Hi! Mates,
I am an old geek, who has been using the PC for more than 20 years now. I have a middle range PC. Now my problem is, recently I downloaded a software named Nitro PDF professional. But when I tried to extract it, the message appeared that, Trojan.PSW.LdPinch has been blocked by my antivirus.
Now my question is what is this virus?
Is it really harmful?
Thanks in advance.
Ok, I think you have downloaded a manipulated software. This virus type, is a password stealer. This type of virus holds your software passwords and injects it to a legal software to manipulate it. In this process you don’t have to buy that software, but there could still be a problem.
When you go to update that software, you will be detected and your software will have gone beyond its trial period.
But about the virus it is not so harmful. It’s only a password bypasser. So it will not affect your PC. There is also a virus type which is the same as this virus. Its name is backdoor. generic.
You can see this page to know more about your virus.
What Antivirus are you using? I recommend you to use some renowned Antivirus like BitDefender, AVG, Norton etc.
This will protect your PC from all types of known viruses, as well as unknown viruses too.
Ahoy mates,
Trojan.PSW.LdPinch is a password stealer. What it does is, it steals your passwords, usually the ones that you enter in your Internet browser. So, to answer your question, Yes! It's harmful in some ways. One such way is, the Trojan will send your email username and password to a server (the ones who made this Trojan), and most likely they will log in to your email and spam other people in your contacts. You don't want this to happen.
Be careful when you're downloading manipulated or illegal Software as many of them contain Malware. Read reviews from other people (who downloaded the same software from the same website) first before you download them.
It's still better to buy an original one.
According to F-Secure, a Finnish cyber security and privacy company based in Helsinki, Finland, it is a password-stealing Trojan horse virus with backdoor and proxy capabilities that was discovered on December 15, 2004. They renamed the “Damrai.A” virus into “LdPinch.ht” because the Trojan also has password stealing capabilities. The Trojan is a worm that infects 32-bit operating systems and known in the following names:
In Germany, it was spammed widely in a message that contained an attachment called “telekom-rechnung.chm” which contains two files: “open.exe” and a tiny HTML file that tries to execute the other file (open.exe) which uses the vulnerability in Microsoft Internet Explorer. The actual Trojan horse virus is contained in the “open.exe” file.
When the EXE file is started, it will first disable two services: one belonging to the antivirus and the other to the firewall.
After that, the Trojan initiates several threads where one of the threads tracks and kills processes if their names contain any of the following substrings:
The Trojan then creates shortcuts to the “Favorites” menu of Microsoft Internet Explorer and Windows Explorer to the following websites:
More information at TROJAN.PSW.LDPINCH.HT Threat Description.
