How to Find sort.exe Malware | sort.exe Virus Problem

What is sort.exe?

sort.exe is a legitimate process file popularly known as Sort Utility. It belongs to Windows Operating System, developed by Microsoft Corporation. It is located in C:\Windows\System32 by default.
Malware programmers write virus files with malicious scripts and save them as sort.exe with an intention to spread virus on the internet.

Affected Platforms: Windows OS

How to determine if your computer is infected with sort.exe malware?

Look out for these symptoms to check if your PC is infected with sort.exe malware:

Unstable internet connection
sort.exe occupies extra CPU space
PC processing speed slows down
Browser often redirects to irrelevant websites
Browser is bombarded with hordes of popup ads
Computer screen freezes repeatedly

Take the following steps to diagnose your PC for possible sort.exe malware attack:

Step 1: Simultaneously press CTRL+ALT+DEL keys to open Task Manager.

Step 2: If you notice the file located outside C:\Windows\System32, perform an antivirus scan to get rid of the malware.

How to remove sort.exe malware from system using Comodo Antivirus?

Step 1: Download our award-winning Free Antivirus.

Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.

Step 3: Select Customize Configuration option and arrange installers, configuration, and file location.

Step 4: Restart your PC after the installation gets over

Step 5: Wait for Comodo Internet Security to update the antivirus.

Step 6: Proceed with the quick scan that automatically begins after the update.

Step 7: If threats are found during the scanning, you will be notified through an alert screen.

Step 8: Comodo Antivirus will remove sort.exe malware from your computer including all other malwares!

Malware Entries

Safe Entries

First Seen: 25 October 2011 at 1:17 am

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	N/A	Executable	c3625f594f812363 a13ebbda460fcf7c b5bf116a	a43320f856457739 b7c2fc040ca9beb6	Virus.Win32. Sality.gen	No	N/A	N/A	Brazil	N/A
2	Корпорация Майкрософт	Executable	54b5a6ba3f3217f7 33a0cbe574fa89fa 441409cf	be7d7f6b907eb4b6 8b942959dd636b5b	Virus.Win32. Expiro.R0	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Ukraine	N/A
3	Microsoft Corporation	Executable	184f9a3aa43afc66 97deb1263457ff4e 76316b20	21e9f6159ba9a5cc f8c7f4b1b7086bca	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Morocco	N/A
4	Microsoft Corporation	Executable	910ac9039e6db23f a721ea0a6dfffc81 ce804d95	4c1af9e64bf060e8 7877d4f094565b04	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Egypt	N/A
5	Microsoft Corporation	Executable	c9c763d7836427d2 02811f7214ba6faa e1a6900f	c69a7db6abfa6072 dc6c0db35c1a39e1	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Romania	N/A
6	Microsoft Corporation	Executable	2321d0fd88756175 506a0b9cf0a0475a 7cece9b3	0320f1af84ed2b05 4a5d5dae4658b44e	Virus.Win32. Sality.Q	No	5.1.2600.0 (xpclient. 010817-114 8)	5.1.2600.0	Poland	N/A
7	Microsoft Corporation	Executable	e592ee36e58533d5 1c0b7fd87aab78fd 08572ab2	054652fa7abec27b 01250e266e58a96a	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
8	Microsoft Corporation	Executable	e52da91e95e18bfc c634905ed6d06fef a50f0e54	f76e25ffdd58e0b4 bd6da77a73bb3a76	Virus.Win32. Parite.gen	No	5.2.3790.3 959 (srv03_sp2 _rtm.07021 6-1710)	5.2.3790.3 959	China	N/A
9	Microsoft Corporation	Executable	326e1aeb15268e0f 374234634ff2348a 4f9ee286	15fd3bb9485c9e22 049d3705270d8f56	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
10	Microsoft Corporation	Executable	7c6dbc637cdb4ada 40b323a25f871c33 910aa81c	77d4097ede0682bc e82ccb0dc6dd48c1	Virus.Win32. Expiro.ew	No	5.1.2600.0 (xpclient. 010817-114 8)	5.1.2600.0	United States	N/A
11	Microsoft Corporation	Executable	f48dddb6b2ee1de9 9f34314bb4ff3535 b980b0e1	794b2ab33f876b6c 336db44e7606d2b8	Virus.Win32. Virut.Ce	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Italy	N/A
12	Корпорация Майкрософт	Executable	faaa3e2988c3d028 af1e7f4af2bf2a84 1479bd31	b804fbaa5cfc54fd 22860c610cf5e592	Virus.Win32. Expiro.win	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Ukraine	N/A
13	Microsoft Corporation	Executable	7e09fbf421adba74 08100a29479ec744 80ee886a	fc8019c96a14ba11 be84a0a389f6c4ef	Virus.Win32. Parite.gen	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Turkey	N/A
14	Microsoft Corporation	Executable	c7bf82104bb01c4c cae755d52d2b47d4 fa40bd8f	d5cffb4588ae1b5e 612bda5791ff6726	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Nigeria	N/A
15	Microsoft Corporation	Executable	592eaa317fbc8043 4b535ea75ea68daf 1435fba5	a0c65ca40b6c280b 20b261a7a7e95bea	Virus.Win32. Expiro.naf	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Russian Federation	N/A

