What is .sys, is the file csc.sys malware?

What is .sys, is the file csc.sys malware?

Is the file csc.sys malware?
From a real question at Yahoo Answers > Security I fielded here….
http://answers.yahoo.com/question/index?qid=20130524200015AA81DJP

MY ANSWER (as yahoo handle antibotnet)
This is…..

Other applications associated with file type SYS:
http://filext.com/file-extension/SYS

# PlayStation 2 (Icon) by Sony Corporation of America The identifying characters used for this association are – Hex: 50 53 32 44 , ASCII: PS2D
# SYGRAPH/SYSTAT/SPSS/PC (Data File)
# System Configuration
# System Device DriverNote: This file type can become infected and should be carefully scanned if someone sends you a file with this extension.
# Unknown Apple II File ((found on Golden Orchard Apple II CD Rom))

It is most likely referrring to a Device Driver. It can be a driver installed by malware and even a rootkit. It may be a malware piggy back using a valid driver. When you say Now Hidden – that is exactly what a rootkit infection does – it hides behind fake file name to avoid detection and are most times hard to remove. This is the one instance Microsoft themselves actually advise reinstalling the Windows Operating System that will have wiped the disk clean first automatically. Rootkits were the greatest threat and feared malware infection in the Windows XP Years. Since, Vista does not allow rootkits to run and now Windows 8 has antirootkit/antibootkit Secure Boot technologies as well.

Drivers need very very very careful treatment as certain ones being corrupted can leave you with the dreaded BSoD (Blue Screen of Death)! I recommend a higher quality antivirus product and note also that the top quality antivirus companies incorporated detecting rootkits also as the traditional antivirus catagory threats – virus, worm, most trojans.

EXAMPLE – MALWARE DRIVER INSTALL:
Symantec Identifies New Duqu Trojan Driver Variant
http://www.infosecisland.com/blogview/20762-Symantec-Identifies-New-Duqu-Trojan-Driver-Variant.html

RECOMMENDED…
I would recommend installing an anti-rootkit software and scanning for these. You did not mention your OS (operating system) – Win7 or XP ? There is a good chance it was simply a driver added in a malware payload which means you should be detecting trojans and other malware such as spyware packages. Do note that neither of the products you are using are known superior products and especially Spybot S&D which has chronically been reported as one of the worst security products as far as detecting and blocking malware.

Spybot – Search & Destroy – Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Spybot_%E2%80%93_Search_%26_Destroy
Spybot-S&D was written by the German software engineer Patrick Michael … PC Magazine initially rated it highly in 2003, their rating declined to “poor” in 2008: …

TRY (insted of Spybot SD)
Mamutu [$20USD Year]
http://www.emsisoft.com/en/software/mamutu/

BEFORE deciding to reinstall Windows I would recommend a known forum that is staffed that can help (free community help) BleepingComputer.Com
http://www.bleepingcomputer.com/

Source(s):

POSSIBLE INFECTIONS LISTS (2):

SEARCH TERM: csc.sys
http://www.spywareremove.com/search/?q=csc.sys&sa=Search&cx=009694213817960318989%3Ai1ojzq28m_4&cof=FORID%3A10%3BNB%3A1&ie=UTF-8&siteurl=http%3A%2F%2Fwww.spywareremove.com%2Fmalware-programs%2F
SEARCH TERM: csc.sys
http://www.microsoft.com/security/portal/threat/encyclopedia/search.aspx?query=csc.sys

Advertisements
%d bloggers like this: