How to Remove “CasPol.exe”

What is CasPol.exe?


Originally developed by Microsoft Corporation, CasPol.exe is a legitimate file process and also called as Microsoft.NET Framework CAS Policy Manager that is associated with Microsoft.NET Framework software.  It is located in C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ Files by default.

CasPol.exe virus is created when malware authors write virus files and name them after CasPol.exe with an aim to spread virus on the internet.

Affected Platform: Windows OS


How to check if your computer is infected with CasPol.exe malware?


If your system is affected by CasPol.exe malware, you will notice one or the several below symptoms:

  • CasPol.exe occupies an unusually large CPU memory
  • Erratic internet connection
  • Your browser is bombarded with annoying popup ads
  • Computer screen freezes
  • PC's processing speed suffers
  • You are redirected to unknown websites


To pinpoint the virus file location, take the following steps:

Step 1: Press CTRL+ALT+DEL keys at once to open Task Manager.

Step 2: If you notice the file located outside C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ Files you should run an antivirus scan to get rid of the malware.

How to remove CasPol.exe malware from system using Comodo Cleaning Essentials?

You can either choose to remove CasPol.exe and other malwares using Comodo Free Antivirus, or Comodo Cleaning Essentials (CCE) – both of which are absolutely free to download! CCE is a set of computer security tools designed to help you identify and remove malwares and unsafe processes from an infected computer.

To remove malwares using CCE, take the following steps:

1. Check the system requirements and download the feature-rich CCE suite for free.

2. After installation, choose the type of scan you want to perform. CCE offers 3 scan options to get rid of malwares from a PC:

  • Smart Scan: Does a scan on critical areas of your system.
  • Full Scan: Does a complete scan of your system.
  • Custom Scan: Does a scan only on selected items.

The process to initiate the above mentioned scans are self-explanatory and thus, easy-to-use. 
Additionally, it's recommended that you approve of any updates that the CCE will prompt you about to ensure it does a better job of identifying all the latest threats.

3. Click 'Next' to view the results.
Regardless of the type of scan you choose, the results will sometimes show false positive (flagging files that are actually safe), which has to be ignored. Only select the files you want to get rid of.

4. Click 'Apply' to apply the selected operations to the threats. The selected operations will be applied.

22

Malware Entries

First Seen: 10 December 2010 at 11:13 am
No. Company File Type SHA1 MD5 Malware
Name
Digitally
Signed
File
Version
Product
Version
Submitted
From
Malware Behavior
1 Microsoft Corporation Executable 9810d49e30c40791
eceec50702e9e19d
e46e4ccb
34b4c0996a7fee59
bbc91b1b6ad1d6da
Virus.Win32.
Sality.K
No 2.0.50727.
42
(RTM.05072
7-4200)
2.0.50727.
42
Brazil N/A
2 Microsoft Corporation Executable eb3879d6e9a23143
5b7d656b4764db9c
9d7903a5
19fc6facc454fd59
4872107c3a9978e2
P2PWorm.Win3
2.Bacteraloh
.h
No 1.1.4322.5
73
1.1.4322.5
73
Russian Federation N/A
3 N/A Executable 2724621e65134dcf
81eea3aed3e84cb5
4907721e
9bbf4eb88332f6d8
27bddc749fdad9ca
Win32.Neshta
.A
No N/A N/A Romania N/A
4 Microsoft Corporation Executable b8c580664c0970b4
1739b364e9223d20
73e45b2f
75abd57c2a75fed4
07eb95b28a3a712d
Virus.Win32.
Sality.gen
No 2.0.50727.
5420
(Win7SP1.0
50727-5400
)
2.0.50727.
5420
Russian Federation N/A
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
43

Safe Entries

First Seen: 25 June 2008 at 1:20 pm
No. Company File Type SHA1 MD5 Digitally
Signed
File
Version
Product
Version
Submitted
From
1 Microsoft Corporation Executable 5ee37caaa0acbe0b
0d34c7a30aa68645
2e318d1c
c90aac6bdf0f0c5b
dc2728a79c18e131
Yes 4.0.30319.
1
(RTMRel.03
0319-0100)
4.0.30319.
1
10.224.1.61/32
2 Microsoft Corporation Executable 4534f039a96d3da3
61a7bc6b1269dbb6
d20e2527
33733706c7a3590b
4ae76c6130c5ac75
No 2.0.50727.
3053
(netfxsp.0
50727-3000
)
2.0.50727.
3053
10.224.1.55/32
3 Microsoft Corporation Executable 3cabd5f91664e576
99bc85a55b40c57c
05cbe204
5cb85d9fedcd04b2
e680e758a0d0668d
No 2.0.50727.
1433
(REDBITS.0
50727-1400
)
2.0.50727.
1433
198.20.167.84/32
4 Microsoft Corporation Executable b4b6ed0a9e5c739c
8e6cc23c9c5bf969
2dff9de5
bcffeea4e58ff9e6
7e36a9f81fa2ce8e
No 2.0.50727.
7057
(QFE.05072
7-7000)
2.0.50727.
7057
106.68.63.110/32
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
 

Comodo Internet Security Pro

Free Antivirus protection from hackers! Get the ultimate Antivirus solution to keep your PC clean and to remove viruses from a slow or infected PC. Improve the PC performance at home or use it on-the-go!

Get Comodo Internet Security Comodo Internet Security

Slow or Infected PC?

Your search for a way to clean your PC of viruses once and for all has Ended. Our Security experts will fix your PC problems. Let's get started right now!

Get GeekBuddy GeekBuddy