from PC Mag. I scanned my computer using it and it turns out that there is a trojan in my computer that nod32 v3 didn't detect. Here's the report from Spyware Doctor quarantine:

    Trojan-Spy.Lindra-Low
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS#ServiceDLL
    A malicious application that attempts to steal passwords, login details and other confidential information.

    I didnt know how this happened. My Nod32 always updates almost hourly, I have Comodo Personal Firewall with HIPS on and Threatfire. I scan regularly with Indepth scan with Nod32 and Theatfire. The three of them didn't show any keylogging activity at all.

    Due you advise that I should change all my passwords now? Thanks.

    Clarence
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,411
    You've mentioned a reference to a registry key, but not file. Please send a log from ESET SysInspector (downloadable from ESET's website) along with any suspicious files you might have found to samples[at]eset.com with this thread's url enclosed.
     
  3. clarence77

    clarence77 Registered Member

    Joined:
    May 21, 2008
    Posts:
    2
    I noticed that too actually in the result of the scan. There really was no file detected, only a registry key. There is also no file in the quarantine. Can a registry key by itself log and send data on the internet like the description from Spyware Doctor says?

    I think this is more like a false positive on SD's side. Thanks.
     
  4. Wyrd

    Wyrd Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    14
    Probably, this is a false positive. I had a similar case, when Spyware Doctor removed a reg key for my DVD software, simply due to its name matching the name a Trojan program assumes occasionally. I'd go by deleting that key and rescanning everything.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.