W32/Naplik.a is an appending virus for the Windows platform. This file infector infects .EXE files by copying its code to the end of the file, in a new section ".k0kus" and the file's entry point is modified to point to the virus code. (Note: The virus did not replicate when tested by McAfee).

Upon execution, it injects its dll routine "VirusBoot.dll" into explorer.exe, which is in charge of the infection.

More information can be found at this McAfee page.