Aliases: N/A
Variants: N/A

Classification: Malware
Category: Computer Virus

Status: Dormant
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 03 Sep 2008
Damage: Low

Characteristics: The W32.Silnk program is a virus that contaminates .lnk files on the computer.

More details about W32.Silnk

The W32.Silnk is a virus that contaminates “.lnk” files on the computer system. When the W32.Slink is opened, it duplicates itself as “%System%\LNKnell.exe” file. This virus contaminates “.lnk” files in the “C:\Documents and Settings\All Users\Desktop”. The malware may only be acquired from email attachment. The program will automatically reside in the memory to avoid detection once the attachment is downloaded and executed by the user. Once active for the first time, the malware will patch the explorer.exe program in Windows for its functionality. During the installation, the malware program may be capable of picking out a random INI file and embedding its code on the end-of-file. It will then proceed to integrating it to the Windows Registry to automatically execute during Windows Startup.

The W32.Silnk application may utilize a rootkit tool to hides it presence from the computer. Rootkit tools may rename the files process of the application. This makes the downloader Trojan program hard to detect and remove. Root kit tools can also terminate security application of the computer. The rootkit tool scans the process list for keywords that may be related to anti-malware programs and terminates it. This allows the program to perform its functions undetected.The program may cause slow computer performance. This is because the W32.Silnk application and its downloaded components may eat up system resources. This process leads to poor computer response. The performed downloads may also slow down the Internet connection. The download process may cause traffic and clogging in the connection. This may even render the computer’s Internet connection unusable.