How to remove csrss.exe
csrss.exe
The module csrss.exe has been detected as Backdoor.Gen
File Details
| Product Name: | Microsoft® Windows® Operating System |
| Company Name: | Microsoft Corporation |
| MD5: | 2ca7f32f9a81f8e50de642ef5be38a9c |
| Size: | 2 MB |
| First Published: | 2017-05-21 20:02:44 (6 years ago) |
| Latest Published: | 2017-06-23 07:09:41 (6 years ago) |
| Status: | Backdoor.Gen (on last analysis) | |
| Analysis Date: | 2017-06-23 07:09:41 (6 years ago) |
Common Places:
| %sysdrive%\rifky\appdata\local\microsoft\windows\temporary internet files\content.ie5\ub7vr5c0 |
| %sysdrive%\windows |
File Names:
| csrss[1].exe |
| csrss.exe |
Geography:
| 33.3% | ||
| 33.3% | ||
| 33.3% |
OS Version:
| Windows 7 | 66.7% | |
| Windows 8 | 33.3% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000000400000 |
| Entry Address: | 0x00001500 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 1936384 | dc67b6e34c4f19995554e45c052e96bc |
| .data | 17408 | 130962acf60f14b812c234bc3784938a |
| .rdata | 263168 | d0b9d621f676d5c47605dceb223eea0c |
| .pdata | 117248 | 0cfda6ce4e6ba70449a5420395a86e04 |
| .xdata | 185856 | 921c8af3e549f1cc6ad1061280420c0d |
| .bss | 0 | 00000000000000000000000000000000 |
| .idata | 8192 | ea519ba53f7effc6278f3d4ad19cd6ff |
| .CRT | 512 | 8b87f3fc829b53eaf3aa86e567b9f525 |
| .tls | 512 | ff453ece3ce8cf6918030171b6e5df8b |
| .rsrc | 1536 | 95d547eac5ffa562892b89095e228d18 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for csrss.exe
