How to Remove the signtool.exe virus from PC

What is signtool.exe?

signtool.exe is a legitimate process file of Authenticode (R) – a signing and verifying tool. It is a part of Windows Operating System developed by Microsoft Corporation. It is located in C:\Windows\System32 by default. Malware programmers create files with malicious content and name them after signtool.exe with an aim to spread virus on the internet.

Affected Platform: Windows OS

How to check if your computer is infected with signtool.exe malware?

Keep an eye for the following symptoms to see if your PC is infected with signtool.exe malware:

Internet connection fluctuates
signtool.exe takes too much CPU space
PC slows down significantly
Browser automatically redirects to some irrelevant websites
Unsolicited ads and popups starts appearing
Screen freezes constantly

If your PC is infected with signtool.exe malware, it will invite other malwares to cause more damage to your computer. Take the following steps to diagnose your PC for possible signtool.exe malware attack:

Step 1: Simultaneously press CTRL+ALT+DEL keys to open Task Manager.

Step 2: If you notice the file located outside C:\Windows\System32, then you should run an antivirus scan to get rid of the malware.

How to remove the signtool.exe file from system using Comodo Antivirus?

Step 1: Download the award-winning Free Internet Security.

Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.

Step 3: Select Customize Configuration option and arrange installers, configuration, and file location.

Step 4: Restart your PC.

Step 5: It will take some time for the Comodo Internet Security to update the antivirus.

Step 6: Proceed with a quick scan that automatically begins after the update.

Step 7: If threats are found during the scanning, you will be prompted with an alert screen.

Step 8: Comodo Antivirus will remove the signtool.exe virus from your computer including all other malwares!

Malware Entries

Safe Entries

First Seen: 04 January 2012 at 6:59 pm

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	Microsoft Corporation	Executable	497b04aa36d526a9 8b69afec223b5545 7e8a5617	2a22a0cc39ce33e9 f8f231f8ceca25d0	Unclassified Malware	No	4.00 (srv03_sp1 _qfe.05111 0-1543)	5.2.3790.2 568	Internal Submission	N/A
2	Microsoft Corporation	Executable	8c5281594c67c631 769f9fd392ff567b 584c383f	5602dfc37d774552 6d6bc29bb5156348	Virus.Win32. Ramnit.K	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	Turkey	N/A
3	Microsoft Corporation	Executable	39df123ffb157b38 a3bd1cb0f8faa28f 070e3f33	2523adcf741a54c2 58af4efa09368ba6	Virus.Win32. Parite.gen	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	China	N/A
4	Microsoft Corporation	Executable	a1f25299c846ecb5 a19f9545e84b8f56 5c3bd112	7bb6ba9c8389dc63 5e1e5316ab441aed	Virus.Win32. Ramnit.K	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	105.112.23.188/32	N/A
5	Microsoft Corporation	Executable	0a7a3d5c56533d0c fcd77190997d19b4 4738172f	1bcddce2880b9399 8b0b6ba2fc7c245a	Virus.Win32. Ramnit.K	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	Philippines	N/A
6	Microsoft Corporation	Executable	60c14f6aef121296 99c80acb51706d67 dd74e4fa	9f3142c4faf6baea f37f3b792d38a7be	Virus.Win32. Sality.gen	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	Turkey	N/A
7	Microsoft Corporation	Executable	6ae73759d1128bfc c895945bb8f9850c ad327c62	7fe5418567242b50 2c3c8d8899cdc395	Virus.Win32. Virut.CE	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	Egypt	N/A
8	Microsoft Corporation	Executable	6a9c4372183ae42d fc48e457bbaef710 c8a3ca13	d6729833a64c83e4 bd2d2340245986fb	Virus.Win32. Ramnit.K	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	Ukraine	N/A
9	Microsoft Corporation	Executable	3ebe115b0fac78b2 4ecea3f5402b5b2c bdf7e35a	e9de2d178e6dbaee 2c28ddde6b7dea76	Virus.Win32. Sality.gen	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	Taiwan	N/A
10	Microsoft Corporation	Executable	b7bb6b5deee5bcad 23587c347cb4a9db bcd6abbd	ce9f8844e1c8cb46 656d5772a55de4f6	EmailWorm.Wi n32.Runonce. ~v001	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	Romania	N/A
11	Microsoft Corporation	Executable	029851a4f782a218 32b511165e13c44e 46bea4fe	30c94af3c0119474 fe4667da2f7c6f37	Virus.Win32. Sality.gen	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	Turkey	N/A
12	Microsoft Corporation	Executable	fac6a65c06316a38 7152ba53308c9068 e7a0c066	98cddb3fb436c629 61730755d308ef19	Virus.Win32. Ramnit.K	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	197.211.56.110/32	N/A
13	Microsoft Corporation	Executable	875ed385b5a33d39 40f90bf6c2fa2794 a80f380f	c93f18f29b54d85c 932cddf490e4fcfa	Virus.Win32. Alman.A	No	2.10 (Lab03_DEV (scoyne).0 20918-0001 )	6.0.4002.0	China	N/A

