How to remove csrss.exe

csrss.exe

The module csrss.exe has been detected as Risk.CoinMiner

csrss.exe
Product Name:

Microsoft® .NET Framework

Company Name:

Microsoft Corporation

MD5: cf7341a71cb0117e651fd1b4dc414657
Size: 684 KB
First Published: 2017-08-05 17:08:48 (7 years ago)
Latest Published: 2024-11-29 23:01:11 (7 months ago)
Status: Risk.CoinMiner (on last analysis)
Analysis Date: 2024-11-29 23:01:11 (7 months ago)
%windir%\java\wk
%windir%\microsoft.net\framework64\v3.0.50727
%windir%\debug\b3
%windir%\debug\feng
%windir%\fonts
%windir%\apppatch
%windir%
%system%
%profile%
%windir%\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\ogken2gt
mscorsvw.exe
csrss.exe
csres.exe
25.5%
21.3%
14.9%
10.6%
8.5%
8.5%
4.3%
2.1%
2.1%
2.1%
Windows Server 2008 R2 32.6%
Windows 7 19.6%
Windows Server 2003 19.6%
Windows Server 2012 R2 15.2%
Windows Server 2012 4.3%
Windows 10 4.3%
Windows Embedded Standard 2.2%
Windows Server 2016 2.2%
Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000c4bb9

PE Sections:

Name Size of data MD5
.text 0 00000000000000000000000000000000
.rdata 0 00000000000000000000000000000000
.data 0 00000000000000000000000000000000
.vmp0 0 00000000000000000000000000000000
.vmp1 692224 c74ac5e32b7a59e5d525c8a7389c532e
.rsrc 4096 4b8e1e460435858e289e7ae72e5f147d

More information:

Download GridinSoft Anti-Malware - Removal tool for csrss.exe