Minecraft DL is a Minecraft web site (not at all affiliated with the real Minecraft) that bundles unwanted malware/adware in its download manager. This malware is inserted by WebPick Internet Holdings and utilizes the company's InstalleRex platfom using the JustPlugIt toolbar extensions along with other potentially unwanted offers. In addition the download manager provides minimal user consent to opt-out of the offers. The domain www.minecraftdl.com registered by Ittikorn Saengchuenthanom was initially registered in April of 2011 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Mountain View, California within the United States which resides on the Google Inc. network.
California, United States (US)
Friday, April 15, 2011
Thursday, April 15, 2021
Wednesday, October 29, 2014
AS15169 GOOGLE - Google Inc.
Detections (94% detected)
Adware.WebPick.Installer.R, Adware.WebPick.Installer.Q, PUP.OlehAleksyuk.R, PUP.OlehAleksyuk.Q, Threat.Win.Reputation.IMP, PUP.EdwardKosar, Adware.WebPick.Installer (M), PUP.WebPick.ItzhakShternberg (M), PUP.OlehAleksyuk (M)
Win32:InstalleRex-CK [PUP], Win32:MultiPlug-HL [PUP], Win32:InstalleRex-CG [PUP], Win32:InstalleRex-BI [PUP], Win32:MultiPlug-JU [PUP], Win32:MultiPlug-ND [PUP], Win32:Agent-AYLT [PUP]
PUP-FMK, MultiPlug-FQV, PUP-FHQ, MultiPlug-FRO, MultiPlug-FPF, MultiPlug-FSS, MultiPlug-FTG, Program.MultiPlug-FTA, Program.PUP-FMK, Program.MultiPlug-FQV
Trojan.Win32.AntiFW, not-a-virus:AdWare.Win32.MultiPlug, not-a-virus:Downloader.Win32.AdLoad, HEUR:Trojan.Win32.Generic
Trojan.WebPick.2759, Trojan.WebPick.2735, Trojan.WebPick.29, Trojan.DownLoader11.38601, Trojan.WebPick.2452, Trojan.Crossrider.36840, Trojan.Crossrider.38004
K7 Gateway Antivirus
Unwanted-Program , Trojan
Unwanted-Program , Trojan
Riskware.Win32.InfoLeak.cvgqot, Riskware.Win32.MultiPlug.dgfylp, Riskware.Win32.MultiPlug.dfjscb, Riskware.Win32.MultiPlug.decasb
Application.Win32.InstalleRex.KG, Application.Win32.MultiPlug.PNU, Application.Win32.Multiplug.CT, Application.Win32.AdWare.MultiPlug.VA
Win32/InstalleRex.M potentially unwanted application, Win32/AdWare.MultiPlug.CN application, Win32/AdWare.MultiPlug.BS application
Generic, Adware Generic_r.UH, InstallRex, Adware Generic_r.VD, Adware Generic5.BRME, Adware Generic5.BGPZ, Adware Generic_r.WW
McAfee Web Gateway
PUP-FMK, BehavesLike.Win32.Trojan.bc, BehavesLike.Win32.Downloader.fc, BehavesLike.Win32.ArcadeWeb.cc, BehavesLike.Win32.Backdoor.cc
InstallRex, MultiPlug, PUA 'MultiPlug' (of type Adware), PUA 'InstallRex'
PUP.Optional.InstalRex, PUP.Optional.InstalleRex, PUP.Optional.MultiPlug, PUP.Optional.MultiPlug.A, PUP.Optional.Installrex
Adware/InstallRex.A.3, Adware/MPlug.yvz, TR/Kazy.324119.42, Adware/InstallRex.4, ADWARE/MultiPlug.Gen7, Adware/InstallRex.fgw
The domain www.minecraftdl.com has been seen to resolve to the following 7 IP addresses.
August 11, 2015
June 9, 2014
May 23, 2014
March 27, 2014
February 14, 2014
File downloads found at URLs served by www.minecraftdl.com.
Latest 30 of 132 download URLs
The following 20 files have been seen to comunicate with www.minecraftdl.com in live environments.
“Minecraft Mods Texture Packs Download Skins Maps”
“Minecraft is the fastest growing Java game in the Internet history. We offers you minecraft skins, maps, mods, texture packs and much more.”