home

recovermyfiles.exe

GetData Pty Ltd

Publisher:
GetData Pty Ltd

Description:
Recover My Files

Version:
4.6.8.1012

MD5:
6df7093ad64d9db8dab06c2020a79f5f

SHA-1:
22d83a0580997d139f96744e492dba0ac2b668a5

SHA-256:
231d2ab72285f3aa15fac2165d851111603dcfdd68542f46a94a2ad92e37c178

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
5/2/2024 12:11:41 AM UTC  (today)

Scan engine
Detection
Engine version

G Data
Win32.Virus.Golem
15.6.25

IKARUS anti.virus
Win32.Virus.Golem
t3scan.1.9.5.0

File size:
15.9 MB (16,723,544 bytes)

Product version:
4.6

Copyright:
© 2010 GetData Pty Ltd

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\programs\recovermyfiles.exe

File PE Metadata
Compilation timestamp:
12/3/2010 8:09:02 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

CTPH (ssdeep):
393216:aJlxohMZZ/1g5j60PBvB2Mcg3YTqG8qXCeSjxyv:qdxPpYwCeSjxu

Entry address:
0x2085070

Entry point:
60, 9C, E8, 00, 00, 00, 00, 5A, 83, EA, 77, 52, 64, A1, 30, 00, 00, 00, 8B, 40, 0C, 8B, 70, 1C, 8B, 5E, 08, 59, 89, 59, 14, 51, AD, 8B, 40, 08, 89, 42, 50, 33, ED, 8B, 58, 3C, 03, D8, 8B, 53, 78, 03, D0, 5B, 8B, 4A, 20, 03, C8, 8B, 72, 1C, 03, F0, 8B, 39, 03, F8, 8B, 7F, 04, 3B, 7B, 20, 74, 08, 83, C1, 04, 83, C5, 04, EB, EC, 03, F5, 8B, 36, 03, F0, 89, 73, 28, 53, 8B, C3, 83, C0, 30, 50, 8B, C3, 83, C0, 50, FF, 30, 8B, C3, 83, C0, 28, FF, 10, 5B, 89, 43, 24, 8B, CB, 53, 8B, C3, 83, C0, 2D, 50, C7, 00, 52...
 
[+]

Entropy:
6.4657

Code size:
704 KB (720,896 bytes)

The file recovermyfiles.exe has been discovered within the following program.

Recover My Files  by GetData Pty Ltd
Publisher's description - “Recover My Files data recovery software will recover deleted files emptied from the Windows Recycle Bin, or lost due to the format or corruption of a hard drive, virus or Trojan infection, unexpected system shutdown or software failure.”
www.getdata.com
9% remove it
 
Powered by Should I Remove It?

The file recovermyfiles.exe has been seen being distributed by the following URL.

http://www.eyesfile.ca/files/0/.../RecoverMyFiles.exe

Scan recovermyfiles.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.