First4DRM

First4DRM is a rootkit that conceals any running processes, files, folders, and registry subkeys that begin with the $sys$ string. First4DRM has the ability to prevent installed applications and computer tools from entering hidden objects to only allow specific processes that begin with the same $sys$ string to access them. The First4DRM rootkit is a component of XCP Content Manager (which is genuine software that is used for the protection of digital media from unauthorized reproduction, publishing… First4DRM operates as spyware and automatically runs on every Windows startup.