Lizardlink

Publisher Information

Lizardlink is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising.
Remove Lizardlink Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
8/12/2013 7:00:00 PM

Valid to:
8/13/2015 6:59:59 PM

Subject:
CN=Lizardlink, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Lizardlink, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
75d65d3f9991f633c8ac64a5ae9e34ee

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Yontoo.Lizardlink (M), Adware.Yontoo.Lizardlink (M)
100.00%

Agnitum Outpost
Riskware.Agent, Trojan.BPlug, PUA.Agent
16.00%

VIPRE Antivirus
Adware.SearchProtect, Threat.4741131, Trojan.Win32.Generic, Yontoo
16.00%

Baidu Antivirus
Adware.Win32.BrowseFox
16.00%

Dr.Web
Trojan.BPlug.100, Trojan.Yontoo.115, Trojan.BPlug.123, Adware.Plugin.100
16.00%

IKARUS anti.virus
AdWare.BrowseBurst, AdWare.BrowseFox, AdWare.SpadeCast, not-a-virus:AdWare.Win32.Agent
16.00%

AVG
Generic, Webet, MalSign.Skodna.BuzzSearch, BrowseFox.F
16.00%

McAfee
Artemis!842EDB4C77B1, BrowseFox.e, Artemis!C515D124E11C, Artemis!FE4846FA2B12
16.00%

McAfee Web Gateway
Artemis!842EDB4C77B1, BrowseFox.e, Artemis!C515D124E11C, BehavesLike.Win32.PUP.dh
16.00%

Sophos
Generic PUA CG, Browse Fox, BrowseSmart, Generic PUA BC
16.00%

1 / 68      (Adware)
utillizardlink.exe  (e59fbd2d29cd72c61aa83e43f36d3b19)

25 / 68    (Adware)

34 / 68    (Adware)

1 / 68      (Adware)
lizardlink.expextdll.dll  (f9bba5ca89eda978c811ec3ed11e5fbb)

1 / 68      (Adware)
97b7ec0af98745e4b01b64.dll  (13e200845ad83b87ef7cbeefea48a11d)

1 / 68      (Adware)
215f39474d1346f795aa64.dll  (eae7ed09abd3dd3bfb8741c2a02982c5)

1 / 68      (Adware)
215f39474d1346f795aa.dll  (e0a97a23963e73d77e85411d3d6d7879)

38 / 68    (Adware)
lizardlinkbho.dll (Lizardlink)  (5bfa521dad818a940c108b767aacab74)

1 / 68      (Adware)
Lizardlink2015050618.exe  (da445c081450207c976d573ecb7a9788)

1 / 68      (Adware)
Lizardlink2015061218.exe  (44e922f64b11ea9863c6fc4a1e82b329)

1 / 68      (Adware)
Lizardlink2015052213.exe  (b1b02599e3eb0b5bf4f9cb60d691fdeb)

1 / 68      (Adware)
Lizardlink2015071715.exe  (4c8fb29b63456b75abf9bb29ec7fea99)

1 / 68      (Adware)
updatelizardlink.exe  (9e5bff7de56ad4f9e726843b646a2b1f)

12 / 68    (Adware)
{215f3947-4d13-46f7-95aa-328779d361ce}w64.sys (StdLib)  (2a2b084faf18cd9454b4a311f791d53f)

1 / 68      (Adware)
{215f3947-4d13-46f7-95aa-328779d361ce}gw64.sys (StdLib)  (fbd2fc3f6aa2da39fb287bc267d8372b)

1 / 68      (Adware)
Lizardlink.Repmon.dll  (a527e33dcbf6bf39c55ab54faab426c0)

1 / 68      (Adware)
Lizardlink.PurBrowse.dll  (ad6c5587ef066c00059356854dee7863)

1 / 68      (Adware)
Lizardlink.GCUpdate.dll  (b8c24cc712fdcc081ace4510381c28ec)

1 / 68      (Adware)
Lizardlink.DspSvc.dll  (6b249b8d705a4312138faea3e9f1b1a2)

1 / 68      (Adware)
Lizardlink.BRT.dll  (5303180856a057fbd1c2fdd6981a20c3)

1 / 68      (Adware)
Lizardlink.BrowserAdapterS.dll  (83dd874bf195d133dcc69dc01d623ead)

1 / 68      (Adware)
Lizardlink.BrowserAdapter.dll  (d77f323b526a5203f8d117dbdb9c4fa6)

34 / 68    (Adware)

1 / 68      (Adware)
lizardlinkbaapp.dll  (a3906c95639e1541ed46fa1d9834966e)

1 / 68      (Adware)
lizardlink.purbrowse64.exe  (cbcfa0534516870b088b24e3aa9f3b90)

1 / 68      (Adware)
lizardlink.browseradapter.exe  (6a6e5fc5887727cf38e2991d30dbef27)

1 / 68      (Adware)
lizardlink.expextdll.dll  (8f79e4c854919e916cd893961cec99f0)

1 / 68      (Adware)
97b7ec0af98745e4b01b64.dll  (7352a837f9e67c29e992cdf0a79b9aa6)

34 / 68    (Adware)

1 / 68      (Adware)
lizardlink.expextdll.dll  (9a06d3f2578e88a856b7e0a3635c39d2)

 
Latest 30 of 338 files

The following publishers (by Authenticode signature organization name) are related.

30 of 98 publishers

Remove Lizardlink Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Lizardlink by VeriSign, Inc. on August 12, 2013 with the serial number '75d65d3f9991f633c8ac64a5ae9e34ee'.