winload.exe Malware Information | Remove winload.exe Virus

What is winload.exe?

winload.exe is a legitimate file process developed by Microsoft Corporation. This process is known as winload.exe and it belongs to Windows Boot Manager. You can locate the file in C:\Windows\System32. The virus is created by malware authors and is named after winload.exe file.

Affected Platform: Windows OS

How to check if your computer is infected with winload.exe malware?

If your system is affected by winload.exe malware, you will notice one or several of the symptoms below:

winload.exe occupies an unusually large CPU memory
Erratic internet connection
Your browser is bombarded with annoying popup ads
Computer screen freezes
PC's processing speed suffers
You are redirected to unknown websites

To pinpoint the virus file location, take the following steps:

Step 1: Press CTRL+ALT+DEL keys at once to open Task Manager.

Step 2: If you notice the file located outside C:\Windows\System32, you should run an antivirus scan to get rid of the malware.

How to remove winload.exe malware from system using Comodo Cleaning Essentials?

You can either choose to remove winload.exe and other malwares using Comodo Antivirus, or Comodo Cleaning Essentials (CCE) – both of which are absolutely free to download! CCE is a set of computer security tools designed to help you identify and remove malwares and unsafe processes from an infected computer.

To remove malwares using CCE, take the following steps:

1. Check the system requirements and download the feature-rich CCE suite for free.

2. After installation, choose the type of scan you want to perform. CCE offers 3 scan options to get rid of malwares from a PC:

Smart Scan: Does a scan on critical areas of your system.
Full Scan: Does a complete scan of your system.
Custom Scan: Does a scan only on selected items.

The process to initiate the above mentioned scans are self-explanatory and thus, easy-to-use.
Additionally, it's recommended that you approve of any updates that the CCE will prompt you about to ensure it does a better job of identifying all the latest threats.

3. Click 'Next' to view the results.
Regardless of the type of scan you choose, the results will sometimes show false positive (flagging files that are actually safe), which has to be ignored. Only select the files you want to get rid of.

4. Click 'Apply' to apply the selected operations to the threats. The selected operations will be applied.

Malware Entries

Safe Entries

First Seen: 15 May 2012 at 4:50 pm

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	zCore	Executable	2163e86518e9e9ae 4d1a0c49d64c8e0e a186abf5	1861916c791e7752 8ad58cc0dd538872	TrojWare.Win 32.TrojanDro pper.VB.ABV	No	1.02.0002	1.02.0002	Internal Submission	N/A
2	NULL	Executable	5899df6f214d9066 dd4ff8df9f227bc5 2716d052	ca098ce46021c49b 25d018495e930bbd	Unclassified Malware	No	0.0.0.0	0.0.0.0	United States	N/A
3	N/A	Executable	20015c3bbf4c2d59 16b7614816fe27de 0b4a2a7b	f597fe18d6c1196b 3e54f2f168eee55b	Win32.Neshta .A	No	N/A	N/A	Turkey	N/A
4	Tonec Inc.	Executable	0c7ade43e41adf85 b409ef2c5b74ad39 0cbc0ca9	33576d723557be14 3bb8c3750b93b543	Unclassified Malware	No	6.11.5.1	6.11.5.1	Internal Submission	N/A
5	NULL	Executable	72fe3bdbf8529502 a690b4c5e22c0fef 4deadaa8	e5de453156a54983 845e7203a1bb4f00	Unclassified Malware	No	0.0.0.0	0.0.0.0	United States	N/A
6	N/A	Executable	674864bb6656f133 1ba941b0da064ee9 dd0286e1	89acc6d39aeeae86 4f2c3ed0ce871c6c	Win32.Neshta .A	No	N/A	N/A	181.66.169.99/32	N/A
7	N/A	Executable	a542ab8650b8775e 4dfcc5677de75399 6f6de8a0	0795781b26864b6d 41f2001d8e6796cd	TrojWare.Win 32.Injector. AATV	No	N/A	N/A	United States	N/A

Prev 1 2 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 20 August 2010 at 7:53 pm

