How to remove symsrv.dll
symsrv.dll
The module symsrv.dll has been detected as Trojan.Agent
File Details
| Product Name: | Microsoft(C) Windows(C) Operating System |
| Company Name: | Microsoft Corporation |
| MD5: | 7574cf2c64f35161ab1292e2f532aabf |
| Size: | 67 KB |
| First Published: | 2017-05-26 09:05:32 (8 years ago) |
| Latest Published: | 2025-03-17 23:01:57 (5 months ago) |
| Status: | Trojan.Agent (on last analysis) | |
| Analysis Date: | 2025-03-17 23:01:57 (5 months ago) |
Common Places:
| %windir%\system32 |
| %commondir%\system |
| %localappdata%\temp |
| %sysdrive%\progra~1\common~1\system |
| %localappdata%\virtualstore\program files\maxthon3\bin |
| %programfiles%\google\update |
| %programfiles%\google\update\1.3.33.5 |
| %windir%\temp |
| %programfiles%\smadav |
| %programfiles%\spybot - search @amp; destroy 2 |
File Names:
| dlcoer.dll |
| symsrv.dll |
| conres.dll |
| GDl32.dll |
| PSAPl.dll |
| error.log |
| OLE23.dll |
| A0005174.DLL |
| A0005156.DLL |
| A0005139.DLL |
| A0003100.dll |
| A0005097.dll |
| A0002099.dll |
| A0009125.dll |
| trz5781.tmp |
| $RA41S9G.dll |
| gdl32.dll |
| symsrv.dll.quarantined |
| SYMSRV.DLL |
| CONRES.DLL |
| conres.dll.quarantined |
| symsrdsdv.dll |
| OLE23.dll.quarantined |
| $RC548OO.dll |
Geography:
| Egypt | 14.3% | |
| Indonesia | 11.3% | |
| Pakistan | 7.8% | |
| Bangladesh | 5.3% | |
| India | 5.3% | |
| Malaysia | 3.7% | |
| Nigeria | 3.6% | |
| Philippines | 2.9% | |
| Iran | 2.8% | |
| Libya | 2.7% | |
| Algeria | 2.5% | |
| France | 2.2% | |
| United States | 2.0% | |
| Venezuela | 1.9% | |
| Turkey | 1.7% | |
| Colombia | 1.6% | |
| Azerbaijan | 1.6% | |
| Yemen | 1.3% | |
| Lebanon | 1.3% | |
| Cambodia | 1.3% | |
| Vietnam | 1.1% | |
| Morocco | 1.0% | |
| Thailand | 1.0% | |
| Argentina | 1.0% | |
| China | 1.0% | |
| Spain | 1.0% | |
| Angola | 0.9% | |
| Sudan | 0.8% | |
| Myanmar | 0.8% | |
| Russia | 0.8% | |
| Italy | 0.8% | |
| Mexico | 0.7% | |
| Ukraine | 0.7% | |
| Dominican Republic | 0.6% | |
| Qatar | 0.6% | |
| Ghana | 0.5% | |
| Brazil | 0.5% | |
| Australia | 0.5% | |
| Zimbabwe | 0.5% | |
| Jamaica | 0.4% | |
| United Arab Emirates | 0.4% | |
| Syria | 0.4% | |
| Iraq | 0.4% | |
| Tanzania | 0.3% | |
| Saudi Arabia | 0.3% | |
| Poland | 0.3% | |
| Singapore | 0.3% | |
| Kenya | 0.3% | |
| El Salvador | 0.3% | |
| Canada | 0.3% | |
| Germany | 0.2% | |
| Netherlands | 0.2% | |
| Belgium | 0.2% | |
| Hungary | 0.2% | |
| South Africa | 0.2% | |
| Jordan | 0.2% | |
| Sri Lanka | 0.2% | |
| Hong Kong | 0.2% | |
| Cuba | 0.2% | |
| Serbia | 0.1% | |
| Peru | 0.1% | |
| Romania | 0.1% | |
| Tunisia | 0.1% | |
| Honduras | 0.1% | |
| Taiwan | 0.1% | |
| Chile | 0.1% | |
| Ethiopia | 0.1% | |
| Senegal | 0.1% | |
| United Kingdom | 0.1% | |
| Czech Republic | 0.1% | |
| Kyrgyzstan | 0.1% | |
| Laos | 0.1% | |
| Côte d'Ivoire | 0.1% | |
| Cameroon | 0.1% | |
| Bolivia | 0.1% | |
| Malawi | 0.1% | |
| Palestine | 0.1% | |
| Belarus | 0.1% | |
| Israel | 0.1% | |
| Japan | 0.1% | |
| Bulgaria | 0.1% | |
| Lithuania | 0.1% |
OS Version:
| Windows 7 | 72.9% | |
| Windows 10 | 16.0% | |
| Windows XP | 5.5% | |
| Windows 8.1 | 2.9% | |
| Windows 8 | 1.7% | |
| Windows Vista | 0.9% | |
| Windows Server 2012 R2 | 0.1% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x10000000 |
| Entry Address: | 0x0002df80 |
PE Sections:
| Name | Size of data | MD5 |
| UPX0 | 0 | 00000000000000000000000000000000 |
| UPX1 | 57856 | 31af0e4e99531a071b07531a0c454f82 |
| .rsrc | 1536 | e6c13afa940231d3949d9d60d42f1e3a |
More information:
Download GridinSoft
Anti-Malware - Removal tool for symsrv.dll
