Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Remove SecurityRisk.First4DRM, Sony Rootkit

NameSecurityRisk.First4DRM
TypeRootkit
Short DescriptionCreated to hide processes, files, folders, and registry subkeys that begin with the $sys$ string.
SymptomsThe processes, files, folders, subkeys beginning with $sys$, are hidden.
Distribution MethodCertain Sony CDs bundled with anti-piracy protection software.
Detection toolDownload SpyHunter, to See If Your System Has Been Affected By SecurityRisk.First4DRM

First4DRM, also known as SecurityRisk.First4DRM is an online threat classified as a rootkit. It was first published back in 2007 by First 4 Internet Ltd., but apparently has been exploited for malicious intentions.The rootkit is designed to hide particular processes, files, folders, and registry subkeys that begin with the $sys$ string. The rootkit was originally designed to conceal a legitimate application, but it can be employed to hide various objects, malware included.

First 4 Internet Ltd. Company, Fortium Technologies Ltd. Description

First 4 Internet Ltd. is a British company that changed its name to Fortium Technologies Ltd in 2006. Fortium Technologies is best known as the publisher of Extended Copy Protection (XCP).
p15_0000
XCP is a software package that fits the description of a copy protection or digital rights management (DRM) scheme for Compact Discs (CDs). Sony BMG used the DRM on some of its CDs. The software was later dubbed the Sony rootkit due to the scandal that emerged in 2005.

First4DRM, SecurityRisk.First4DRM Threat Evaluation

According to security research, the First4DRM rootkit affects the following systems:

→Windows 2000, Windows NT, Windows Server 2003 or Windows XP

Despite the fact that First4DRM was published as legitimate software, it has brought a lot of scandalous attention. Because of the ways it is distributed onto user computers, First4DRM has been accepted as malicious by both users and security specialists.

In a nutshell, the rootkit is installed by anti-piracy protection software bundled with numerous audio CDs published by Sony BMG. Its purpose is to hide the files and entries that come with the anti-copy system in question. The problem is some malware pieces can take advantage of the rootkit and its capability to hide and remain unnoticed. Hence, many anti-malware solutions and independent researchers have concluded that the impact of the rootkit is quite massive.

More Sony-related Security News

How Can I Remove First4DRM from my PC?

The good news is the so-called Sony rootkit can be deleted manually from the PC by deleting the following registry entry:

→CODE HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServices$sys$aries

The file aries.sys will have to be removed, as well as these two directories:

→CODE

C:WindowsSystem32$sys$filesystem

CODE

C:WinntSystem32$sys$filesystem

Once this is done, consider performing a full system scan to make sure that your PC is running faultlessly and malware-free.

Finally, we would also like to remind you what a rootkit is in the context of malware. A rootkit is a collection of malicious software developed to grant access to computers or parts of their software. Such access is usually not allowed, especially to unauthorized users. Once the rootkit is on the system, it will hide its existence and the residence of malevolent progtams.

donload_now_250
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

Milena Dimitrova

An inspired writer, focused on user privacy and malicious software. Enjoys 'Mr. Robot' and fears '1984'.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.