Edrwkgn.exe

Investigations into the origins of EDRWKGN.exe have yielded several possible sources:

It has been observed writing data to and allocating virtual memory in remote processes like iexplore.exe regedit.exe ipconfig.exe The file may contain functionality for Virtualization or Sandbox Evasion to avoid detection by security researchers. Registry Modification: regedit.exe edrwkgn.exe