It is a rootkit installed by the anti-piracy protection software bundled with certain audio CDs from the Sony BMG company, in order to hide the files and entries belonging to the antycopy system. There are certain malware that take advantage of its function, in order to remain unnoticed on computers where the rootkit is installed.

Windows 2003/XP/2000/NT

XCP is a rootkit, which is a program used in order to hide files, processes and entries in the Windows Registry.

It is installed by the anti-piracy protection software incorporated in some audio CDs from the company Sony BMG, in order to hide the files and entries belonging to the anti-piracy system. The rootkit hides all the files, directories and entries whose name begins with the text string $sys$.

Certain malware, such as the backdoors Ryknos.A and Ryknos.B exploit that functionality in order to remain unnoticed on computers where the rootkit is installed.

For further information on XCP, Sony BMG has made available a website with more data, which you can access by clicking here.

Panda Security's TruPrevent^TM Technologies prevent any new threat from exploiting this rootkit in the computer where they are installed.

XCP is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.