Trojan Infostealer.Ldpinch.H gathers FTP account details and upload/sent to remote server. It creates and modifies some files in C:\Windows\System32 so that it could executes whenever Windows starts. How to remove Trojan Infostealer.Ldpinch.H ?
1. Perform standard procedure for Virus removal.
** Standard procedure for Virus removal

2. Remove the following entries from windows registry

** How to edit windows registry ?

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\UInit
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AEAUDIO
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aeaudio\Enum

Follow these steps only if the updated Anti-Virus (Eg.: Norton, Symantec) failed to remove the threat completely .

Remove these files if it exists on your computer.

C:\Windows\System32\lich.dat

Replace this file from Windows XP CD only if Anti-virus alert you about this system file

C:\Windows\System32\userinit.exe

On CD you can find a file named 'USERINIT.EX_' under i386 directory.

How to replace 'userinit.exe' this files using XP CD ?

1. Insert the Windows XP CD and reboot the computer. Change your BIOS settings to boot from the CD-ROM drive.
2. When the Windows XP Setup has started, press "R" to "repair the Windows XP installation using Recovery Console".
3. Select the Windows installation to repair by typing its number and then pressing ENTER.
4. Then Recovery console will ask Administrator password , type password and press ENTER.
5. Type the following commands:

D: [PRESS ENTER]
CD I386 [PRESS ENTER]
EXPAND USERINIT.EX_ C:\WINDOWS\SYSTEM32 [PRESS ENTER]

See Also:

• Top 10 Anti-Virus 2008
• Free Online Virus Scanners to Remove Virus
• Online Virus Scanner For Emails and Other Suspicious Files

*Use these tips at own risk. Recommends a good level of knowledge in computer operations. We will not be responsible for any damages caused to your system.