Prev 1 2 3 4 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 03 October 2008 at 4:40 pm

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	Microsoft Corporation	Executable	c8fd0ac922790ec8 ed546e9b1fa7690b 192e8ca9	d889424210067ada ecd1ea901f480dcc	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Internal Submission
2	Microsoft Corporation	Executable	bc6e4e68fa3e14e5 6166e0c9e9fdb4bc 70b42be7	c81429b2ad43ad41 e5798adb5e2b4549	Yes	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	Internal Submission
3	Microsoft Corporation	Executable	96e8c80db8035c6b adea2be97796b00c 736afd15	f944d3c2c989da14 d87517d1ff647dd3	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	United States
4	Microsoft Corporation	Executable	96e8c80db8035c6b adea2be97796b00c 736afd15	f944d3c2c989da14 d87517d1ff647dd3	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	10.224.1.59/32
5	Microsoft Corporation	Executable	7d5b3b00c5c9a48f 7c1cd85c7e4e5a31 1104036d	a9682b994cb00a5f 11ab9a1780bcb970	No	2.10 (Lab03_DEV (scoyne).0 20918-0001 )	6.0.4002.0	10.224.1.63/32
6	Microsoft Corporation	Executable	8d92d18dee88495f 15f32c7ea4b31cc8 de25ddc8	93a498ee3596a662 33b24b49c14ffcb1	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Internal Submission
7	Microsoft Corporation	Executable	7d5b3b00c5c9a48f 7c1cd85c7e4e5a31 1104036d	a9682b994cb00a5f 11ab9a1780bcb970	No	2.10 (Lab03_DEV (scoyne).0 20918-0001 )	6.0.4002.0	104.238.128.144/32
8	Microsoft Corporation	Executable	d436d39f8691a711 b914dd85e7b309c2 163154f3	f2d2d8d8c847b510 d013c64939d807a0	Yes	4.00 (WinBuild. 160101.080 0)	10.0.20348 .1	104.238.128.144/32
9	Microsoft Corporation	Executable	c1fee5c60f43ccfc b1d9f0a72d914446 e02bb5e3	6581581a1f2eda52 d49dc1fb0619ff82	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	10.100.19.9/32
10	Microsoft Corporation	Executable	7f43e1e2e794df88 f14ecd2bd7261679 74230629	13417cfb36ff6c76 c4cef8ca12c02f0f	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Internal Submission
11	N/A	Executable	bb7093e26f52e2e7 3aac319a173b9d71 f872613a	92c4b9400e1c6b47 9d8c931ea341d38c	No	N/A	N/A	Internal Submission
12	Microsoft Corporation	Executable	f7e51a3cd6489e36 6d00d3b24603b321 1e2140b8	cfce6715ae88da92 5211bb1ab3007798	Yes	4.00 (WinBuild. 160101.080 0)	10.0.20348 .1	United States
13	Microsoft Corporation	Executable	76b4420a48107fec e83e740d9a3067e7 29ef759f	970b0f457dbe0c51 950017ef7969296b	Yes	4.00 (win8_rtm. 120725-124 7)	6.2.9200.1 6384	Internal Submission
14	N/A	Executable	61af1d3c5d8f93e2 a635327a42590f52 52445eee	d30a247630649ce6 a65d8510b4854672	No	N/A	N/A	Internal Submission
15	Splunk Inc.	Executable	5ae4572562f3492c 39d0046deda8b1fb ae24d6a0	43479602099273fe f76531e5bbe56b96	Yes	9.3.2	9.3.2 (Build d8bb328094 98)	104.238.128.144/32
16	Splunk Inc.	Executable	f8e1e452bd86107c 4a66e9ed3e79154b 7b72afd6	7c967f5f91def88c fb84d8c721f13cfd	Yes	9.4.1	9.4.1 (Build e3bdab203a c8)	United States
