Linksicle

By Domesticus in Adware

Threat Scorecard

Ranking:	3,046
Threat Level:	20 % (Normal)
Infected Computers:	23,873

First Seen:	October 11, 2013
Last Seen:	September 20, 2023
OS(es) Affected:	Windows

Linksicle is a PUP, Potentially Unwanted Program, that is used to add advertising content to affected Web browsers. Linksicle uses in-text advertisements that pop-up in a new window. Linksicle advertisements may appear whenever you visit numerous popular websites, including Facebook, Amazon, Google and YouTube. Linksicle is a Web browser add-on that is supported by online advertising. The Linksicle PUP may affect various Web browsers. Versions of Linksicle are available for Internet Explorer, Google Chrome and Mozilla Firefox and may also affect other popular Web browsers on the Windows operating system. Linksicle is distributed using various advertisement platforms and is installed using misleading tactics. If Linksicle is installed on your Web browser, security researchers strongly recommend the use of a reliable anti-malware program to protect your computer and remove this PUP immediately.

Table of Contents

How Linksicle Enters Can Infect Your Computer

In most cases, Linksicle is installed when a computer user downloads and installs freeware from an unreliable, poorly-regulated source. PUPs like Linksicle use this method often to enter computers, and there are certain types of freeware programs that are usually related with these types of unwanted components (for example, media players, video streaming applications, file format converters, PDF readers and creators and download managers). Marketers may bundle these types of applications with PUPs like Linksicle to ensure that they are installed by unsuspecting computer users. Example of free programs that are known to be bundled with Linksicle include such apps as 1ClickDownload, Superfish, Yontoo and FBPhotoZoom. Because of this, ESG security researchers strongly advise computer users never to install freeware from unreliable sources and to use custom installation to monitor all of the components that are being installed along with the free application.

The Unusual Tactics Used by Linksicle

Linksicle inserts in-text advertisements into otherwise safe websites. Linksicle works by highlighting certain words and turning them into links. These links use a double underline to differentiate themselves from normal links in the source text. When computer users pass their cursor over the highlighted text, a pop-up advertisement will appear. Whenever computer users click on links displayed by Linksicle, the developers of Linksicle receive affiliate marketing payouts. Linksicle adds banner advertisements to websites and may cause other problems, such as browser redirects and performance problems on the affected Web browser.

