www.winlock-closer.com

Private person  (Proxy Registrant)

Domain Information

The domain www.winlock-closer.com is registered by proxy through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM and was originally registered in August of 2013. Currently this domain has been known to host various forms of malware. The hosted servers are located in Moscow, Moscow City within Russia which resides on the RIPE Network Coordination Centre network.
Remove Malware from www.winlock-closer.com - Powered by Reason Core Security
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:
Moscow City, Russia (RU)

Create date:
Sunday, August 18, 2013

Expires date:
Monday, August 18, 2014

Updated date:
Sunday, August 18, 2013

ASN:
AS28762 AWAX-AS AWAX Telecom Ltd,RU

Root domain:

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Bkav FE
W32.Clodce3.Trojan
100.00%

McAfee
Artemis!362A4D0A178B
100.00%

K7 AntiVirus
Trojan
100.00%

K7 Gateway Antivirus
Trojan
100.00%

Norman
Autoit.ZBH
100.00%

avast!
Win32:Malware-gen
100.00%

VIPRE Antivirus
Trojan.Win32.Generic
100.00%

McAfee Web Gateway
Artemis!362A4D0A178B
100.00%

Sophos
Mal/Generic-S
100.00%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
100.00%

Commtouch SDK
W32/Trojan.GWRL-8856
100.00%

ESET NOD32
Win32/Packed.Autoit
100.00%

Baidu Antivirus
Trojan.Win32.Autoit
100.00%

The domain www.winlock-closer.com has been seen to resolve to the following IP address.

dh01.hostline.ru
May 29, 2014

File downloads found at URLs served by www.winlock-closer.com.

13 / 68    (Malware)
http://www.winlock-closer.com/WinlockCloser.exe  (362a4d0a178b87bcbf8f78168e7b001c)

URL:
http://www.winlock-closer.com/

Title:
“Windows !”

Description:
“Winlock Closer - -. Winlock Closer - windows ! , windows !”

Web server:
nginx/0.7.67 (ModLayout/5.1)

Remove Malware from www.winlock-closer.com - Powered by Reason Core Security