Educause Security Discussion mailing list archives

CSC.SYS Backdoor.Tidserv.I!inf

From: Daniel Bennett <dbennett () PCT EDU>
Date: Fri, 4 Mar 2011 14:15:57 +0000

Hello All,

Our Symantec console has been reporting a few machines across our campus as having a Backdoor.Tidserv.I!inf virus and 
always identifies CSC.SYS as the file (C:\Windows\System32\drivers\csc.sys).  However, I have come up empty with other 
malware scanners and can't identify where this is coming from because it is always tied to the SYSTEM account.

Has anyone see this recently or in the past?

Thanks,

Daniel Bennett
IT Security Analyst
Vice-Chair North Central PA Members Alliance
Pennsylvania College of Technology
P:570.329.4989
E:dbennett () pct edu

Current thread:

CSC.SYS Backdoor.Tidserv.I!inf Daniel Bennett (Mar 04)
- Re: CSC.SYS Backdoor.Tidserv.I!inf Rich Graves (Mar 04)
- iPhone/iPad/iPod and Facetime Mark Rogowski (Mar 04)
  - Re: iPhone/iPad/iPod and Facetime Julian Y. Koh (Mar 04)