Home Malware Programs Rootkits Rootkit.Order

Rootkit.Order

Posted: January 18, 2010

Rootkit.Order is a malicious rootkit which comes armed with keylogger to steal confidential details like credit card numbers and other online banking details. Rootkit.Order has the ability to modify the host file and restrict access to security websites. Rootkit.Order may be installed via stealth exploits, without user consent. Rootkit.Order should be removed using a reliable anti-virus program.

Aliases

Trojan.Win32.Vilsel.ogc (Kaspersky Lab)
New Malware.n (McAfee)
Mal/EncPk-BW (Sophos)
Packed/Upack (AhnLab)
packed with UPack (Kaspersky Lab)

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %System%\drivers\bmtpws31.dat
    2 %System%\imm32.dll.bak
    3 %System%\kb817221931.dll
    4 %System%\wsconfig.db
    5 c:\del1bf05.bat
Loading...