Modification of MSSYS.SYS

When I run a poker program, Defence+ warns that the program is trying to modify MSSYS.SYS.

Can this behaviour be legitimate? - The warning was not seen before update to CFP vers. 3, so what has the poker program been doing to this file previously?


What OS are you running? I’m running Windows XP Pro SP2, but I haven’t got that file on my system (searched with hidden and system files/folders enabled). I hope you are sure that it’s not mssys.exe, because that’s a virus.
I guess someone else maybe know what mssys.sys is used for. If I knew it would be easier to tell if it’s legitimate or not. Sounds like it’s some important file tho.
Also, what’s the name of the poker program?


Hi, Ragwing, thanks for your reply.

I’m running XP Home SP2 and it’s definitely C:\MSSYS.SYS (hidden/system). I’d Googled for MSSYS and MSSYS.SYS - the former returned hits for MSSYS.EXE (virus), but the latter only turned up a few (innocent) HijackThis listings.

So, thinking about it I don’t think it can be a Windows system file from Microsoft (in spite of the name).

I’ve since checked with the poker program supplier and they’ve now replied saying that it is legitimate. So, I’ll go along with this and allow it in Defence+