Malware, adware, popups cli.sys

[AC Question]

what the heck is this and does it cause issues? If so how to get rid of it.

 

[Rikku Watro]

It may be either an app or something like the "popupuireceiver" that my friend got before. I think resetting your phone or installing Clean Master and checking with the scan could help.

 

[noveske969]

Thanks for you prompt reply , I have ran "clean master" as well as malware bytes and same result. i delete it and it keeps coming back I figure it cant be a good thing if it does this on its own.

 

[renegade311]

I have the same file in my download folder in my galaxy s4. Tried a factory reset and it still keeps coming back.

 

[Night29m]

I noticed this file as well when I got my LG G3..... But it only showed up after I installed atorrent.... After I uninstalled atorrent it went away.... So if you have a torrent app installed that may be the issue....

 

[Iamgene]

It has only been coming up recently on my ZTE. I've noticed that it only appears in my download directory after downloading images from the internet. I searched cli.sys and found it stands for CLIENT LINE INPUT, and sys indicates a system file.
My guess is that it is a file that logs your input lines while browsing and possibly is secretly piggybacking files you download. I think that a remote user is able to get this information behind your back when you go online.
Your system normally has a cli.sys file your Carrier uses for setting up etc. But since it works from the system directory there's no reason it should be located elsewhere. Malware detection software doesn't see it as a threat because of the filename. But maybe they should update to warn you if it finds system files in user directories....