F-Secure Malware Information Pages: LinkOptimizer

Main Index

Security Guide

F-Secure World Map

Security Alerts

Virus Statistics

Malware Removal Tools

Malware Code Glossary

Submit Malware Sample

Select local site

Main Index » Security Centre » Descriptions

F-Secure Malware Information Pages: LinkOptimizer

[Summary] \| [Detailed Description]
Name :	LinkOptimizer
Alias:	LinkOptimizer
Type:	Trojan-Spy, Adware, Rootkit, Trojan-Downloader
Category:	Malware
Platform:	W32

Radar

Summary

LinkOptimizer is an Adware/Spy application with active rootkit technology. LinkOptimizer copies itself to a windows directory. LinkOptimizer disables certain features of the operating system and downloads files from several websites and executes them.

Back to the Top

Detailed Description

LinkOptimizer is an adware program that generates pop-up windows at random intervals while connected to the internet. LinkOptimizer adds itself to a Browser Helper Object list in the registry to maintain control of Internet Explorer instances. It also hijacks the default search page.

Recently, LinkOptimizer was bundled with a powerful rootkit named Gromozon. Gromozon's main purpose was hiding its own presence along with the LinkOptimzier component, using numerous techniques, such as:

Special user account
Undocumented NTFS features
Blocking anti-rootkit programs
Windows API hooking
Removing the user's administrator rights

Back to the Top

F-Secure Corporation

Last Modified: May 09, 2007