17	Microsoft Corporation	Executable	f7e51a3cd6489e36 6d00d3b24603b321 1e2140b8	cfce6715ae88da92 5211bb1ab3007798	Yes	4.00 (WinBuild. 160101.080 0)	10.0.20348 .1	104.238.128.144/32
18	Splunk Inc.	Executable	824c5cc8ab112404 97a3d070fff7f93c 3f6b1362	c69ff3791d6f03b5 1e99bbfc75482869	Yes	9.3.0	9.3.0 (Build 51ccf43db5 bd)	104.238.128.144/32
19	Splunk Inc.	Executable	b06b834ee60872ac a539946116c09fdb a9dd4614	b3cc38af944c1f63 06c55fcedb171f22	Yes	9.2.1	9.2.1 (Build 78803f08aa bb)	United States
20	Microsoft Corporation	Executable	e7126fe4cdd96f12 e5ca9ca3246a1b90 5c941a44	8a90e91a512dbf56 d0d8d87b9a673e53	Yes	4.00 (WinBuild. 160101.080 0)	10.0.22000 .194	United States
21	Microsoft Corporation	Executable	f1f76e6b92d015a9 d4ee5a62d8171f69 b36bbe42	1f20d51948394736 b087f65b14948dfe	Yes	4.00 (win8_ldr. 121001-191 2)	6.2.9200.2 0527	10.100.130.251/32
22	Microsoft Corporation	Executable	55b25562fb1e9850 7e839af6f95da2df bc0d74ce	9a77de12e78a7b3b 808165afd019f6ea	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Russian Federation
23	Microsoft Corporation	Executable	34534a748151ba69 9a6c9f646e2591fd 6f616299	d91612f6fe2d7f00 9b05d74621567315	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Internal Submission
24	Microsoft Corporation	Executable	5fd4ef06b2f90f28 5edaf841f6980f66 50abcb9e	8ad115ea8166fd11 32218065123a0546	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Internal Submission
25	Microsoft Corporation	Executable	96e8c80db8035c6b adea2be97796b00c 736afd15	f944d3c2c989da14 d87517d1ff647dd3	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	104.238.128.144/32
26	Microsoft Corporation	Executable	b0be85f1abd79125 11f53bd7276439d8 f414c965	8eb9b98c6dd75aec bc13c40da1048c12	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	10.224.1.22/32
27	Microsoft Corporation	Executable	18602b6e657d3fe8 47b130cb087e57c2 65c9ad38	4debf08f5d6d62f1 5a88d452336c2d55	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	10.224.1.53/32
28	Microsoft Corporation	Executable	acdafa8f051c5dee 08b6090994fa7c85 5caf9215	1bd5ef8569a11ff4 8da4aa6cf3c62304	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Internal Submission
29	Microsoft Corporation	Executable	d436d39f8691a711 b914dd85e7b309c2 163154f3	f2d2d8d8c847b510 d013c64939d807a0	Yes	4.00 (WinBuild. 160101.080 0)	10.0.20348 .1	United States
30	Microsoft Corporation	Executable	7d5b3b00c5c9a48f 7c1cd85c7e4e5a31 1104036d	a9682b994cb00a5f 11ab9a1780bcb970	No	2.10 (Lab03_DEV (scoyne).0 20918-0001 )	6.0.4002.0	10.224.1.59/32
31	Microsoft Corporation	Executable	33800594d0196c2a c30252c86c8cbcb3 d9d902cd	39a5bf80db2ed849 1c6bd98883e02198	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Internal Submission
32	Microsoft Corporation	Executable	e824f25da72c7047 a4b36f73f133d747 b196447e	004adb1bc7473408 7fa70e213a8318c1	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	United States
33	Microsoft Corporation	Executable	b8f4cc3ba01f6a45 20d2bffb79afe7fa a096bdb0	4e59611e0aee53ef de76a3af6dac87ce	Yes	4.00 (th1.15070 9-1700)	10.0.10240 .16384	10.224.5.44/32