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	Microsoft Corporation	Executable	101ba76568a35bdc e551959e75de934a d3ecb610	9719ccc5f0caf07a fee17d46e3ce53b3	No	6.2.9200.1 6433 (win8_gdr. 121010-170 4)	6.2.9200.1 6433	Internal Submission
2	NovAtel Inc.	Executable	abaa30e283de258b 25e27f12719a1dad f4f4c07a	6893d51db861fb27 c134a9ac95e4cd5d	No	1.0.3.205	1.0.0.0 Alpha	Internal Submission
3	Paradox Security Systems Ltd.	Executable	87d720fa941d14b0 d0303ed5940dd835 94b1d7a5	f9dac9e28c776e60 1f2ea46bba8da9c0	No	2011.5.40. 4	2011.5.40. 4	31.0.123.233/32
4	N/A	Non-executable	fda3707f25cd8822 bbf123c8cfcca75f 47009388	29e708fe5797a837 837103f09ca0ab70	No	N/A	N/A	United States
5	Microsoft Corporation	Executable	2b536c0d297a8525 194bb51a340831e2 7c51ebc6	8139738658c31621 541293085a94681d	No	6.1.7600.2 0897 (win7_ldr. 110204-171 5)	6.1.7600.2 0897	Internal Submission
6	N/A	Non-executable	925c269f85504c3b 6ef9aa4b4202e6cf ca3790f5	2fdb1910d0e161ed 8b4e6e5bc800f30e	No	N/A	N/A	104.238.128.144/32
7	NovAtel Inc.	Executable	24c9f39410cc2cf7 f56f8ad70089804c 73845d2a	291e028ffc7cbc6f 25be1662fbf52337	No	1.0.100.25 1	1.0.0.0 Alpha	Internal Submission
8	NovAtel Inc.	Executable	985b2ab6a4566908 db14641aad5b42e1 59cb85ec	c414ed0033c23f98 bcc317c1e46fd2d0	No	1.0.98.249	1.0.0.0 Alpha	Internal Submission
9	N/A	Non-executable	ca3d458ebea53e85 4c4122b9bae5c588 bd6aab5f	547147a555ee9283 af58e1ac4773ebce	No	N/A	N/A	United States
10	NovAtel Inc.	Executable	2000c004afa66e2a a02c25bf853283b7 6bf1c2ab	d918784fde8675d6 e3b5be27c0d352f8	No	1.0.107.25 6	1.0.0.0 Alpha	Internal Submission
11	N/A	Non-executable	4e69a93fcd0a29f7 107bf4c2e53c13f4 6f8a697c	e83522277fb0d055 9bfb6dd5c383e9b9	No	N/A	N/A	104.238.128.144/32
12	NovAtel Inc.	Executable	506ed55b7404af22 9846f08bac8f6afb b2e5f584	c1203eba9e040d0d 254fe047d8061f59	No	1.0.111.26 1	1.0.0.0 Alpha	Internal Submission
13	N/A	Non-executable	925c269f85504c3b 6ef9aa4b4202e6cf ca3790f5	2fdb1910d0e161ed 8b4e6e5bc800f30e	No	N/A	N/A	United States
14	NovAtel Inc.	Executable	442c16bf05065ee4 97ad6eab26e53f07 a90f532f	176523ea3a60e4e7 4baebe4d70972598	No	1.0.94.246	1.0.0.0 Alpha	Internal Submission
15	N/A	Non-executable	ff1c2759b46548dd a44577d3ce16b740 233a1c99	653e57023a13f101 a1196c018f1b2141	No	N/A	N/A	United States
16	Microsoft Corporation	Executable	6cea2595e7a96786 086c0799fd143a4b 5cc4ea71	8d4eca2cc4cc79a3 2a7e74bbda612eaa	Yes	6.3.9600.1 6384 (winblue_r tm.130821- 1623)	6.3.9600.1 6384	10.108.51.116/32
17	Microsoft Corporation	Executable	f9e5175b19245e7e 5c4ec291233e875e 693b37c3	cbb4fb6cf6ba56c3 385dea64c059374a	Yes	10.0.19041 .3920 (WinBuild. 160101.080 0)	10.0.19041 .3920	United States
18	Microsoft Corporation	Executable	8afb479a69860298 e0b4b180a9293a61 a108581a	cbeb1a7c82aacec1 da589639c52ea8de	Yes	10.0.19041 .4291 (WinBuild. 160101.080 0)	10.0.19041 .4291	United States
19	Microsoft Corporation	Executable	6cea2595e7a96786 086c0799fd143a4b 5cc4ea71	8d4eca2cc4cc79a3 2a7e74bbda612eaa	Yes	6.3.9600.1 6384 (winblue_r tm.130821- 1623)	6.3.9600.1 6384	United States
20	N/A	Non-executable	06dd47a44dc4424c 63754448c7f68d73 7c1217b1	d2067b234f16313f 68fb87d2f7a27269	No	N/A	N/A	United States
21	Microsoft Corporation	Executable	b6388828cb7cb36d d6526b64ac091bc4 fbe17c49	80ad972a5ab8c193 2e54fd047a665df9	Yes	10.0.10586 .0 (th2_relea se.151029- 1700)	10.0.10586 .0	United States
22	Microsoft Corporation	Executable	3be039b457f3d7c7 741a39f50291f1cc 5cd66e98	a40f6453f8311d1b 07039467d673c97f	No	6.1.7601.1 7514 (win7sp1_r tm.101119- 1850)	6.1.7601.1 7514	Russian Federation
23	Microsoft Corporation	Executable	16f4b227f0b3f6d9 d49e4f666fff1c44 9d2f440b	f6ac6212a444dd37 d947305e244137f3	Yes	10.0.17134 .1184 (WinBuild. 160101.080 0)	10.0.17134 .1184	United States
24	Microsoft Corporation	Executable	ef49c5c8ae156372 fb86953f66c5479d 141fa2b4	9b357e7663123ab0 916437856f8fc982	Yes	10.0.19041 .1 (WinBuild. 160101.080 0)	10.0.19041 .1	104.238.128.144/32
25	Microsoft Corporation	Executable	bb78ab1cfa75fd08 6c03cc332b1ce9af e8b65676	911c0d47ae883529 abb631d20ce9579b	Yes	10.0.19041 .3562 (WinBuild. 160101.080 0)	10.0.19041 .3562	United States
26	Microsoft Corporation	Executable	2431ab84a0106693 2e08a18bd15b350b c096f4c2	6ecfe7648b222ca7 93fcde344e727fc7	Yes	10.0.19041 .3636 (WinBuild. 160101.080 0)	10.0.19041 .3636	United States

Prev 1 2 3...7 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Malware Search Engine

How to Remove “winload.exe”

What is winload.exe?

How to check if your computer is infected with winload.exe malware?