Multiple Programs – NTLDR and NTLDR.EXE

NTLDR is a program loaded from root folder of your hard drive when you boot your system. It displays the Microsoft Windows NT/2000/XP start menu and helps Windows load. If you run WinPatrol 10.x or later, you'll find this file in your Hidden Files list. This file is perfectly safe and required.

We also found a malicious instance of ntldr.exe that installs with the W32/Sdbot-GS backdoor trojan. This trojan spreads over weakly protected networks. It sets itself up to run on system startup as a service. It can allow a remote user to access your system via an IRC chat channel.

We'd recommend removing this file using WinPatrol. First, go to your Active Tasks tab and kill the file there. Next, go to your Startup Programs and remove the file there. We'd also recommend a full system scan with an up to date antivirus program.

Additional background info on this virus can be found at http://www.sophos.com/virusinfo/analyses/w32sdbotgs.html

Remove only if Virus