How to remove csrss.exe
csrss.exe
The module csrss.exe has been detected as Risk.CoinMiner
File Details
| Product Name: | Microsoft® .NET Framework |
| Company Name: | Microsoft Corporation |
| MD5: | cf7341a71cb0117e651fd1b4dc414657 |
| Size: | 684 KB |
| First Published: | 2017-08-05 17:08:48 (8 years ago) |
| Latest Published: | 2024-11-29 23:01:11 (11 months ago) |
| Status: | Risk.CoinMiner (on last analysis) | |
| Analysis Date: | 2024-11-29 23:01:11 (11 months ago) |
Common Places:
| %windir%\java\wk |
| %windir%\microsoft.net\framework64\v3.0.50727 |
| %windir%\debug\b3 |
| %windir%\debug\feng |
| %windir%\fonts |
| %windir%\apppatch |
| %windir% |
| %system% |
| %profile% |
| %windir%\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\ogken2gt |
File Names:
| mscorsvw.exe |
| csrss.exe |
| csres.exe |
Geography:
| 25.5% | ||
| 21.3% | ||
| 14.9% | ||
| 10.6% | ||
| 8.5% | ||
| 8.5% | ||
| 4.3% | ||
| 2.1% | ||
| 2.1% | ||
| 2.1% |
OS Version:
| Windows Server 2008 R2 | 32.6% | |
| Windows 7 | 19.6% | |
| Windows Server 2003 | 19.6% | |
| Windows Server 2012 R2 | 15.2% | |
| Windows Server 2012 | 4.3% | |
| Windows 10 | 4.3% | |
| Windows Embedded Standard | 2.2% | |
| Windows Server 2016 | 2.2% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x000c4bb9 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 0 | 00000000000000000000000000000000 |
| .rdata | 0 | 00000000000000000000000000000000 |
| .data | 0 | 00000000000000000000000000000000 |
| .vmp0 | 0 | 00000000000000000000000000000000 |
| .vmp1 | 692224 | c74ac5e32b7a59e5d525c8a7389c532e |
| .rsrc | 4096 | 4b8e1e460435858e289e7ae72e5f147d |
More information:
Download GridinSoft
Anti-Malware - Removal tool for csrss.exe
