How to remove eRootDrv.sys

» File
File Details
Overview
Analysis

eRootDrv.sys

The module eRootDrv.sys has been detected as Suspicious Object

eRootDrv.sys

Remove eRootDrv.sys

File Details

Main Info:

Product Name:	eScan/MWAV
Company Name:	MicroWorld Technologies Inc.
MD5:	d0e46534f6d375f5bec3f5cb96056649
Size:	28 KB
First Published:	2017-05-25 16:09:08 (7 years ago)
Latest Published:	2022-10-18 23:59:27 (2 years ago)

Analysis:

Status:	Suspicious Object (on last analysis)
Analysis Date:	2022-10-18 23:59:27 (2 years ago)

Overview

Digital Signature

Signed By:	MicroWorld Technologies Inc.
Status:	Valid

Common Places:

%localappdata%\temp

%sysdrive%\docume~1\privé\locals~1\temp

%temp%

%sysdrive%\docume~1\admini~1\locals~1

%temp%

%temp%

%temp%

%temp%

%temp%

%windir%

File Names:

erootdrv.sys

eRootDrv.sys

Geography:

	48.6%
	9.3%
	4.7%
	4.7%
	3.7%
	3.7%
	3.7%
	2.8%
	2.8%
	2.8%
	2.8%
	1.9%
	1.9%
	1.9%
	0.9%
	0.9%
	0.9%
	0.9%
	0.9%

OS Version:

Windows 7	56.9%
Windows 10	22.0%
Windows XP	11.0%
Windows 8	10.1%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	32
Image Base:	0x00010000
Entry Address:	0x00004005

PE Sections:

Name	Size of data	MD5
.text	14336	072d511d3fae703b52e7ef363574f981
.rdata	768	271457ae57d8b199bd70b51f31a48b2b
.data	128	0c41a08c90a7d5e81bf065649ebabedc
INIT	1664	f0b3affb66db0fb4fffef85e6bf45636
.rsrc	1024	c642f3af7283f48fc2fb8d97f3c1c924
.reloc	1152	6ad3d1fc7b4b4601f937688ab59c4514

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for eRootDrv.sys

copyright for information about eRootDrv.sys