Prev 1 2 3 4 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 09 June 2008 at 9:29 am

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	ReactOS Development Team	Executable	a82ef8df37cdda54 9abe06ca872c022d 36731400	241f3a4f31a29b12 a3390d9f37b742ed	No	0.4.9	0.4.9	10.108.51.116/32
2	N/A	Executable	e46b270065be1eea e7c678a24b90e2ac 83525aa9	6a7dd4dae05fdea9 2ca1d64781e60432	No	N/A	N/A	United States
3	N/A	Executable	f1e9fe686f27a012 f51b223581e852ea a78dc7f9	bacddd6912b43498 6b0717360f25bad3	No	N/A	N/A	Internal Submission
4	N/A	Executable	76e08ec97317b9dc 02686772542363e4 1a3916f4	457575d03aac9780 ed5c3d9f759d0782	No	N/A	N/A	Saudi Arabia
5	N/A	Executable	c6a41f6fed560478 c6f43583276abeca 18deb281	0a59a5c1fa8afd7d 5ca780707e8cae81	No	N/A	N/A	Internal Submission
6	N/A	Executable	2211c9a2ec530691 88c3cf437b98239d aea54033	a739afa5a1617a48 020165612c3eb632	No	N/A	N/A	United States
7	N/A	Executable	25aee6edfb3b9e96 6d768869b49a68a5 bdf01661	98aa8eeffda6fbde ea344336fa569ae5	No	N/A	N/A	Internal Submission
8	N/A	Executable	567ccf1d178f8478 ffca26fbb169a8f2 96daa8c6	7fd3b18a39f4ef60 00227a72b0215865	Yes	N/A	N/A	United States
9	N/A	Executable	7fbb4d7cd9635073 192819e1fb2ad2c2 90856289	6b8f0103ed8e37d5 135dc74f6962b05e	No	N/A	N/A	United States
10	Temple Of Transgression	Executable	9ee5d41148afd868 2dd58c17fba56b5c 2d3b4515	11884c7135808d11 815bc9a2853105d2	No	1.00	1.00	Internal Submission
11	N/A	Executable	85869a22867ee2d4 53d9bcb37f913eb1 9e73b809	c16d6c2c86d1fd3f 76f369b857fc51d2	No	N/A	N/A	198.20.167.84/32
12	N/A	Executable	d0af3a5ece30502b bbb56688c970f998 71774327	6ebe75da808524ca 8eb06ae064522777	No	N/A	N/A	104.238.128.144/32
13	N/A	Executable	0d13a9108431ad37 1d59e7d6aff17081 9d545f74	3f73d27b71c08036 55cfae3c5221e693	Yes	N/A	N/A	United States
14	N/A	Executable	a276ca3f7d8953ca a4cf51bc3b5b9223 68556056	245ce41fd86e8aff 0f3ee13d53dfe248	No	N/A	N/A	10.224.1.116/32
15	N/A	Executable	5952e883ab7beaee d5166ec52a1c6bda 4750f191	5d63f5bafad963af d57f3b28fca2a853	No	N/A	N/A	10.224.1.57/32
16	Microsoft Corporation	Executable	a7baaf5d0ec32348 5acb09e322e829d4 27f91a0b	36cf489ed41ebec7 77d86afea4a45902	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	United States
17	N/A	Executable	3d3d334e3decb953 e8af510cdadb24b3 af72966c	103f312d33fbecad 8bb903ce646f55d2	No	N/A	N/A	Internal Submission
