home

recovermyfiles.exe

GetData Pty Ltd

The executable recovermyfiles.exe has been detected as malware by 8 anti-virus scanners.
Publisher:
GetData Pty Ltd  (signed and verified)

Description:
Recover My Files

Version:
3.9.8.5784

MD5:
9876267283689bb7c315696c035f7327

SHA-1:
b5b8f00ca2b465d8aab6668406a32f05fd5f9e2d

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
12/22/2025 9:38:25 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Agent.5685952
7.11.123.230

Comodo Security
Heur.Suspicious
17570

Dr.Web
Win32.HLLW.MyBot
9.0.1.029

McAfee
Artemis!987626728368
5600.7235

Norman
Malware.BMME
11.20140129

Reason Heuristics
Unnamed.Threat.24
14.3.6.16

Trend Micro House Call
GRAY_GEN.7X0318S
7.2.29

Trend Micro
GRAY_GEN.7X0318S
10.465.29

File size:
5.4 MB (5,685,952 bytes)

Product version:
3.9

Copyright:
© 2007 GetData Pty Ltd

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\Program Files\getdata\recover my files\recovermyfiles.exe

Digital Signature
Signed by:
GetData Pty Ltd

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
11/24/2006 5:55:44 AM

Valid to:
11/23/2008 5:55:44 AM

Subject:
CN=GetData Pty Ltd, OU=GetData Pty Ltd, O=GetData Pty Ltd, L=Sydney, S=NSW, C=AU

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
658470B3E52D78E75A6148679E706353

File PE Metadata
Compilation timestamp:
10/15/2007 7:24:38 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

CTPH (ssdeep):
98304:XsorCsshevVKV1eK3X3UsifqKI/A7w1qn/RIcZ5c:1luoQj3Hmw+hZ2

Entry address:
0x581552

Entry point:
E8, E3, 40, 00, 00, E9, 16, FE, FF, FF, 6A, 0C, 68, 30, E1, 9A, 00, E8, 44, 15, 00, 00, 8B, 4D, 08, 33, FF, 3B, CF, 76, 2E, 6A, E0, 58, 33, D2, F7, F1, 3B, 45, 0C, 1B, C0, 40, 75, 1F, E8, 36, 13, 00, 00, C7, 00, 0C, 00, 00, 00, 57, 57, 57, 57, 57, E8, C7, 12, 00, 00, 83, C4, 14, 33, C0, E9, D5, 00, 00, 00, 0F, AF, 4D, 0C, 8B, F1, 89, 75, 08, 3B, F7, 75, 03, 33, F6, 46, 33, DB, 89, 5D, E4, 83, FE, E0, 77, 69, 83, 3D, 80, 12, 9B, 00, 03, 75, 4B, 83, C6, 0F, 83, E6, F0, 89, 75, 0C, 8B, 45, 08, 3B, 05, 70, 12...
 
[+]

Code size:
320 KB (327,680 bytes)

Remove recovermyfiles.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.