34	Microsoft Corporation	Executable	96e8c80db8035c6b adea2be97796b00c 736afd15	f944d3c2c989da14 d87517d1ff647dd3	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	10.100.130.251/32
35	Microsoft Corporation	Executable	d76e5f6761328c1e e984e309ecb10a5b 7fee5ba6	4ecedd8d81148c20 6db52ea89e55d8d5	Yes	4.00 (WinBuild. 160101.080 0)	10.0.22621 .3233	104.238.128.144/32
36	Microsoft Corporation	Executable	96e8c80db8035c6b adea2be97796b00c 736afd15	f944d3c2c989da14 d87517d1ff647dd3	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	10.224.1.62/32
37	Microsoft Corporation	Executable	199eb921cffc7c44 38a01d82788c1e3a f9bfb0e5	1447f4aec2b15179 35e09e310da2b3e2	Yes	4.00 (WinBuild. 160101.080 0)	10.0.22621 .3233	104.238.128.144/32
38	Microsoft Corporation	Executable	c20db54c2662046a 4483e6de3af81835 1bcafa7b	d4ba9bdea2ec970d 5c135d872df01e7f	Yes	4.00 (WinBuild. 160101.080 0)	10.0.18362 .1	104.238.128.144/32
39	Microsoft Corporation	Executable	2df93becc56b5c54 f2c653bd9e19923c eea4b95f	1aa15b5ec5a66cfb 5a849d3d2d763b22	No	4.00 (srv03_sp2 _rtm.07021 6-1710)	5.2.3790.3 959	10.224.1.55/32
40	Microsoft Corporation	Executable	18602b6e657d3fe8 47b130cb087e57c2 65c9ad38	4debf08f5d6d62f1 5a88d452336c2d55	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	10.224.1.61/32
41	Microsoft Corporation	Executable	c1fee5c60f43ccfc b1d9f0a72d914446 e02bb5e3	6581581a1f2eda52 d49dc1fb0619ff82	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	10.224.1.62/32
42	Microsoft Corporation	Executable	c1fee5c60f43ccfc b1d9f0a72d914446 e02bb5e3	6581581a1f2eda52 d49dc1fb0619ff82	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	10.100.130.251/32
43	N/A	Executable	35a41d8f9e10ddaa 5bccb63dd38bcc2a 0a020b91	881d1c67244f5f9a d2bba1b047cc10b7	No	N/A	N/A	Internal Submission
44	Microsoft Corporation	Executable	2df93becc56b5c54 f2c653bd9e19923c eea4b95f	1aa15b5ec5a66cfb 5a849d3d2d763b22	No	4.00 (srv03_sp2 _rtm.07021 6-1710)	5.2.3790.3 959	10.224.1.58/32
45	Microsoft Corporation	Executable	522d2b8e9e40dba6 3878b9b607f8ee4f c1fe5c49	1aaa2affc35f3cd9 d44ce2970991c948	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Internal Submission
46	Splunk Inc.	Executable	19b089c27f69d731 b3024aad077578fe 90e5a86a	a64faa073b1027ae e00680785ee02839	Yes	9.4.0	9.4.0 (Build 6b4ebe426c a6)	104.238.128.144/32
47	Microsoft Corporation	Executable	2211212181b289ad 71e761cc1b532c23 d6196acc	71f09a4e708a5f4e 332d6f4fbad2d6f2	Yes	4.00 (winblue.1 41024-1500 )	6.3.9600.1 7298	10.100.19.18/32
48	Microsoft Corporation	Executable	ff16ea7822d63f9d e961085543eec7ca 99fcdd4a	18d6f78d8972ec1a 1e9cb13a17c1a200	No	4.00 (longhorn_ rtm.080118 -1840)	6.0.6001.1 8000	10.224.1.54/32
49	N/A	Executable	bd462b1089631157 7cc3d560e6774971 92cd2bd4	6e2345e1191cd636 2d6900308ed23672	No	N/A	N/A	10.100.130.251/32
50	N/A	Executable	0ac860699528b948 907f67699c4f1ba5 4dbd0490	ae4f49a47e42959d 5e62e86653860a55	Yes	N/A	N/A	Internal Submission
