recover-keys.com

ONE UP LTD

Domain Information

The domain recover-keys.com registered by ONE UP LTD was initially registered in March of 2007 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Salem, Oregon within the United States which resides on the Liquid Web, Inc. network.
Remove Malware from recover-keys.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Oregon, United States (US)

Create date:
Sunday, March 25, 2007

Expires date:
Thursday, February 02, 2017

Updated date:
Sunday, November 08, 2015

ASN:
AS32244 LIQUID-WEB-INC - Liquid Web, Inc.

Scanner detections:
Detections  (93% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.ONEUP.T, PUP.Optional.Installer.U, PUP.Optional.Installer.T, PUP.Optional.Installer.P, Win32.Generic.ONEUP.Installer.Meta
100.00%

Clam AntiVirus
Win.Adware.Agent-7758
21.43%

The domain recover-keys.com has been seen to resolve to the following IP address.

recover-keys.com
January 10, 2014

File downloads found at URLs served by recover-keys.com.

2 / 68      (PUP)

1 / 68      (PUP)
https://recover-keys.com/.../RecoverKeysDemo.exe  (b45e89befdc8dd2ea1a8ce6314d19fca)

2 / 68      (PUP)
https://recover-keys.com/.../RecoverKeysDemo-x64.exe  (a2d1438b43db4d7d22e2448c155aacc8)

0 / 68
https://recover-keys.com/.../RKPressKit.zip  (ded61231b0d91b199e6164192bb4e642)

2 / 68      (PUP)
http://recover-keys.com/.../RecoverKeysDemo-x64.exe  (81048aa4524cbcbdaf9d2cd8d4e80684)

1 / 68      (PUP)
http://recover-keys.com/.../RecoverKeysDemo.exe  (dab5c8072275a36b21deb60c8dff0cae)

1 / 68      (PUP)
https://recover-keys.com/.../RecoverKeysDemo.exe  (dab5c8072275a36b21deb60c8dff0cae)

2 / 68      (PUP)
https://recover-keys.com/.../RecoverKeysDemo-x64.exe  (a92f13944f1ad682848139ad74b6f34b)

1 / 68      (PUP)
https://recover-keys.com/.../RecoverKeysDemo.exe  (5f1102d34313b09d277016845856f95f)

2 / 68      (PUP)
https://recover-keys.com/.../RecoverKeysDemo-x64.exe  (81048aa4524cbcbdaf9d2cd8d4e80684)

1 / 68      (PUP)
https://recover-keys.com/.../RecoverKeysDemo-x64.exe  (52918c72808a93aa8fb044467352336c)

1 / 68      (PUP)
http://recover-keys.com/.../RecoverKeysDemo.exe  (9fcb8745197bbab30acbf0112764c254)

1 / 68      (PUP)
http://recover-keys.com/.../RecoverKeysDemo.exe  (6d640e87f88becc7231d2c5b64e158a8)

1 / 68      (PUP)
http://recover-keys.com/.../RecoverKeysDemo-x64.exe  (e1e6b61cf4a1d83a5cd09a911eafaa27)

1 / 68      (PUP)

1 / 68      (PUP)
http://recover-keys.com/.../RecoverKeysDemo-x64.exe  (f1da9b375b4b4203c23a6d91809120fa)

The following file have been seen to comunicate with recover-keys.com in live environments.

April 26, 2014

URL:
http://recover-keys.com/

Google Analytics:
UA-1298700

Title:
“Recover Keys. Product key finder, recover lost Windows product key”

Description:
“Recover Keys is product keyfinder program which can recover lost product keys for Windows 8, 7, Office, Exchange, Adobe Photoshop and many-many more”

SSL certificate subject:
CN=recover-keys.com, OU=Domain Control Validated

SSL certificate issuer:
CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O="Starfield Technologies, Inc."

Web server:
Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 (PHP/5.2.17)

Facebook:
Likes:  9
Shares:  26
Comments:  5

Statistics above are for the previous month of November 2016.

Remove Malware from recover-keys.com - Powered by Reason Core Security