Threat Database Rootkits Win32/Olmasco.O


By Sumo3000 in Rootkits

Threat Scorecard

Threat Level: 80 % (High)
Infected Computers: 83
First Seen: December 28, 2011
Last Seen: December 16, 2022
OS(es) Affected: Windows

Win32/Olmasco.O is a rootkit that embeds itself into the Master Boot Record (MBR) of an infected PC. Doing so will allow Win32/Olmasco.O to load at startup and initiate malicious actions without hitting any roadblocks in the form of an antivirus program. Usually with Win32/Olmasco.O running in the background it is able to slip by detection of common antivirus programs. Win32/Olmasco.O may cause utter destruction on an infected system which is why it must be removed promptly with an updated antimalware program capable of removing rootkit parasites.

File System Details

Win32/Olmasco.O may create the following file(s):
# File Name Detections
1. %TEMP%\.exe

Registry Details

Win32/Olmasco.O may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ".exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'


Most Viewed