51	N/A	Executable	2ecb8e51d422f686 06bdd627f190901d 8a7574da	f0bb7e017874a67d 292508bb936eba33	No	N/A	N/A	Internal Submission
52	N/A	Executable	83be534fce5e5e1a 4b70ae303854dd5e bb2f838a	0ef2c23e1817029f b2504d83198483d7	No	N/A	N/A	10.108.51.116/32
53	Microsoft Corporation	Executable	7d5b3b00c5c9a48f 7c1cd85c7e4e5a31 1104036d	a9682b994cb00a5f 11ab9a1780bcb970	No	2.10 (Lab03_DEV (scoyne).0 20918-0001 )	6.0.4002.0	10.224.1.60/32
54	Microsoft Corporation	Executable	f205754536bb18ee 891b7f0caeb3b6f4 cae7e132	03a9fb050b0cd539 ccac87c5b3a3b63f	Yes	4.00 (WinBuild. 160101.080 0)	10.0.17134 .12	United States
55	Microsoft Corporation	Executable	2dd936d076d4ab90 bb68de8c3e8c666d a313bfcf	ca32fa046dbfded8 26fc6785de037e97	Yes	4.00 (WinBuild. 160101.080 0)	10.0.26100 .1	104.238.128.144/32
56	Microsoft Corporation	Executable	f205754536bb18ee 891b7f0caeb3b6f4 cae7e132	03a9fb050b0cd539 ccac87c5b3a3b63f	Yes	4.00 (WinBuild. 160101.080 0)	10.0.17134 .12	198.20.167.83/32
57	Microsoft Corporation	Executable	96e8c80db8035c6b adea2be97796b00c 736afd15	f944d3c2c989da14 d87517d1ff647dd3	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Internal Submission
58	Microsoft Corporation	Executable	8613a9c1c1cfc707 9f0acf5d04d088bc f7b6f38a	eb203456bf55ebc7 882bb9e791b08cc1	Yes	4.00 (winblue_r tm.130821- 1623)	6.3.9600.1 6384	10.100.130.251/32
59	Microsoft Corporation	Executable	18602b6e657d3fe8 47b130cb087e57c2 65c9ad38	4debf08f5d6d62f1 5a88d452336c2d55	No	3.00 (srv03_sp1 _rtm.05032 4-1447)	5.2.3790.1 830	10.224.1.63/32
60	Splunk Inc.	Executable	4a36827b81932105 9882132edd873086 d2608328	a856d6a654d808c1 6ad5364c3c69a59f	Yes	9.3.1	9.3.1 (Build 0b8d769cb9 12)	104.238.128.144/32
61	TolyaN	Executable	15ce9c23ef3bd779 2169fd29afbd4f4d 309b4fb2	9dc0a1fb39fba166 4da4a11c548dfc6b	No	1.2.3.0	1.2.3.0	Internal Submission
62	Splunk Inc.	Executable	bf61fe197c5002e6 47f97b97306e05cd e10d8b7a	48f13e0956b28f5f 6c8c070cfb7f4b3f	Yes	9.2.2	9.2.2 (Build d76edf6f0a 15)	United States
63	Microsoft Corporation	Executable	9d63a84c091c481e f8ecd862228538b4 1a50c75c	b77a8e11445669d0 12fdb05907eb00a4	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	10.224.1.22/32
64	Microsoft Corporation	Executable	199eb921cffc7c44 38a01d82788c1e3a f9bfb0e5	1447f4aec2b15179 35e09e310da2b3e2	Yes	4.00 (WinBuild. 160101.080 0)	10.0.22621 .3233	United States
65	Microsoft Corporation	Executable	cc2bb2919849d968 aa36af60580ab8f2 cf459f43	3803d88c07446fad 41ba8d2dff0aaca4	Yes	4.00 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Internal Submission
66	Microsoft Corporation	Executable	7d5b3b00c5c9a48f 7c1cd85c7e4e5a31 1104036d	a9682b994cb00a5f 11ab9a1780bcb970	No	2.10 (Lab03_DEV (scoyne).0 20918-0001 )	6.0.4002.0	10.100.130.251/32

Prev 1 2 3...17 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Malware Search Engine

How to Remove “signtool.exe”

What is signtool.exe?

How to check if your computer is infected with signtool.exe malware?