How to Remove “CasPol.exe”

What is CasPol.exe?


Originally developed by Microsoft Corporation, CasPol.exe is a legitimate file process and also called as Microsoft.NET Framework CAS Policy Manager that is associated with Microsoft.NET Framework software.  It is located in C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ Files by default.

CasPol.exe virus is created when malware authors write virus files and name them after CasPol.exe with an aim to spread virus on the internet.

Affected Platform: Windows OS


How to check if your computer is infected with CasPol.exe malware?


If your system is affected by CasPol.exe malware, you will notice one or the several below symptoms:

  • CasPol.exe occupies an unusually large CPU memory
  • Erratic internet connection
  • Your browser is bombarded with annoying popup ads
  • Computer screen freezes
  • PC's processing speed suffers
  • You are redirected to unknown websites


To pinpoint the virus file location, take the following steps:

Step 1: Press CTRL+ALT+DEL keys at once to open Task Manager.

Step 2: If you notice the file located outside C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ Files you should run an antivirus scan to get rid of the malware.

How to remove CasPol.exe malware from system using Comodo Cleaning Essentials?

You can either choose to remove CasPol.exe and other malwares using Comodo Free Antivirus, or Comodo Cleaning Essentials (CCE) – both of which are absolutely free to download! CCE is a set of computer security tools designed to help you identify and remove malwares and unsafe processes from an infected computer.

To remove malwares using CCE, take the following steps:

1. Check the system requirements and download the feature-rich CCE suite for free.

2. After installation, choose the type of scan you want to perform. CCE offers 3 scan options to get rid of malwares from a PC:

  • Smart Scan: Does a scan on critical areas of your system.
  • Full Scan: Does a complete scan of your system.
  • Custom Scan: Does a scan only on selected items.

The process to initiate the above mentioned scans are self-explanatory and thus, easy-to-use. 
Additionally, it's recommended that you approve of any updates that the CCE will prompt you about to ensure it does a better job of identifying all the latest threats.

3. Click 'Next' to view the results.
Regardless of the type of scan you choose, the results will sometimes show false positive (flagging files that are actually safe), which has to be ignored. Only select the files you want to get rid of.

4. Click 'Apply' to apply the selected operations to the threats. The selected operations will be applied.

8

Malware Entries

First Seen: 20 July 2018 at 12:39 am
No. Company File Type SHA1 MD5 Malware
Name
Digitally
Signed
File
Version
Product
Version
Submitted
From
Malware Behavior
1 N/A Executable f2cc1545a7ef36b4
a9f35521c091b0f7
24b5df99
b35ba109173e0a21
dfaad5d813795214
Win32.Neshta
.A
No N/A N/A 181.66.169.99/32 N/A
2 Microsoft Corporation Executable af09e34af3a2f30c
9992889c0b4fe6e8
59fd9104
832699592ae6b63a
2ba77d76322092fc
Virus.Win32.
Virut.CE
No 2.0.50727.
5420
(Win7SP1.0
50727-5400
)
2.0.50727.
5420
Lao People's Democratic Republic N/A
3 N/A Executable a0d36ea8564765ba
438f5106ca5eb39c
e4f7af65
eccbe35724c28923
1caeb966d02cc335
Win32.Neshta
.A
No N/A N/A 181.66.169.99/32 N/A
4 Microsoft Corporation Executable ad0b6d9e46fd467e
056f9b704c022066
5bd7b51e
61daf64268f277a1
6f8d9757e021e7bd
Virus.Win32.
Virut.CE
No 2.0.50727.
4927
(NetFXspW7
.050727-49
00)
2.0.50727.
4927
Nigeria N/A
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
10

Safe Entries

First Seen: 13 August 2008 at 4:43 pm
No. Company File Type SHA1 MD5 Digitally
Signed
File
Version
Product
Version
Submitted
From
1 Microsoft Corporation Executable 2eff26099a38f010
4eb431961d5ead47
0ce01fdd
48e2632b53e2d67a
95b7ea856c781e17
Yes 4.7.2053.0
built by:
NET47REL1
4.7.2053.0 10.224.25.45/32
2 Microsoft Corporation Executable 0f5a3c39def54940
2ab2b1b71a34fb55
b2fe9a08
a9cefd0fdae4019f
402487a3cf71f120
No 2.0.50727.
8825
(WinRelRS3
.050727-88
00)
2.0.50727.
8825
10.224.25.96/32
3 Microsoft Corporation Executable 2eff26099a38f010
4eb431961d5ead47
0ce01fdd
48e2632b53e2d67a
95b7ea856c781e17
Yes 4.7.2053.0
built by:
NET47REL1
4.7.2053.0 United States
4 Microsoft Corporation Executable 4534f039a96d3da3
61a7bc6b1269dbb6
d20e2527
33733706c7a3590b
4ae76c6130c5ac75
No 2.0.50727.
3053
(netfxsp.0
50727-3000
)
2.0.50727.
3053
10.108.51.155/32
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
 
Exclusive Offer
Get Free Endpoint Protection
Get Advanced
Endpoint
Protection

Award-Winning Security to Protect Your Clients from Cyber Attacks

Comodo Internet Security Pro

Antivirus Protection protection from hackers! Get the ultimate Antivirus solution to keep your PC clean and to remove viruses from a slow or infected PC. Improve the PC performance at home or use it on-the-go!

Get Comodo Internet Security Comodo Internet Security