Sony DRM Rootkit – $SYS$DRMSERVER.EXE

A file called $sys$drmserver.exe installs with a controversial new 'digital rights management' program from Sony. When you play a CD from Sony BMG (or one of its many publishers) a Rootkit written by First4Internet is installed. It is intended to prevent copying and sharing the music from the CD. But, because of the way it is installed, it could be a security risk opening a 'backdoor' for viruses or other malicious programs or users.

Microsoft has responded to this stating that it will remove this software as it is a security risk to Windows. The removal tool will be built into the Microsoft Antispyware beta and Microsoft's free Malicious Software Removal Tool. You'll find that free tool at http://www.microsoft.com/downloads/details.aspx?familyid=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang;=en.

We'd recommend removing this file using WinPatrol. First, kill it under Active Tasks then remove it from your Startup Programs. If running WinPatrol 8.x or later; right click the file then select "Delete file on Reboot". You may need to repeat this process the next time you play a Sony music CD on your computer.

Recommend Removal

Sony
First4Internet