|
Malware -
Harmful EXE
|
ldr.exe is a filename that has appeared recently in several infections of different Trojan Horse/Backdoor/rootkit Viruses. It can be used to gain control of the system and use it for harming other computers. The file is found in different places on a computer. Although one can not deny the possibility that the same filename could be a part of some legitimate program. So make sure that it does not, before deleting it from your computer This article provides thorough detection and removal instructions based on the threatexpert reports. All the tools/ software mentioned in this article are freeware.
| Aliases: There are a number of aliases, You can find a list of them on this link
| Delete Files: The place where ldr.exe could be found in different variations is given below. Also see the reports for other files that need to be deleted %Temp%\IXP000.TMP
delete this folder if found see report1 %AppData%\ldr.exe see report2
%System%\ldr.exe see report3 %System% refers to the System folder. By default, C:\Windows\System (in Windows 95/98/Me), C:\Winnt\System32 (in Windows NT/2000), or C:\Windows\System32 (in Windows XP and in Vista)
%AppData% is C:\Documents and Settings\[UserName]\Application Data
%Temp% is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP) | | View Hidden Files: Before you could delete ldr.exe, and its associated files you need to search for them, and before doing that you need to enable to view hidden files and folders click here to read more... | | Boot in safe mode: Sometimes you will not be able to delete a file even if you find it, in that case you should boot in safe mode and then try to delete it/ them. Click here to read more... | | End Process in the Task Manager: If you find ldr.exe running in the Task Manager, you can select it and press End process button, that will help you to delete it from the hard disk later. click here to read more... | Remove entry from Windows Startup: Look in the windows startup, by opening the system configuration utility and remove the entry of ldr.exe if found. click here to read more...
| | Unable to open Task Manager: If that happens, you can try these free tools to enable the task manager again. click here to read more... | | Run CCleaner : If you manage to find ldr.exe and associated files and delete, even then there will be associated entries in the windows registry. If you run a free temp files/registry cleaner called CCleaner, that will help you to automatically clean the registry from the virus entries. click here to read more... | Block the sites: These are some of the remote hosts, which are contacted by this virus. so keep it in mind and protect yourself with a firewall accordingly
jopa.in
applepretty.com | Delete the registry keys manually: If you are brave enough to do so. You can edit the registry by using the windows built in registry editor. Click here to read more... You can find the registry entries created by different viruses on the reports links given in the "Delete files" section above. Best of Luck reference with permission from Threatexpert |
|
