LizardBar
LizardBar is a Internet Explorer browser helper object that may redirect search requests. Lizardbar attempts to advertise porn sites by inserting URLs into web forms where a homepage entry is requested.
LizardBar is set as the internal file name for submithook.dll. When you enter a url in a web browser, submithook.dll changes the internal "onsubmit" handler with its own subroutine. Once the form is submitted, the submithook.dll subroutine enumerates all the form fields and starts looking for any with the name "url", "homepage", "page", "www", ".cl1" or "site". If it finds any of these fields, it will retrieve a single URL from a remote server and insert the URL into the form field. The server's response will be a link to pornographic material at www.indateens.com.
File System Modifications
- The following files were created in the system:
# File Name 1 submithook.dll 2 winhlp32.dll
Registry Modifications
- The following CLSID's were detected:
HKEY..\..\{CLSID Path}029BB53A-C312-4B09-9B4F-ED57AF027B282E9CAFF6-30C7-4208-8807-E79D4EC6F806
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.