Alert Level (?)
Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Released: Jan 14, 2010
Win32/Ldpinch is a family of password-stealing trojans. This trojan gathers private user data such as passwords from the host computer and sends the data to the attacker at a preset e-mail address. The Win32/Ldpinch trojans use their own Simple Mail Transfer Protocol (SMTP) engine or a web-based proxy for sending the e-mail, thus copies of the sent e-mail will not appear in the affected user's e-mail client.
Win32/Ldpinch variants have varying symptoms however this trojan family has some shared characteristics and actions:
Creates an entry under one or both of the following registry subkeys to run this copy of the trojan each time Windows starts:
Attempts to gather data from the host computer. The Win32/Ldpinch trojan may gather data such as e-mail addresses, passwords, and system configuration information, including registry settings. It may also gather data from installed applications such as &RQ, FAR, ICQ, The Bat!, and Total Commander.