Exterminate It! Antimalware

malpedia

Known threats:700,086 Last Update:March 16, 12:51

Testimonials

Dear Matt and Exterminate it,

Thank you so much. This seems to have fixed the problem. Wow. That virus was in there pretty deep. A*G didn't even identify it. S****t would just freeze up when I tried to run it. But the update from Exterminate It, removed it.

Again, thanks.

Kind Regards,
Rev. Mel C. Montgomery

Brother Mel

File: sysmnt.dat

Location of sysmnt.dat and Associated Malware

Check whether sysmnt.dat is present in the following locations:

sysmnt.dat file locations that are Windows version independent:

  • C:\Windows\System32\sysmnt.dat

If you find sysmnt.dat file in any of these locations, your computer is very likely to be infected with the following malware:

IMPORTANT: Malware files can be camouflaged with the same file names as legitimate files. The sysmnt.dat file is associated with malware only if found in the locations listed above.

Notes:

Different Variations of sysmnt.dat File^

File SizeFile Md5Last Seen
8719A7E5A59E107129C9872A4B6301E160Dec 29, 2009
132B0518DC6A8AACA691981B64ABE8D3947Jan 12, 2010
636B709810A55CAE2800AE57D28AEC80763Jan 22, 2010
587AB67234CBC02358A2BFC28C65375F2CBMar 24, 2010
410FA28D1067F0C84AC2270AC5BE7135688Jun 3, 2010
1639B2EF5D84AFF207D6AB3F7C40ACBB7E0Oct 29, 2010
649EF055342ED962CC8155FE02BD3C1E0EAFeb 11, 2011
48386B55E5728801C7E5FFA02A95FFF68F3Apr 13, 2011
256A71544169E6FD8CD29DE69848F41B112Jun 23, 2011
575835AF05666242BBAE4D67C0B7745AC96Aug 4, 2011
5760EC51AC227899797B57E0A3FDCF7F2F3Sep 7, 2011
652CC715AB6EDB7546B899E8602FF4B9656Sep 8, 2011
5319DE6902254D3CB47A547BF2A6141195Feb 2, 2012
162BAC2C6A4ED6FC63DBB8CB1735F0E3232Sep 30, 2012
1622819BECD77426F2C1CB0D8E08F88F8B6Sep 30, 2012
2055EB89FB3F6A6BD46DA45A1F1FC6C15B2Sep 30, 2012
5056774A90692E40C43021BC81080DBBA74Aug 19, 2013
127A164F3BFD9A3F3D00C5B66FDBEAF3376Feb 14, 2014

Why Is It Important to Remove Malware Files?^

It is imperative that you delete malware-associated files as soon as possible because they can be used - or are already being used - to inflict serious damage on your PC, including:

  • Disrupting the normal functioning of the operating system or rendering it completely useless.
  • Hijacking valuable private information (credit card numbers, passwords, PIN codes, etc.)
  • Directing all your Web searches to the same unwanted or malicious sites.
  • Dramatically slowing down your computer.
  • Gaining total control of your PC to spread viruses and trojans and send out spam.

How to Remove sysmnt.dat^

  1. To enable deleting the sysmnt.dat file, terminate the associated process in the Task Manager as follows:
    • Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
    • In the Tasks Manager window, click the Processes tab.
    • On the Processes tab, select sysmnt.dat and click End Process.
  2. Using your file explorer, browse to the file using the paths listed in Location of sysmnt.dat and Associated Malware.
  3. Select the file and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. Repeat steps 2-4 for each location listed in Location of sysmnt.dat and Associated Malware.
  6. Notes:

    • The deletion of sysmnt.dat will fail if it is locked; that is, it is in use by some application (Windows will display a corresponding message). For instructions on deleting locked files, see Deleting Locked Files.
    • The deletion of sysmnt.dat will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. Request your system administrator to grant you write rights for the file.

Deleting Locked Files^

You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.

After you delete a locked file, you need to delete all the references to the file in Windows registry.

To delete a locked file:

  1. Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
  2. Restart your computer.

The file will be deleted on restart.

Note: In the case of complex viruses that can replicate themselves, malware files can reappear in the same locations even after you have deleted those files and restarted your computer. Exterminate It! Antimalware can effectively eradicate such viruses from your computer.

To remove all registry references to a sysmnt.dat malware file:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK. The Registry Editor window opens.
  3. On the Edit menu, select Find.
  4. In the Find dialog box, type sysmnt.dat. The name of the first found registry value referencing sysmnt.dat is highlighted in the right pane of the Registry Editor window.
  5. Right-click the registry value name and select Delete on the menu.
  6. Click Yes in the Confirm Value Delete dialog box.
  7. To delete all other references to sysmnt.dat, repeat steps 4-6.
IMPORTANT: Malware files can masquerade as legitimate files by using the same file names. To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of sysmnt.dat and Associated Malware.