F-Secure
Tools
LinkOptimizer
| Name : | LinkOptimizer |
| Category: | Malware |
| Type: | Trojan-Spy, Adware, Rootkit, Trojan-Downloader |
| Platform: | W32 |
Summary
LinkOptimizer is an Adware/Spy application with active rootkit technology. LinkOptimizer copies itself to a windows directory. LinkOptimizer disables certain features of the operating system and downloads files from several websites and executes them.
Additional Details
LinkOptimizer is an adware program that generates pop-up windows at random intervals while connected to the internet. LinkOptimizer adds itself to a Browser Helper Object list in the registry to maintain control of Internet Explorer instances. It also hijacks the default search page.
Recently, LinkOptimizer was bundled with a powerful rootkit named Gromozon. Gromozon's main purpose was hiding its own presence along with the LinkOptimzier component, using numerous techniques, such as:
Recently, LinkOptimizer was bundled with a powerful rootkit named Gromozon. Gromozon's main purpose was hiding its own presence along with the LinkOptimzier component, using numerous techniques, such as:
• Special user account
• Undocumented NTFS features
• Blocking anti-rootkit programs
• Windows API hooking
• Removing the user's administrator rights