Exterminate It! Antimalware

malpedia

Known threats:700,086 Last Update:March 16, 12:51

Testimonials

I ran the free version on my system that I knew had something on it, nothing would detect what was going on but your program did! I instantly bought it and now it's clean!

Awesome job! I'm an instant life-long customer.

Peter C.

File: sys.dat

Location of sys.dat and Associated Malware

Check whether sys.dat is present in the following locations:

sys.dat file locations that are Windows version independent:

  • C:\Windows\System32\sys.dat
  • C:\Windows\sys.dat

If you find sys.dat file in any of these locations, your computer is very likely to be infected with the following malware:

IMPORTANT: Malware files can be camouflaged with the same file names as legitimate files. The sys.dat file is associated with malware only if found in the locations listed above.

Notes:

Different Variations of sys.dat File^

File SizeFile Md5Last Seen
35840544C3E98FF5403277B3596C9AC76AAA0Dec 17, 2009
34BBFFE8DE499528939E0A0BFCDBF12295Dec 22, 2009
414729D7FCC8F16B2D7BB034CC3A9447F2022Dec 28, 2009
493095C5E55545061A61B4BA237106385F3F0Dec 28, 2009
31221BA85EAC785F3FCED6E6884A1433E88DDec 31, 2009
938EB759317A31D44FCD5EB356BD32EE0B4Jan 7, 2010
17402948172C4731026FD708C3A6FCA2F46Jan 7, 2010
19504F3F59BCE1EE473C38A8FB055C97B188BJan 17, 2010
256998DBCB6E9B68D46D03482CADDBC6261BJan 20, 2010
87661A592ED2A4E3E5DC274CD07AB751AC964Feb 7, 2010
629423758A7A66C3ED77C683956F685570CFeb 17, 2010
19494F51CF12FC1837A75AA57A7A3E49461A1Feb 25, 2010
42496BDAAA317294CC9FCD183202F46307466Mar 5, 2010
1875400AD6945D7F03A078E1FB7ED8F981B3BMar 6, 2010
552482602A7BDD7BA53F4FE70E00B1B0612E35Mar 16, 2010
704501BE2196FA841A45E99F243618A747991CMar 17, 2010
45230A619E971ED961B049067267451CB9CB4Mar 19, 2010
5089AA2462517144AD950FF6024F6032B71CMar 23, 2010
7200692EFE0D6548482D59EC4E52B26D494Mar 24, 2010
14336072319C3545AC77980E65C6DD84DB77A0Mar 24, 2010
1404303BD22A90D1D639DAB3C92AAD6A1E9Mar 27, 2010
893BC46799605FD63DBE4B3FCE526D6BD56Mar 28, 2010
166262AE6BD4FBF8B209D3D96F7AE92A05B9FFMar 29, 2010
1307496B52747648284FBDD352CE5B3D5CF67Mar 30, 2010
214141AA699B2F375F52C71B89FD004452E46Mar 30, 2010
5747FAFA04381D8251619233053173DFFA1EMar 31, 2010
424965A3EF9ED26A712EF90110BA4CBF76923Feb 21, 2012
1137BC2E1FE4DBFD0258E5225B00EDF557FBApr 1, 2010
373767651A7440889686A9DA69979592D6C4EApr 1, 2010
232759D105A4B7E46A1B7DB0DD6116FAD01CApr 1, 2010
43008B0CE734D1176D49607B8EB19A468476CApr 7, 2010
98043230725F04E7F86D9B3B5322E967B1F190Apr 12, 2010
44032AEF43BBB6C0B052103D7B5C0875F0107Apr 22, 2010
103683693609728E45A220F2757C06684506BApr 23, 2010
28527440717B747C8BB7FF4A548101B5F7E5Apr 23, 2010
16602F1DEEFBFBA4BFA34E7B62939E780123DApr 26, 2010
10441F9F6A7037EF191DFF93C8C272FA1F1E3Apr 29, 2010
1744C05DB70DADF534D48C9A74C1D794487BMay 7, 2010
1148471F55FB8B13CA919CC610F425B6B9F90May 8, 2010
6575348AAC2C5F8AD6E3A5AA3F3188C00C9410May 10, 2010
24714D128E49DA8632F79538ED2EB42BFBDB7May 10, 2010
31098AEA979FF4BC8BA148306A6DF83DD952May 10, 2010
5016072EF809500E1B5782C629802D70D0BFMay 15, 2010
508745AC6F8E9969D2E639E8142E6B0EC1B65May 24, 2010
1031CC3C781B1F89D5102B6493EA469B3EBBJun 19, 2010
42496543112FFCCCB82B0B83849024826AFFCJul 14, 2010
10012A494A1548E8A6286A9172BAC46F6906CAug 15, 2010
15310B0DF66BBB8B9A952D09096EC8175F2D8Aug 23, 2010
1433604214167F13D91757134C5E08F5C2C625Aug 27, 2010
1107647B1BA2D0D6D79F42CBC9D1B82096A30EESep 3, 2010
268B935AAD6E250FD44FED3C76E965793EASep 17, 2010
367058AFB32B135C85B70CD4B58C4BE219D206Oct 6, 2010
61432378A32CC5CCE11E339016CA3E41148F9AOct 22, 2010
42496C4807AC97E3A1E95DD705A51669CD5B6Oct 25, 2010
4249696049E656791E07B6E88ADBC35B74C5CNov 10, 2010
2525EDBF8936E56AA9041E6402C854BB7B86Nov 17, 2010
441883520C3071F5F4A4A4613FB005E0CDec 7, 2010
1433605E6C3B9897C30FDCC94FDBDDAD7A09F7Dec 14, 2010
1705BE51400137DB380782FED878350A16Jan 6, 2011
6044CC850AC761B6E7B318CC1C7E0969E176Feb 2, 2011
373766516234095E5218702B245369E42A20AFeb 6, 2011
358408540203F788E6A1601E3183E2B801C0EMar 2, 2011
4F2DD0DEDB2C260419ECE4A9E03B2E828Apr 4, 2011
14336012D5C1FA2917571B65F9BC96275FFCDEApr 18, 2011
42496971695A9CBD26DC34650C7E518DEFAE3May 24, 2011
143360E2469DA52DD276DD092396A08EAD36D6Jul 12, 2011
37981CA9F97943E8698E4063B464C40576347Sep 5, 2011
14336085529265FEE0851610BAD67F13769A06Dec 9, 2011
143360B9BC3D6DE207C67D4CB628B261945FA9Jan 30, 2012
110913BA6446A09F0DE05279889C46F199C492Feb 25, 2012
14336057A4C18DBDB0D3C811110910470F8C87Jun 23, 2012
4EDCFAE989540FD42E4B8556D5B723BB6Jan 2, 2014
5FB9CEAE4D2F89413A99E14C08CF855F0Nov 18, 2014
143360D7D5A98A9A8F27D4735D8E5E5E40A684Nov 27, 2014
231F77131AB406C9F7DF2DDF8F980E0A78Mar 3, 2010
23461020EFCD14F74487B793FC4751EF66Jul 20, 2010
23EE3AAC23E541FDB8FBAC5A1510279F4EMar 28, 2013
1605732D9EC47891C55C158731E2912C06Jul 24, 2015
7292C9688358F9FD55BB2C02DE2D68A76BDJan 27, 2016

Why Is It Important to Remove Malware Files?^

It is imperative that you delete malware-associated files as soon as possible because they can be used - or are already being used - to inflict serious damage on your PC, including:

  • Disrupting the normal functioning of the operating system or rendering it completely useless.
  • Hijacking valuable private information (credit card numbers, passwords, PIN codes, etc.)
  • Directing all your Web searches to the same unwanted or malicious sites.
  • Dramatically slowing down your computer.
  • Gaining total control of your PC to spread viruses and trojans and send out spam.

How to Remove sys.dat^

  1. To enable deleting the sys.dat file, terminate the associated process in the Task Manager as follows:
    • Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
    • In the Tasks Manager window, click the Processes tab.
    • On the Processes tab, select sys.dat and click End Process.
  2. Using your file explorer, browse to the file using the paths listed in Location of sys.dat and Associated Malware.
  3. Select the file and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. Repeat steps 2-4 for each location listed in Location of sys.dat and Associated Malware.
  6. Notes:

    • The deletion of sys.dat will fail if it is locked; that is, it is in use by some application (Windows will display a corresponding message). For instructions on deleting locked files, see Deleting Locked Files.
    • The deletion of sys.dat will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. Request your system administrator to grant you write rights for the file.

Deleting Locked Files^

You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.

After you delete a locked file, you need to delete all the references to the file in Windows registry.

To delete a locked file:

  1. Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
  2. Restart your computer.

The file will be deleted on restart.

Note: In the case of complex viruses that can replicate themselves, malware files can reappear in the same locations even after you have deleted those files and restarted your computer. Exterminate It! Antimalware can effectively eradicate such viruses from your computer.

To remove all registry references to a sys.dat malware file:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK. The Registry Editor window opens.
  3. On the Edit menu, select Find.
  4. In the Find dialog box, type sys.dat. The name of the first found registry value referencing sys.dat is highlighted in the right pane of the Registry Editor window.
  5. Right-click the registry value name and select Delete on the menu.
  6. Click Yes in the Confirm Value Delete dialog box.
  7. To delete all other references to sys.dat, repeat steps 4-6.
IMPORTANT: Malware files can masquerade as legitimate files by using the same file names. To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of sys.dat and Associated Malware.