Malware

Symmi.63254 (B) removal

Malware Removal

The Symmi.63254 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Symmi.63254 (B) virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Symmi.63254 (B)?



File Info:

name: D230773C2FCFDD6D90FD.mlw
path: /opt/CAPEv2/storage/binaries/bafdc5cc260166fc9577ae1a239e94409898cd644ef4982d0c980cca6c8bdca5
crc32: 7D4712DE
md5: d230773c2fcfdd6d90fdaee20419dc2d
sha1: ac3d3462ae521c2eca4b0d772e406851e3149b41
sha256: bafdc5cc260166fc9577ae1a239e94409898cd644ef4982d0c980cca6c8bdca5
sha512: f605de46b197b6e9051930b5dbd4b6c9e81ebc21b39ea5ef9bdc9c5b9f48080aeafa0caa36d8a6c75fba7ce7b537076f5732591f891d736462276176dc8218dd
ssdeep: 6144:R9zZnrF53SJUN8K8z3BIsJVwQ/J07PZgz+pzJyg4ZQnacf1v7qv2v73ufstnFed6:R91raxz3dXJGm0ztSpPNu8WA00Vw1
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T171C4E912F17CA03BC88613750B8BA7F2FE69DA640F92A6C742512296F838DD45D31BD7
sha3_384: 57823038d282a05c1286d026dc50d0caa8388df539d6f4f03290ddd02905bd99b6b6c69d5d9f49d8878e8152b7842e4a
ep_bytes: e868080000e94efdffffcccccccccc68
timestamp: 2008-12-07 04:12:59


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Fax Service
FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
InternalName: FXSSVC.EXE
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: FXSSVC.EXE
ProductName: Microsoft® Windows® Operating System
ProductVersion: 6.1.7601.17514
Translation: 0x0409 0x04b0

Symmi.63254 (B) also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Symmi.63254
FireEyeGeneric.mg.d230773c2fcfdd6d
McAfeeArtemis!D230773C2FCF
CylanceUnsafe
SangforTrojan.Win32.Save.a
Cybereasonmalicious.c2fcfd
CyrenW32/Virut.D.gen!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Symmi.63254
AvastWin32:Virtu-F [Inf]
RisingMalware.Heuristic!ET#91% (RDMK:cmRtazoYodUNYVpPju+mnE2eqAcP)
Ad-AwareGen:Variant.Symmi.63254
EmsisoftGen:Variant.Symmi.63254 (B)
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Virut.hh
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Symmi.63254
AviraHEUR/Patched.Ren
MAXmalware (ai score=82)
ArcabitTrojan.Symmi.DF716
MicrosoftTrojan:Win32/Woreflint.A!cl
CynetMalicious (score: 100)
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34294.Hu0@auGT7Nii
ALYacGen:Variant.Symmi.63254
TencentWin32.Trojan.Generic.Wofg
YandexTrojan.Agent!cLWO1vnSouk
FortinetW32/CoinMiner.F
AVGWin32:Virtu-F [Inf]
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Symmi.63254 (B)?

Symmi.63254 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment