How to remove QDrive.sys

» File
File Details
Overview
Analysis

QDrive.sys

The module QDrive.sys has been detected as Suspicious Object

QDrive.sys

Remove QDrive.sys

File Details

Main Info:

Product Name:	NetBak Replicator
Company Name:	QNAP Systems, Inc.
MD5:	bf6a3a2a81cc904b7a2809f0962350c0
Size:	124 KB
First Published:	2017-05-21 14:10:46 (8 years ago)
Latest Published:	2024-06-16 23:02:37 (a year ago)

Analysis:

Status:	Suspicious Object (on last analysis)
Analysis Date:	2024-06-16 23:02:37 (a year ago)

Overview

Digital Signature

Signed By:	QNAP Systems, Inc.
Status:	Valid

Common Places:

%localappdata%\temp

%temp%

%windir%

%temp%

%temp%

%temp%

%temp%

%temp%

%temp%

Geography:

Germany	89.9%
Italy	3.0%
Sweden	1.6%
Turkey	1.3%
Hong Kong	1.0%
Taiwan	0.8%
France	0.5%
Netherlands	0.3%
United States	0.3%
Canada	0.3%
Portugal	0.3%
Czech Republic	0.3%
Spain	0.2%
Poland	0.1%
Norway	0.1%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000000010000
Entry Address:	0x00022064

PE Sections:

Name	Size of data	MD5
.text	70656	3c7868f2e2d0d0793a7d9282cbf38619
.rdata	41472	efd599b43161db3f55d5253789fa30c1
.data	2048	93b5e4e1ccac756674513f1f11ad35dc
.pdata	1536	f83c8539f2dc4b209c6118f6f88720cd
INIT	2048	1144db971f46af205e6b7ce6a22174f7
.rsrc	1024	39cdef42a743c3f427ba1daec4340c57
.reloc	512	ce4bcf3bc84cea3f32681b38310f9f6f

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for QDrive.sys

copyright for information about QDrive.sys