How to remove spolsv.exe

spolsv.exe

The module spolsv.exe has been detected as Trojan.CoinMiner

spolsv.exe
Remove spolsv.exe

File Details

Product Name:

NSSM 64-bit
Company Name:

Iain Patterson
MD5: 1136efb1a46d1f2d508162387f30dc4d
Size: 360 KB
First Published: 2017-12-26 05:11:56 (6 years ago)
Latest Published: 2021-11-16 21:53:24 (3 years ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2021-11-16 21:53:24 (3 years ago)

Common Places:

%windir%
%sysdrive%\nssm
%sysdrive%\couchdb
%sysdrive%\python27\lib\site-packages\rekall_core-1.7.2rc1-py2.7.egg
%sysdrive%\tools\rekall
%sysdrive%\tools\rekall-master\rekall-core
%commonappdata%
%sysdrive%\tcpu69\programm
%sysdrive%\eloproffession\servers\elo-analytics
%profile%

File Names:

taskhost.exe
spolsv.exe
nssm.exe
svchost.exe
svchosts.exe
nssm64.exe
systransport.exe
$R57R4QW.exe

Geography:

14.6%
10.1%
7.3%
6.7%
6.2%
3.9%
3.9%
3.9%
3.4%
3.4%
3.4%
2.8%
2.8%
2.2%
2.2%
1.7%
1.7%
1.7%
1.7%
1.7%
1.1%
1.1%
1.1%
1.1%
1.1%
1.1%
1.1%
1.1%
1.1%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%

OS Version:

Windows 10 58.3%
Windows 7 18.3%
Windows Server 2012 R2 11.1%
Windows Server 2008 R2 6.1%
Windows 8.1 5.0%
Windows Server 2012 0.6%
Windows XP 0.6%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x00019fdc

PE Sections:

Name Size of data MD5
.text 148480 f5f9c8cb128218417203459ccb9b222d
.rdata 37888 1c9e327397522d95d3817f087bb809f2
.data 8704 f09e801d43fcb7bf7953c90d1a225fb2
.pdata 9216 c2821e1ad05058aec1df32f5b2da376f
.rsrc 163328 fdcd8c3db22223d7d54f2c66a88e6cd0

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for spolsv.exe
copyright for information about spolsv.exe