» erpro.exe
Overview
Analysis
File Details
Programs (3)

erpro.exe

File name:

erpro.exe

Description:

Ontrack EasyRecovery10

Version:

10.0.2.3

MD5:

ec75b69c2cfaf04013f780d66feed3b0

SHA-1:

2a52e51087b0a04aa45a326bee3de1850ba1d539

SHA-256:

38cec49a50a82acea3a29faa4d50392df4d80537152e24cd5d1a67ce142fedb7

Scanner detections:

6 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

5/12/2025 5:54:14 PM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

HW32.CDB

1.3.0.4923

Comodo Security

UnclassifiedMalware

17705

McAfee

Artemis!EC75B69C2CFA

5600.7231

Norman

Suspicious_Gen5.ENRU

11.20140202

Rising Antivirus

PE:Trojan.Win32.Generic.15194564!353977700

23.00.65.14131

ViRobot

Trojan.Win32.A.NSAnti.2635152

2011.4.7.4223

File size:

2.5 MB (2,635,152 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\ontrackeasyrecovery\erpro.exe

File PE Metadata

Compilation timestamp:

6/3/2012 3:23:38 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.55

CTPH (ssdeep):

49152:N4IUUI7teGiLSkVECKuhQo7wjNpRWekgXBxHrRCP1ocRE69IKTI+qpg9MGQxy5sn:N4/Uqe7ukEI+oIzbk+B9tC9NApg9MGQ1

Entry address:

0x61F000

Entry point:

51, 89, E1, 55, BD, 04, 00, 00, 00, 01, E9, 8B, 2C, 24, 83, C4, 04, 83, E9, 04, 87, 0C, 24, 8B, 24, 24, 52, 89, E2, 81, C2, 04, 00, 00, 00, 83, EA, 04, 52, FF, 74, 24, 04, 5A, 8F, 04, 24, 5C, 89, 3C, 24, 89, 04, 24, 50, 54, 58, 05, 04, 00, 00, 00, 83, E8, 04, 87, 04, 24, 8B, 24, 24, 89, 1C, 24, E8, 01, 00, 00, 00, CC, 8B, 04, 24, 52, 89, 2C, 24, 89, E5, 81, C5, 04, 00, 00, 00, 83, C5, 04, 33, 2C, 24, 31, 2C, 24, 33, 2C, 24, 5C, 68, B1, 39, 00, 00, 89, 14, 24, 89, C2, 52, 8B, 1C, 24, 83, C4, 04, 5A, 50, 89... 
[+]

Entropy:

7.9047 (probably packed)

Code size:

2.7 MB (2,804,224 bytes)

The file erpro.exe has been discovered within the following programs.

Ontrack Easy Recovery 10 by eSportsKosova.com

www.esportskosova.com/forum

About 2% of users remove it

Ontrack EasyRecovery Enterprise by Kroll Ontrack Inc.

www.krollontrack.com

About 3% of users remove it

Ontrack EasyRecovery Professional by Kroll Ontrack Inc.

About 5% of users remove it

Scan erpro.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.