|
|
|  |
|
|
|
|
F-Secure Malware Information Pages: LinkOptimizer

|
|
|
| Radar |
 |
|
|
|
Summary
|
| LinkOptimizer is an Adware/Spy application with active rootkit technology. LinkOptimizer copies itself to a windows directory. LinkOptimizer disables certain features of the operating system and downloads files from several websites and executes them. |
|
|
|
Detailed Description
|
LinkOptimizer is an adware program that generates pop-up windows at random intervals while connected to the internet. LinkOptimizer adds itself to a Browser Helper Object list in the registry to maintain control of Internet Explorer instances. It also hijacks the default search page.
Recently, LinkOptimizer was bundled with a powerful rootkit named Gromozon. Gromozon's main purpose was hiding its own presence along with the LinkOptimzier component, using numerous techniques, such as:
- Special user account
- Undocumented NTFS features
- Blocking anti-rootkit programs
- Windows API hooking
- Removing the user's administrator rights
|
|
|
|
F-Secure Corporation |
|
|
|
|
|
Last Modified: May 09, 2007
|
|
|
|
|