Hello im new here kinda found this site whilst browsing for help with this infection.
Win32/Ldpinch windows defender is reporting this


But norton / spybot/ adaware and super anti spyware are reporting that i'm clean apart from some tracking cookies here and there.
What I'm wondering is if it is a false negative ..
Any help will be great fully received.

Discovered: November 3, 2003
Updated: November 4, 2003 03:26:39 PM PST
Also Known As: Trojan.PSW.Ldpinch.s [Kaspersky], PWSteal.Ldpinch
Type: Trojan Horse
Infection Length: 17,408 bytes
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

When Infostealer.Ldpinch is executed, it does the following:

1. Copies itself to %Windir%.

Note: %Windir% is a variable. The Trojan locates the Windows installation folder (by default, this is C:\Windows or C:\Winnt) and copies itself to that location.
2. Adds the value:

"putil"="%Windir%\<filename>"

to the registry key:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

so that the Trojan runs when you start Windows.

3. Records the following information to a log file and then sends the information to the hacker at a hardcoded email address:
* User keystrokes
* System information
* User email accounts
* Passwords from the following programs:
o ICQ99b-2003a/Lite/ICQ2003Pro
o Miranda-icq
o Trillian ICQ&AIM
o &RQ

Yeah allready seen that on the Symantec Site none of the reg keys are present on my pc

Submit this file:

D:\WINDOWS\Installer\UpdateService.exe

to http://www.virustotal.com/vt/ and http://virusscan.jotti.org/

That should tell you right off if this is bad or a false positive. My guess is that it is bad.

AntiVir 7.2.0.46 11.24.2006 TR/PSW.LdPinch.awz
Authentium 4.93.8 11.23.2006 no virus found
Avast 4.7.892.0 11.23.2006 Win32:Trojan-gen. {UPX!}
AVG 386 11.24.2006 PSW.Ldpinch.CAT
BitDefender 7.2 11.24.2006 DeepScan:Generic.Dialer.DCAAAA09
CAT-QuickHeal 8.00 11.24.2006 no virus found
ClamAV devel-20060426 11.24.2006 no virus found
DrWeb 4.33 11.24.2006 no virus found
eSafe 7.0.14.0 11.24.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.66 11.23.2006 Win32/Ldpinch.7bl!Trojan
eTrust-Vet 30.3.3211 11.24.2006 Win32/Yurist.K
Ewido 4.0 11.24.2006 Trojan.LdPinch.awz
Fortinet 2.82.0.0 11.24.2006 W32/LdPinch.AWZ!tr.pws
F-Prot 3.16f 11.23.2006 no virus found
F-Prot4 4.2.1.29 11.23.2006 no virus found
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.24.2006 Trojan-PSW.Win32.LdPinch.awz
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.24.2006 Win32/Ldpinch
NOD32v2 1881 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 W32/LdPinch.EUB
Panda 9.0.0.4 11.24.2006 Trj/Ldpinch.SU
Prevx1 V2 11.24.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.123 11.23.2006 Trojan/PSW.LdPinch.awz
UNA 1.83 11.24.2006 Trojan.PSW.Win32.LdPinch.76F0
VBA32 3.11.1 11.24.2006 Trojan-PSW.Win32.LdPinch.awz
VirusBuster 4.3.15:9 11.24.2006 Trojan.PWS.LdPinch.ZN

Thanks for those briliant sites
what should i do ?for now defender has it quarantined

I would get rid of the file as we know it bad by clearing your quarantine so they are no longer on your computer. I would also suggest you scan your computer with the kaspersky online virus scanner:

http://usa.kaspersky.com/services/free-virus-scanner.php

If it still finds more malware, then do the steps here:

http://www.bleepingcomputer.com/forums/topic34773.html

last but not least, this malware is a keylogger and information stealer. I advise you change all your passwords for sites, your computer, etc.