ThreatExpert's Statistics for Rootkit.Order [PC Tools]:

Rootkit.Order [PC Tools] is also known as:

Threat Alias	Number of Incidents
Infostealer.Gampass [Symantec]	476
Hacktool.Rootkit [Symantec]	475
PWS-Mmorpg.gen [McAfee]	231
Generic RootKit.a [McAfee]	225
Packed/Upack [AhnLab]	150
New Malware.n [McAfee]	128
Generic.dx [McAfee]	127
TSPY_ONLINEG.NU [Trend Micro]	115
Generic PWS.y [McAfee]	113
TSPY_ONLINEG.ESF [Trend Micro]	100
TROJ_ROOTKIT.FO [Trend Micro]	90
Mal/Packer, Mal/EncPk-BW [Sophos]	88
TSPY_ONLINEG.QSQ [Trend Micro]	63
Troj/Virtum-Gen [Sophos]	62
Trojan.Win32.Vilsel.ogc [Kaspersky Lab]	51
Trojan-PWS.OnlineGames.ADRD [PC Tools]	45
TROJ_FRETHOG.AS [Trend Micro]	40
TSPY_FRETHOG.AO [Trend Micro]	36
TSPY_ONLINEG.SGW [Trend Micro]	36
Trojan-PWS.Win32.Small [Ikarus]	24
Possible_OLGM-11 [Trend Micro]	17
TSPY_ONLINEG.KAH [Trend Micro]	16
TSPY_ONLINEG.HDM [Trend Micro]	15
Trojan.Win32.Vilsel.ndz [Kaspersky Lab]	13
Trojan.Win32.Vilsel.ndw [Kaspersky Lab]	12
Trojan.Win32.Vilsel.ndy [Kaspersky Lab]	12
Trojan.Win32.Vilsel.nea [Kaspersky Lab]	12
TSPY_ONLINEG.HDL [Trend Micro]	12
TSPY_ONLINEG.UPC [Trend Micro]	12
Infostealer [Symantec]	11
WORM_DROM.AI [Trend Micro]	11
Trojan-PSW.Win32.OnLineGames.yjj [Kaspersky Lab]	10
TSPY_ONLINEG.HQT [Trend Micro]	10
HackTool.Win32.Agent.be [Kaspersky Lab]	9
Rootkit.Win32.Agent.abq [Kaspersky Lab]	9
TSPY_ONLINEG.UQN [Trend Micro]	9
TSPY_ONLINEG.ESG [Trend Micro]	8
PWS-LegMir [McAfee]	7
Trojan-PSW.Win32.OnLineGames.tkz [Kaspersky Lab]	7
TSPY_ONLINEG.JUB [Trend Micro]	7
VirTool:WinNT/Fispids.gen!A [Microsoft]	7
Generic.ff [McAfee]	6
Trojan.Win32.Vilsel.neb [Kaspersky Lab]	6
TSPY_ONLINEG.NR [Trend Micro]	6
TSPY_ONLINEG.RRL [Trend Micro]	6
Downloader [Symantec]	5
Trojan-PSW.Win32.OnLineGames.aicq [Kaspersky Lab]	5
Trojan-PSW.Win32.OnLineGames.tjq [Kaspersky Lab]	5
New Malware.ey [McAfee]	4
TROJ_AGENT.LZP [Trend Micro]	4
Trojan-Downloader.Win32.Agent.dex [Kaspersky Lab]	4
Trojan-PSW.Win32.OnLineGames.aigh [Kaspersky Lab]	4
TSPY_AGENT.PCU [Trend Micro]	4
TSPY_ONLINEG.DJZ [Trend Micro]	4
TSPY_ONLINEG.QLE [Trend Micro]	4
Mal/Generic-A [Sophos]	3
PWS-OnlineGames.bu [McAfee]	3
Trojan.Win32.Vilsel.ndm [Kaspersky Lab]	3
Trojan.Win32.Vilsel.ogd [Kaspersky Lab]	3
Trojan-PSW.Win32.OnLineGames.ahvk [Kaspersky Lab]	3
Trojan-PSW.Win32.OnLineGames.wcs [Kaspersky Lab]	3
Generic.PWS.Games.3 [Ikarus]	2
Trojan.PWS.QQPass [Symantec]	2
Trojan.Win32.Agent2.kqk [Kaspersky Lab]	2
Trojan.Win32.Vilsel.nec [Kaspersky Lab]	2
Trojan-GameThief.Win32.Magania.gen [Kaspersky Lab]	2
Trojan-PSW.Win32.OnLineGames.aeec [Kaspersky Lab]	2
Trojan-PSW.Win32.OnLineGames.aejc [Kaspersky Lab]	2
Trojan-PSW.Win32.OnLineGames.oen [Kaspersky Lab]	2
Trojan-PSW.Win32.OnLineGames.prw [Kaspersky Lab]	2
Trojan-PSW.Win32.OnLineGames.pry [Kaspersky Lab]	2
Trojan-PSW.Win32.OnLineGames.pyx [Kaspersky Lab]	2
Trojan-PSW.Win32.OnLineGames.qpp [Kaspersky Lab]	2
TSPY_ONLINEG.DTX [Trend Micro]	2
TSPY_ONLINEG.EJG [Trend Micro]	2
TSPY_ONLINEG.QFV [Trend Micro]	2
W32.SillyFDC [Symantec]	2
W32/Cekar [McAfee]	2
Backdoor.Win32.PcClient.ie [Kaspersky Lab]	1
BackDoor-CKB [McAfee]	1
Bloodhound.Unknown [Symantec]	1
Dropper/OnlineGameHack.16364 [AhnLab]	1
Generic Downloader.x [McAfee]	1
Generic PWS.o [McAfee]	1
Generic.dx!la [McAfee]	1
Infostealer.Menghuan [Symantec]	1
Mal/Autorun-C, Mal/Packer, Mal/EncPk-BW [Sophos]	1
Mal/Behav-152, Mal/Packer, Mal/Behav-214, Mal/Dropper-AB, Mal/EncPk-BW [Sophos]	1
Mal/Behav-152, Mal/Packer, Mal/Behav-214, Mal/EncPk-BW [Sophos]	1
Mal/Dropper-G, Mal/Packer, Mal/EncPk-BW [Sophos]	1
Mal/EncPk-BW [Sophos]	1
Mal/EncPk-BW, Mal/Behav-214, Mal/Behav-152, Mal/Dropper-AB [Sophos]	1
Mal/EncPk-BW, Mal/Packer, Mal/EncPk-BW, Troj/Virtum-Gen [Sophos]	1
Mal/EncPk-BW, Mal/Packer, Mal/Packer, Mal/EncPk-BW, Mal/Autorun-C [Sophos]	1
Mal/Packer [Sophos]	1
PE_DROWOR.AO-O [Trend Micro]	1
PE_MUMAWOW.AO-O [Trend Micro]	1
PWS-LegMir.gen.b [McAfee]	1
PWS-Mmorpg!ib [McAfee]	1
Suspicious.MH690 [Symantec]	1

Rootkit.Order [PC Tools] has the following possible country of origin:

Origin		Number of Incidents
	China	118

Rootkit.Order [PC Tools] is known to be created as:

%ProgramFiles%\common files\fjos0r.dll

%ProgramFiles%\internet explorer\onlo0r.dll

%System%\aitlasys.exe

%System%\atgnehz.dll

%System%\avzxfst.exe

%System%\axmsawin.exe

%System%\axptajpg.exe

%System%\cuhad.dll

%System%\dehxaklo.exe

%System%\drivers\msosfpids32.sys

%System%\drivers\msosmsp2p32.sys

%System%\drivers\nicomsp2p32.sys

%System%\duygnef.dll

%System%\ektvm.dll

%System%\etshabty.exe

%System%\gdgji32.dll

%System%\gdhnxai32.dll

%System%\gdmsi32.dll

%System%\gdqqhxi32.dll

%System%\gdwdi32.dll

%System%\gdwli32.dll

%System%\gdwmi32.dll

%System%\gdzxi32.dll

%System%\gnaixnauhqq.dll

%System%\gnaixnauhuoyizqq.dll

%System%\gnolnait.dll

%System%\hjiq.dll

%System%\honey\honeydll.dll

%System%\hz.dll

%System%\iemnaw.dll

%System%\ijiq.dll

%System%\ijougiemnaw.dll

%System%\iqnauhc.dll

%System%\isdsasrv.exe

%System%\jbhxabyt.exe

%System%\jyjlt.dll

%System%\kawdeaz.exe

%System%\kb010101253.dll

%System%\kb014201044.dll

%System%\kb016181219.dll

%System%\kb019215153.dll

%System%\kb020115851.dll

%System%\kb02092936.dll

%System%\kb0213226.dll

%System%\kb02152527.dll

%System%\kb02161012.dll

%System%\kb02161033.dll

%System%\kb02191126.dll

%System%\kb023231653.dll

%System%\kb0235371.dll

%System%\kb118223959.dll

%System%\kb118224130.dll

%System%\kb118224858.dll

%System%\kb118224938.dll

%System%\kb11873958.dll

%System%\kb1197520.dll

%System%\kb1197536.dll

%System%\kb120234420.dll

%System%\kb12023447.dll

%System%\kb12032822.dll

%System%\kb1209295.dll

%System%\kb12132135.dll

%System%\kb12152451.dll

%System%\kb12152512.dll

%System%\kb12191633.dll

%System%\kb1219448.dll

%System%\kb12195329.dll

%System%\kb123112746.dll

%System%\kb123112924.dll

%System%\kb123231619.dll

%System%\kb123231639.dll

%System%\kb12353626.dll

%System%\kb12353655.dll

%System%\kb21822409.dll

%System%\kb218224130.dll

%System%\kb218224856.dll

%System%\kb218224938.dll

%System%\kb21851622.dll

%System%\kb21851743.dll

%System%\kb219215126.dll

%System%\kb219215136.dll

%System%\kb2197536.dll

%System%\kb220234420.dll

%System%\kb22032454.dll

%System%\kb22092915.dll

%System%\kb22093037.dll

%System%\kb22132145.dll

%System%\kb22152512.dll

%System%\kb2215252.dll

%System%\kb223231630.dll

%System%\kb223231639.dll

%System%\kb22353637.dll

%System%\kb22353655.dll

%System%\kb318224020.dll

%System%\kb318224130.dll

%System%\kb318224857.dll

%System%\kb318224938.dll

%System%\kb319215142.dll

%System%\kb3197549.dll

%System%\kb320115515.dll

Notes:

%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).