18	N/A	Executable	28d58cbe16253447 577586875a70a569 2adbbc0c	3959ac1d00f2172b a872a9ad54e32552	No	N/A	N/A	104.238.128.144/32
19	N/A	Executable	b8f6287c087153fa 357d409bd0464735 061d5300	9ec275e20fab98de 8dbd0027d3cd6f00	No	N/A	N/A	United States
20	N/A	Executable	0be37750001a4c60 8c90e19bfa5383cb 7da11dd6	81e47bca760f3289 66888d6a600cc557	No	N/A	N/A	United States
21	N/A	Executable	08b1cf463c5470de 5a644e5441a27412 2789cc53	4de87d064877fa67 26654f6812a719b0	No	N/A	N/A	Internal Submission
22	N/A	Non-executable	c1b34b51e7aba1bd b980eea4aceeae8d 45ccc8da	89bb4cddbe851cc4 cf5caa34dcb45e66	No	N/A	N/A	Internal Submission
23	N/A	Executable	482e4a34fb8951dd bba6f64f7600eba8 fd3dcbba	aa1153ec5c2df7e6 e5cf8a10e2ef731e	No	N/A	N/A	Internal Submission
24	N/A	Executable	24d5378c1b38c5c0 b2d1b3f31efcfa3d 58ae1e73	db6c53ec6b0e7d1d b585b31f0cf3794a	No	N/A	N/A	United States
25	N/A	Executable	e4d9a45ca47370cc 0020c46ce2848a97 34d1412c	2c24ba0bb34dc318 24ff9a1aae34e990	No	N/A	N/A	United States
26	N/A	Executable	01ab609d1eb32ff0 082fab3ace8c98f0 35be003f	1bed381fb6bddea1 a662d79c1ff6f248	No	N/A	N/A	United States
27	N/A	Executable	afdb2b7efafa6a32 21a5b598b9383db0 66cf5b8a	9c8b5235cbc3b9c2 30d481c93a9bc5a2	No	N/A	N/A	United States
28	N/A	Executable	f1e9fe686f27a012 f51b223581e852ea a78dc7f9	bacddd6912b43498 6b0717360f25bad3	No	N/A	N/A	United States
29	N/A	Executable	00c92efc821f4ee7 fc515e4030363500 e685d7f2	fd0d1430b9dac4ce 0debaf7157bdbef3	No	N/A	N/A	United States
30	N/A	Executable	0a0b853da81e76db 90da944779fa6086 db273ac1	130a2c373694247c f98672c561cf1628	No	N/A	N/A	104.238.128.144/32
31	N/A	Executable	e4316ca7fe4a97ae d4aa6e59d9fff904 fefed915	426a89a54aae627a e92c9cc04b7623b7	No	N/A	N/A	United States
32	N/A	Executable	5dcc5943dc8890b8 634e5d1f061a184c 11070ee6	858adcc8b1c2e14e 7bd7af45ad44d38c	Yes	N/A	N/A	United States
33	N/A	Executable	1f2405112d9e5a0c 076b478ecf0d0859 814f23f3	09b49ae34a468eae 90c0a72df7523f7d	No	N/A	N/A	Internal Submission
34	N/A	Executable	73a42ce11516f46a b5a56f01c1cf9744 da596175	a291006d2c604627 e3b273c18418a1a5	No	N/A	N/A	United States
35	N/A	Executable	3a99d557578b5057 d754c15c63743369 7b5e9897	2024298a5e8bd29a 8ad02d2bbf15767a	No	N/A	N/A	Internal Submission

Prev 1 2 3...9 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Malware Search Engine

How to Remove “sort.exe”

What is sort.exe?

How to determine if your computer is infected with sort.exe malware?