Skip to main content
Microsoft Security Intelligence
Published Jan 31, 2008 | Updated May 03, 2011


Detected by Microsoft Defender Antivirus

Aliases: Win-Trojan/LdPinch (AhnLab) Win32/LDPinch.Variant (CA) Win32/PSW.LdPinch (ESET) Trojan-PSW.Win32.LdPinch (Kaspersky) PWS-LDPinch (McAfee) W32/LdPinch (Norman) Troj/LdPnch-Fam (Sophos) Infostealer.Ldpinch (Symantec) TSPY_LDPINCH.GEN (Trend Micro)


Win32/Ldpinch is a family of password-stealing trojans. This trojan gathers private user data such as passwords from the host computer and sends the data to the attacker at a preset e-mail address. The Win32/Ldpinch trojans use their own Simple Mail Transfer Protocol (SMTP) engine or a web-based proxy for sending the e-mail, thus copies of the sent e-mail will not appear in the affected user's e-mail client.

To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:

For more information on antivirus software, see

Follow us