home

www.minecraft-downloads.com

Rene Polt

Domain Information

The domain www.minecraft-downloads.com registered by Rene Polt was initially registered in October of 2013 through WORLD4YOU INTERNET SERVICES GMBH. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Linz, Oberosterreich within Austria which resides on the RIPE Network Coordination Centre network.
Registrar:
WORLD4YOU INTERNET SERVICES GMBH

Server location:
Oberosterreich, Austria (AT)

Create date:
Monday, October 7, 2013

Expires date:
Friday, October 7, 2016

Updated date:
Thursday, October 8, 2015

ASN:
AS38955 WORLD4YOU World4You Internet Services GmbH,AT

Root domain:
minecraft-downloads.com

Whois:
2 minecraft-downloads.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.AlphaAppsFriedCookie.S, PUP.STMSetup.X, PUP.ironSource, PUP.Installer.ironSource, PUP.Bundler.installCore, PUP.InstallCore.Installer (M), PUP.InstallCore.FC.Installer (M), PUP.InstallCore.FC (M)
100.00%

VIPRE Antivirus
InstallCore, InstallCore.b, Trojan.Win32.Generic
66.67%

ESET NOD32
Win32/InstallCore.UE (variant), Win32/InstallCore.OL (variant), Win32/InstallCore.ON (variant), Win32/InstallCore.UQ (variant)
66.67%

Trend Micro House Call
Suspicious_GEN.F47V1223, TROJ_GEN.F47V0520, TROJ_GEN.F47V0518, Suspicious_GEN.F47V0110, Suspicious_GEN.F47V1210, TROJ_GEN.R00UC0EAM15, Suspicious_GEN.F47V0131
60.00%

Avira AntiVirus
ADWARE/InstallCore.Gen7, ADWARE/InstallCore.Gen9, Adware/InstallCore.836744, Adware/InstallCo.zlw, ADWARE/InstallCore.Gen4
53.33%

AVG
Generic
53.33%

McAfee
Artemis!D0D9128C9B4F, CryptInno!CD8EE2A48745, Artemis!AB826343DC19, Artemis!598E4420AA7A, Artemis!1B5DFCA5548A, Artemis!C7A2E6EAA37A
46.67%

Sophos
Generic PUA OI, Install Core Click run software, InstallCore ToDownload, Generic PUA HC, Generic PUA CF
46.67%

Comodo Security
Application.Win32.FriedCookie.CIRK, UnclassifiedMalware, Application.Win32.InstallCore.RO, Application.Win32.InstallCore.DE
46.67%

Dr.Web
Trojan.InstallCore.39, Trojan.MulDrop5.10078, Trojan.InstallCore.19, Trojan.InstallCore.49
46.67%

Baidu Antivirus
Adware.Win32.InstallCore
46.67%

Fortinet FortiGate
Riskware/InstallCore
46.67%

K7 AntiVirus
Unwanted-Program , Adware
40.00%

Qihoo 360 Security
Win32/Virus.Adware.94c, Win32/Virus.Adware.eef, Win32/Virus.Adware.f22
26.67%

G Data
Win32.Application.InstallCore.DI, Win32.Application.Agent.Y0QGUM
26.67%

The domain www.minecraft-downloads.com has been seen to resolve to the following IP address.

81.19.145.54
www34.world4you.com
January 13, 2015

File downloads found at URLs served by www.minecraft-downloads.com.

16 / 68    (Adware)
http://www.minecraft-downloads.com/.../luckyblock.exe  (cb4f3cb0613b9d54fc8cc13a2c0a1bcc)

16 / 68    (Adware)
http://www.minecraft-downloads.com/.../mocreatures_installer.exe  (64c6a3e4697e38177ac55287495619bfc58562b1d259fc7054414b18f58a1457)

1 / 68      (Adware)
http://www.minecraft-downloads.com/.../luckyblock.exe  (d1c7d27378e899c09b7ec9d4639c2a7c)

1 / 68      (Adware)
http://www.minecraft-downloads.com/.../star_wars1710.exe  (2f90cee8f5d9c2828b75024cc4e30ada)

12 / 68    (Adware)
http://www.minecraft-downloads.com/.../instant_structures.exe  (598e4420aa7a71b401ed3b5627a0c287)

1 / 68      (Adware)
http://www.minecraft-downloads.com/.../instant_structures.exe  (1af399502fc4d7d30230e377d7a98679)

1 / 68      (Adware)
http://www.minecraft-downloads.com/.../instant_structures.exe  (b9d860421d57d4e4af750acd2b34572a)

13 / 68    (Adware)
http://www.minecraft-downloads.com/.../lucky_block.exe  (ab826343dc196d91c543b5811d5ff399)

1 / 68      (Adware)
http://www.minecraft-downloads.com/.../instant_structures.exe  (b651d56df1abf1c02420851688c75af4)

13 / 68    (Adware)
http://www.minecraft-downloads.com/.../instant_structures.exe  (c7a2e6eaa37a995334510e0292263e3a)

10 / 68    (Adware)
http://www.minecraft-downloads.com/.../luckyblock.exe  (005b1f0313ae565cec58182a05749644)

12 / 68    (Adware)
http://www.minecraft-downloads.com/.../balkonweapons_installer.exe  (cd8ee2a48745b348bbc8e42439cc4b6c)

6 / 68      (Adware)
http://www.minecraft-downloads.com/.../luckyblock.exe  (f222aa4784db3248b5f7371f648aaa29)

9 / 68      (Adware)
http://www.minecraft-downloads.com/.../xray_installer.exe  (4e06cdcbf2729cef59312a056eee4086)

12 / 68    (Adware)
http://www.minecraft-downloads.com/.../instant_structures.exe  (d0d9128c9b4fc1892b10304e176b9023)

The following 2 files have been seen to comunicate with www.minecraft-downloads.com in live environments.

TCP » 81.19.145.54:80
online-guardian-v2.0.9.exe

TCP » 81.19.145.54:80
online-guardian-v2.0.9.exe

URL:
http://www.minecraft-downloads.com/

Title:
“- Mods, Maps, Recource Packs and Tools”

Web server:
Apache

liebeg.at

milscomputer.at

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.