How to remove MDKLE.sys
MDKLE.sys
The module MDKLE.sys has been detected as Adware.Downloader
File Details
| Product Name: | Virtual USB tools x64 |
| Company Name: | TestProtect.com |
| MD5: | 583c0866255de8c008978af0da0a9c53 |
| Size: | 518 KB |
| First Published: | 2017-08-13 07:11:55 (7 years ago) |
| Latest Published: | 2018-07-13 11:26:17 (6 years ago) |
| Status: | Adware.Downloader (on last analysis) | |
| Analysis Date: | 2018-07-13 11:26:17 (6 years ago) |
Overview
| Signed By: | Promelement, LLC |
| Status: | Valid |
Common Places:
| %mydoc%\logs\mdemu_x64 |
| %system% |
| %system%\driverstore\filerepository |
| %sysdrive%\new folder (2)\tems_discovery_device_10.0.3 full license\tems_discovery_device_10.0.1 |
File Names:
| Mdemu.sys |
| MDKLE.sys |
Geography:
| 66.7% | ||
| 33.3% |
OS Version:
| Windows 7 | 55.6% | |
| Windows 10 | 33.3% | |
| Windows Server 2008 R2 | 11.1% |
Analysis
| Subsystem: | Native |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000000010000 |
| Entry Address: | 0x0007939d |
PE Sections:
| Name | Size of data | MD5 |
| .text | 28160 | 22fcb1d73adffc569603c03f887da996 |
| .data | 1536 | fbc3f55ce26588697c55829d9e83cc06 |
| .pdata | 896 | 1db37b12b18f42c872f63f327a04e263 |
| PAGE | 51328 | 64bd73a06ec5a1bd8c673b2850fdd16a |
| INIT | 2048 | d3120e0197ac32bef237834067977fb5 |
| .upx0 | 398592 | 0a2e21de7d0edaaacb57dceaecf0f160 |
| .upx1 | 40960 | 08bd27da6edef80fc1fb5cd4c500f344 |
| .reloc | 256 | 2b5f942108bedc3370eed353d4be9fa8 |
| .rsrc | 896 | c1f75bd399239d78331db9e54540fd7e |
More information:
Download GridinSoft
Anti-Malware - Removal tool for MDKLE.sys
