Win32:Ldpinch-EU [Trj]

  1. How was it detected? What was scanning, you yourself or the back-ground scanner? When did the message occur on a download, unzipping, opening a file, mail or mail-attachment, etc.?
    I was doing a system startup scan.

  2. What was the source of the file, where did the file come from?.: e.g. address, URL, source.
    C:\WINDOWS\system32~GLH0006.TMP
    C:\WINDOWS\system32\rkinstaller.exe
    C:\WINDOWS\system32\RKINST~1.exe

  3. When was it downloaded or received?
    Not sure.

  4. What is the exact file name with extension.
    C:\WINDOWS\system32~GLH0006.TMP
    C:\WINDOWS\system32\rkinstaller.exe
    C:\WINDOWS\system32\RKINST~1.exe

I can’t seem to figure out how to get rid of it. There’s another virus, but I forgot to write it down. It began with a K… but I don’t know if that helps.

~Jade

Hi JadedNightDragon,

rkinstaller.exe seems to be adware, so I suggest you run a couple of free anti-adware programs:

Ad-Aware:

http://www.download.com/3000-2144-10045910.html

Spybot Search & Destroy:

http://www.safer-networking.org/

Also there’s a good free anti-Trojan program you could try:

a-Squared:

http://www.emsisoft.com/en/software/free/

You might also consider proactive protection, in order to place files in the system folders and create registry entries you need permission.

Whilst browsing or collecting email, etc. if you get infected then the malware by default inherits the same permissions that you have for your user account. So if the user account has administrator rights, the malware has administrator rights and can reap havoc. With limited rights the malware can’t put files in the system folders, create registry entries, etc. This greatly reduces the potential harm that can be done by an undetected or first day virus, etc.

Check out the link to DropMyRights (in my signature below) - Browsing the Web and Reading E-mail Safely as an Administrator. This obviously applies to those NT based OSes that have administrator settings, winNT, win2k, winXP.

Thanks! I’m going to try those programs first. before I try the DMR approach. I looked in the Avast chest and these are all the virus it found:

Win32:
Adware-gen
Trojan-gen
Kuang2
Ldpinch

Can those programs clean those virus? Or do I need something else?

Thanks!

:slight_smile: Hi Jaded :

 The ones you just mentioned are more "spyware" than
"virus"; therefore, an antiSPYWARE/antiTROJAN program
 is more appropiate. I recommend the FREE version of
"SUPERantispyware" from www.superantispyware.com
 AND/OR Ewido ( free ) from :
 www.filehippo.com/download_ewido/?1208 .

 P.S. This is assuming your Operating System is Win XP,
        which you have NOT mentioned at this point and is
        very important in making recommendations.