You're in: Panda Security > Home Users > security-info > about-malware > encyclopedia > overview

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

XCP
Threat LevelDamageDistribution

At a glance Tech details Solution

Effects

XCP hides the files, subfolders and entries of the Windows Registry beginning with the text string $sys$.

Certain backdoors such as Ryknos.A and Ryknos.B attempt to take advantage of the functionality of XCP and add the text string $sys$ to their files, in order to remain stealth on the affected computer.

For further information on XCP, Sony BMG has made available a website with more data, which you can access by clicking here.

Panda Security's TruPrevent^TM Technologies prevent any new threat from exploiting this rootkit in the computer where they are installed.

Infection strategy

XCP creates the file ARIES.SYS in the subfolder $SYS$FILESYSTEM of the Windows system directory.

XCP creates the following path in the Windows Registry with the necessary entries in order to install the driver ARIES.SYS:

HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ $sys$aries

Means of transmission

XCP reaches the computer installed by the anti-piracy protection software incorporated in some audio CDs from the company Sony BMG, in order to hide the files and entries belonging to the anti-piracy system.

Further Details

XCP is 6,272 bytes in size.

Panda Security. New Lineup 2012. Renew now

Antivirus Solutions

Technical Support