• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

is it safe installing recuva? virustotal didn't find threats epxept for 1 of its sandboxes flaged this file as MALICIOUS

Miguel2013

Miguel2013

Joined
Nov 12, 2011
Messages
775 (0.17/day)
Location
UT,US
System Specs
System Name Asrock 2012
Processor AMD Phenom II X4 965 Black Edition Deneb 3.4GHz
Motherboard ASRock 970 PRO3 AM3
Cooling Corsair H70 for CPU
Memory 64GB DDR3 1333mhz 16GBx4
Video Card(s) NVIDIA 1080 with stock fan
Storage 1TB GIGABYTE SSD NVME PCIE 2.0 + Samsung SSD Evo 850 250GB with Ubuntu + Samsung SSD 860 500GB win7
Display(s) LG HDR 31.5"
Case Big Black Tower
Audio Device(s) Realtek
Power Supply CORSAIR RM850X
Mouse wired chinese gaming mouse
Keyboard Microsoft ergonomic keyboard
Software Windows 10 64bit
Benchmark Scores +
virustotal link <
I can't find comments on the flagged warning and the xml links from the comentaros show a parsing error, can someone tell me more about this flag for the recuva installation from virustotal?
 
Bill_Bright

Bill_Bright

Joined
Jul 25, 2006
Messages
12,147 (1.87/day)
Location
Nebraska, USA
System Specs
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
Assuming you got Recuva from their official site, yes, it is perfectly safe to install and run Recuva. In fact, it is considered one of the better, more respected file recovery tools out there.

I think we need to be realistic here. I just ran the 32-bit version, recuva.exe, against Virustotal and you are correct, "1" sandbox tagged it as malicious. But 70 security vendors said it was safe. 70! 70 security vendors said it was safe and not one said it was malicious. Clearly, that 1 sandbox is tossing up a false positive.

Then I ran the 64-bit version (recuva64.exe), the version most of us should be using, against Virustotal and it passed with 100% success.

Remember what file recovery tools do? They dig deep into the drives, looking for files and bits of files that were deleted. To an unsophisticated program, it may appear as though Recuva is being too intrusive.

Remember too that Recuva has been around for 15 years! You don't get to stick around that long, continue to be recommended, and maintain a good reputation for 15 years if malicious.
 
Miguel2013

Miguel2013

Joined
Nov 12, 2011
Messages
775 (0.17/day)
Location
UT,US
System Specs
System Name Asrock 2012
Processor AMD Phenom II X4 965 Black Edition Deneb 3.4GHz
Motherboard ASRock 970 PRO3 AM3
Cooling Corsair H70 for CPU
Memory 64GB DDR3 1333mhz 16GBx4
Video Card(s) NVIDIA 1080 with stock fan
Storage 1TB GIGABYTE SSD NVME PCIE 2.0 + Samsung SSD Evo 850 250GB with Ubuntu + Samsung SSD 860 500GB win7
Display(s) LG HDR 31.5"
Case Big Black Tower
Audio Device(s) Realtek
Power Supply CORSAIR RM850X
Mouse wired chinese gaming mouse
Keyboard Microsoft ergonomic keyboard
Software Windows 10 64bit
Benchmark Scores +
Bill_Bright said:
Assuming you got Recuva from their official site, yes, it is perfectly safe to install and run Recuva. In fact, it is considered one of the better, more respected file recovery tools out there.

I think we need to be realistic here. I just ran the 32-bit version, recuva.exe, against Virustotal and you are correct, "1" sandbox tagged it as malicious. But 70 security vendors said it was safe. 70! 70 security vendors said it was safe and not one said it was malicious. Clearly, that 1 sandbox is tossing up a false positive.
Click to expand...
yes a false positive likely, I'll try testdisk and recuva at the same time for same deleted files and partitions i encounter. testdisk was recomended and is open source and the interface is terminal command line plus there are multitude of boot CD variants, the interface seems intelligent as asking for file system selection to scan for. I'll try recova now and ccleaner as seems interesting too

-testdisk is terminal menu interface selector so pretty cool
 
Last edited:
Bill_Bright

Bill_Bright

Joined
Jul 25, 2006
Messages
12,147 (1.87/day)
Location
Nebraska, USA
System Specs
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
Just remember, the more you use a drive (especially if a boot drive) the less your chances of any recovery become since the OS will start overwriting disk space with temp files.
 
chrcoluk

chrcoluk

Joined
Feb 1, 2019
Messages
2,582 (1.35/day)
Location
UK, Leicester
System Specs
System Name Main PC
Processor 13700k
Motherboard Asrock Z690 Steel Legend D4 - Bios 13.02
Cooling Noctua NH-D15S
Memory 32 Gig 3200CL14
Video Card(s) 3080 RTX FE 10G
Storage 1TB 980 PRO (OS, games), 2TB SN850X (games), 2TB DC P4600 (work), 2x 3TB WD Red, 2x 4TB WD Red
Display(s) LG 27GL850
Case Fractal Define R4
Audio Device(s) Asus Xonar D2X
Power Supply Antec HCG 750 Gold
Software Windows 10 21H2 LTSC
From official site yes, and superior to its commercial competitors.
 
Mussels

Mussels

Freshwater Moderator
Staff member
Joined
Oct 6, 2004
Messages
58,413 (8.18/day)
Location
Oystralia
System Specs
System Name Rainbow Sparkles (Power efficient, <350W gaming load)
Processor Ryzen R7 5800x3D (Undervolted, 4.45GHz all core)
Motherboard Asus x570-F (BIOS Modded)
Cooling Alphacool Apex UV - Alphacool Eisblock XPX Aurora + EK Quantum ARGB 3090 w/ active backplate
Memory 2x32GB DDR4 3600 Corsair Vengeance RGB @3866 C18-22-22-22-42 TRFC704 (1.4V Hynix MJR - SoC 1.15V)
Video Card(s) Galax RTX 3090 SG 24GB: Underclocked to 1700Mhz 0.750v (375W down to 250W))
Storage 2TB WD SN850 NVME + 1TB Sasmsung 970 Pro NVME + 1TB Intel 6000P NVME USB 3.2
Display(s) Phillips 32 32M1N5800A (4k144), LG 32" (4K60) | Gigabyte G32QC (2k165) | Phillips 328m6fjrmb (2K144)
Case Fractal Design R6
Audio Device(s) Logitech G560 | Corsair Void pro RGB |Blue Yeti mic
Power Supply Fractal Ion+ 2 860W (Platinum) (This thing is God-tier. Silent and TINY)
Mouse Logitech G Pro wireless + Steelseries Prisma XL
Keyboard Razer Huntsman TE ( Sexy white keycaps)
VR HMD Oculus Rift S + Quest 2
Software Windows 11 pro x64 (Yes, it's genuinely a good OS) OpenRGB - ditch the branded bloatware!
Benchmark Scores Nyooom.
You could just click that one report and investigate what they say, it'll likely have some generic error about potentially unwanted or an automatically flagged file
 
You must log in or register to reply here.
Top