Sony DRM Rootkit Test: Are You Infected?

Posted November 10, 2005 by AlexTheBeast in Windows

What will you see if your system is infected with the Sony DRM rootkit? The test to determine whether or not you are infected will take seconds to perform. It is easy, and it is free.


The Sony rootkit hides all files starting with $sys$.

By testing for this, you can easily determine if you are infected with the Sony DRM rootkit.

1. Right-click blank area of the desktop.
2. Select New.
3. Select Text Document.
4. The name should be highlighted. Name it anything starting with $sys$, and hit Enter. An example is given below:
$sys$blah.txt
5. If the text document no longer appears on your desktop, then you have the rootkit installed.

You may also wish to try the free rootkit scanning software . If you use the rootkit scanning software, do not use it to clean the rootkit. You will kill your system. You can also use this update to unhide the rootkit.

The Conversation

Follow the reactions below and share your own thoughts.