home

www.winload.de

Domain Information

Server location:
Nordrhein-Westfalen, Germany (DE)

ASN:
AS8972 PLUSSERVER-AS intergenia AG

Root domain:
winload.de

Scanner detections:
Detections  (59% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.ECONAInternetAG.Installer (M), PUP.ECONAInt.Installer (M), PUP (M)
75.00%

ESET NOD32
Win32/WinloadSDA.J potentially unwanted application
41.67%

avast!
Win32:Malware-gen
16.67%

Dr.Web
Trojan.DownLoader3.6063, Trojan.DownLoader11.26375
16.67%

VIPRE Antivirus
Threat.4150696
8.33%

Emsisoft Anti-Malware
Trojan.Generic.11779583
8.33%

Norman
Trojan.Generic.11779583
8.33%

The domain www.winload.de has been seen to resolve to the following 2 IP addresses.

80.86.80.168
ma22143.plusserver.de
July 19, 2015

80.86.80.177
static-ip-80-86-80-177.inaddr.ip-pool.com
December 22, 2013

File downloads found at URLs served by www.winload.de.

1 / 68      (PUP)
http://www.winload.de/download.php?download_id=2686063&programm_id=106352&salza=x50d9b4cb116d9&sda=1&es=0&ss=0  (lemmings-setup.exe)

1 / 68      (PUP)
http://www.winload.de/download.php?download_id=3187930&programm_id=116472&salza=x510ec9493b8c1&sda=1  (proxtube-fr-chrome-setup.exe)

1 / 68      (PUP)
http://www.winload.de/download.php?download_id=4934490&programm_id=119085&salza=x51b37507d35c5  (eden-eternal-setup.exe)

2 / 68      (PUP)
http://www.winload.de/download.php?download_id=3464551&programm_id=117615&salza=x51272c5a49623  (kaspersky-usb-rescue-disk-maker-setup.exe)

2 / 68      (PUP)
http://www.winload.de/download.php?download_id=3464612&programm_id=116887&salza=x51272de845311  (kaspersky-windowsunlocker-setup.exe)

1 / 68      (Malware)
http://www.winload.de/download.php?programm_id=104450&salza=x4f170fc2f246c&sda=1&es=1&ss=1  (teamspeak-client-setup.exe)

2 / 68      (PUP)
http://www.winload.de/download.php?download_id=4095177&programm_id=111551&salza=x5155f9693cf37  ({blocked}.exe)

5 / 68      (Malware)
http://www.winload.de/download.php?programm_id=71174&salza=x4ec536a657a90&sda=1&es=1&ss=1  (data-becker--rechnungsdruckerei-2008-setup.exe)

2 / 68      (PUP)
http://www.winload.de/download.php?download_id=2200447&programm_id=119586&salza=x509fd9c088ba5&sda=1&es=0&ss=0  (borderlands-2-setup.exe)

1 / 68      (inconclusive)
http://www.winload.de/download.php?download_id=4051620&programm_id=111579&salza=x5152f9a8bae59  (deer-drive-setup.exe)

1 / 68      (Malware)
http://www.winload.de/download.php?download_id=897929&programm_id=79156&salza=x4ff9e779a63a0&sda=1&es=0&ss=0  (die-sims-2-setup.exe)

2 / 68      (inconclusive)
http://www.winload.de/download.php?programm_id=50152&salza=x4dceae2cde56b&sda=1&es=0&ss=0  (advanced-pdf-to-jpg-converter-setup.exe)

0 / 68
http://www.winload.de/download.php?download_id=2766366&programm_id=72760&salza=x50e0a9c55b7ae&sda=1&es=0&ss=0  (3dmark-setup.exe)

0 / 68
http://www.winload.de/download.php?download_id=3755715&programm_id=116321&salza=x513ca533a0c77  (eisenbahn-simulator-setup.exe)

0 / 68
http://www.winload.de/download.php?download_id=3755734&programm_id=113504&salza=x513ca5613b998  (3d-eisenbahnplaner-setup.exe)

0 / 68
http://www.winload.de/download.php?download_id=5104180&programm_id=120981&salza=x51c6be698d96f  (cdrwin-9-setup.exe)

0 / 68
http://www.winload.de/download.php?download_id=2514810&programm_id=113570&salza=x50c7014602b0d&sda=1&es=0&ss=0  (3dmark-11-setup.exe)

The following file have been seen to comunicate with www.winload.de in live environments.

TCP » 80.86.80.168:80
avwebgrd.exe (Avira Product Family by Avira Operations GmbH & Co. KG)

giga-downloads.de

giga.de

madolo.fr

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.