SpyHunter Detects & Remove Linksicle

File System Details

Linksicle may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	lssvc.exe.vir	4ebd5db8349c2d0d9eb3335a56fe71be	6,067
Name: lssvc.exe.vir MD5: 4ebd5db8349c2d0d9eb3335a56fe71be Size: 272.93 KB (272936 bytes) Detections: 6,067 Path: %SYSTEMDRIVE%\$Recycle.Bin\S-1-5-21-4173812974-4024746568-2807418354-1001\$RPN6A3X\Quarantine\C\Program Files (x86)\Linksicle\Service\lssvc.exe.vir Group: Malware file Last Updated: November 21, 2022
2.	lsnfd.sys	c9cff377cf56f12076a48ea5a14c75e2	4,843
Name: lsnfd.sys MD5: c9cff377cf56f12076a48ea5a14c75e2 Size: 58.19 KB (58192 bytes) Detections: 4,843 Type: System file Path: %WINDIR%\system32\drivers\lsnfd.sys Group: Malware file Last Updated: May 25, 2021
3.	lsnfd.sys	a9cb93a568b7f60ecbd4ec647b20ec88	2,836
Name: lsnfd.sys MD5: a9cb93a568b7f60ecbd4ec647b20ec88 Size: 58.19 KB (58192 bytes) Detections: 2,836 Type: System file Path: %WINDIR%\system32\drivers\lsnfd.sys Group: Malware file Last Updated: February 19, 2023
4.	lssvc.exe	55c4c01682e57856c79a13f7b674eb84	2,068
Name: lssvc.exe MD5: 55c4c01682e57856c79a13f7b674eb84 Size: 272.93 KB (272936 bytes) Detections: 2,068 Type: Executable File Path: %PROGRAMFILES(x86)%\Linksicle\Service Group: Malware file Last Updated: September 12, 2018
5.	lsnfd.sys	46b1d1299a23638712b5c3630756c8c2	1,512
Name: lsnfd.sys MD5: 46b1d1299a23638712b5c3630756c8c2 Size: 52.68 KB (52688 bytes) Detections: 1,512 Type: System file Path: %WINDIR%\System32\drivers Group: Malware file Last Updated: October 3, 2018
6.	LinksicleClientIE.dll.vir	f8d6cd1139a156c236e93d5f0baf476b	361
Name: LinksicleClientIE.dll.vir MD5: f8d6cd1139a156c236e93d5f0baf476b Size: 176.16 KB (176168 bytes) Detections: 361 Path: %SYSTEMDRIVE%\$Recycle.Bin\S-1-5-21-4173812974-4024746568-2807418354-1001\$RPN6A3X\Quarantine\C\Program Files\Linksicle\IE\LinksicleClientIE.dll.vir Group: Malware file Last Updated: March 20, 2023
7.	lssvc.exe	dac21f6dfa0d8dff2bd05e67edf66b77	245
Name: lssvc.exe MD5: dac21f6dfa0d8dff2bd05e67edf66b77 Size: 272.93 KB (272936 bytes) Detections: 245 Type: Executable File Path: %PROGRAMFILES(x86)%\Linksicle\Service Group: Malware file Last Updated: April 1, 2020
8.	LinksicleClientIE.dll	2442a723fce71564feb592ad8d2c8853	12
Name: LinksicleClientIE.dll MD5: 2442a723fce71564feb592ad8d2c8853 Size: 145.96 KB (145960 bytes) Detections: 12 Type: Dynamic link library Path: %PROGRAMFILES(x86)%\Linksicle\IE32\LinksicleClientIE.dll Group: Malware file Last Updated: May 25, 2021
9.	LinksicleClientIE.dll	4efaa71429731e499040422f77730241	7
Name: LinksicleClientIE.dll MD5: 4efaa71429731e499040422f77730241 Size: 176.16 KB (176168 bytes) Detections: 7 Type: Dynamic link library Path: %PROGRAMFILES%\Linksicle\IE Group: Malware file Last Updated: April 1, 2020
10.	air3291.exe	5a02633ccd7884b65e4448a53fabf5a5	5
Name: air3291.exe MD5: 5a02633ccd7884b65e4448a53fabf5a5 Size: 1.57 MB (1579616 bytes) Detections: 5 Type: Executable File Path: C:\Users\<username>\AppData\Local\Temp\air3291.exe Group: Malware file Last Updated: August 17, 2022
11.	linksicle@linksicle.com.xpi	2630f7db42ab62b2a6d083d926edca34	0
Name: linksicle@linksicle.com.xpi MD5: 2630f7db42ab62b2a6d083d926edca34 Size: 11.05 KB (11054 bytes) Detections: 0 Group: Malware file Last Updated: October 11, 2013
12.	gohhkpbcblcpnaghfmnkfangnkkagacg.crx	c75c9e612f3b1d1e5baf815c07e06217	0
Name: gohhkpbcblcpnaghfmnkfangnkkagacg.crx MD5: c75c9e612f3b1d1e5baf815c07e06217 Size: 18.78 KB (18787 bytes) Detections: 0 Group: Malware file Last Updated: October 11, 2013

Registry Details

Linksicle may create the following registry entry or registry entries:

CLSID

{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A}

{8A7BE212-5F53-4252-8DCA-1FB5451D4E2B}

{A073AC6F-0B69-494C-8D61-60618FA37B4A}

HKEY..\..\..\..{RegistryKeys}

SOFTWARE\Linksicle

SOFTWARE\Mozilla\Firefox\Extensions\linksicle@linksicle.com

SOFTWARE\Wow6432Node\Linksicle

SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\linksicle@linksicle.com

SYSTEM\ControlSet001\services\lssvc

SYSTEM\ControlSet002\services\lssvc

SYSTEM\CurrentControlSet\services\lssvc

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

Linksicle

Directories

Linksicle may create the following directory or directories:

%ProgramFiles%\Linksicle

%ProgramFiles%\Mozilla Firefox\extensions\linksicle@linksicle.com

%ProgramFiles(x86)%\Linksicle

%ProgramFiles(x86)%\Mozilla Firefox\extensions\linksicle@linksicle.com

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Linksicle

Threat Scorecard

EnigmaSoft Threat Scorecard

How Linksicle Enters Can Infect Your Computer

The Unusual Tactics Used by Linksicle

SpyHunter Detects & Remove Linksicle

File System Details

Registry Details

Directories

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen