Web Deals Interactive LLC

Publisher Information

Web Deals Interactive LLC is a software developer located in Carlsbad, California in the United States*. The company is a primary distributor of unwanted software. Web Deals Interactive (a brand of Injekt, LLC) is an adware distributor of ad-supported bundled software. The company is/patners with various other adware publishers under the same team including Parallel Lines Development, Western Web Applications, Big Water, Mesa Roha Solutions, and Creative Island Media. The primary application that publisher distributes is web browser extesnsions that are bundled by 3rd-part download managers. There is one additional code signing certificate issued to this publisher.
Authority:
GoDaddy.com, Inc.

Valid from:
5/15/2012 9:41:08 PM

Valid to:
5/15/2013 6:52:46 PM

Subject:
CN=Web Deals Interactive LLC, O=Web Deals Interactive LLC, L=Carlsbad, S=CA, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2b7631e3d31fb1

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.WebDealsInteractive.J, PUP.Installer.WebDealsInteractive.N, PUP.Installer.WebDealsInteractive.CC, PUP.Injekt.WebDealsInteractive.Installer (M), PUP.Injekt.WebDeals.Installer (M), PUP.Injekt (M)
100.00%

Dr.Web
Adware.Plugin.8
66.67%

VIPRE Antivirus
Yontoo
66.67%

ESET NOD32
Win32/Adware.Yontoo (variant)
66.67%

Comodo Security
UnclassifiedMalware
60.00%

Agnitum Outpost
Adware.Generic
53.33%

Baidu Antivirus
Adware.Win32.Agent, AdWare.Win32.Yontoo, Adware.Win32.Yontoo
46.67%

McAfee
Artemis!935E90933704, Artemis!424E68DE579A, Artemis!EDE1B6FF1696, Artemis!5F7EFF660AC6, Artemis!44367EE65047
40.00%

Trend Micro House Call
TROJ_GEN.FCBCBLB, TROJ_GEN.RCBH1KQ, TROJ_FAKEAV.BMC, TROJ_GEN.R0CBH05HS13
33.33%

Rising Antivirus
PE:Trojan.Win32.Generic.136D92E8!325948136, Trojan.Win32.Generic.13E38AD4, PE:Trojan.Win32.Generic.134BCABD!323734205
33.33%

1 / 68      (Adware)
yontoo-c4.exe (DropDownDeals by Web Deals Interactive)  (aeb17980b1864eb67beaa7bb6849fdd2)

1 / 68      (Adware)
ddddsetup.exe (DropDownDeals by Web Deals Interactive)  (bfdde93be750dbad84669cfcda85dc0f)

1 / 68      (Adware)

1 / 68      (Adware)
ddddsetup.exe (DropDownDeals by Web Deals Interactive)  (3cbce63d64d6d17969fdb835b2bf2976)

1 / 68      (Adware)

13 / 68    (Adware)

13 / 68    (Adware)

9 / 68      (Adware)

9 / 68      (Adware)

8 / 68      (Adware)

10 / 68    (Adware)

9 / 68      (Adware)
yontoo-c4.exe (DropDownDeals by Web Deals Interactive)  (62520fed3ac0663f82061a8fb21e1f67)

6 / 68      (Adware)
yontoo-c4.exe (DropDownDeals by Web Deals Interactive)  (067becafd5f884ceb2e86f766f965b5d)

10 / 68    (Adware)

10 / 68    (Adware)
yontoo-b4.exe (DropDownDeals by Web Deals Interactive)  (935e90933704ef0e1cf5b89b9e86a19f)

Downloads URLs for files signed by Web Deals Interactive LLC.

10 / 68    (Adware)
http://dl5.iq7download.com/lm/bundles/.../yontoo-b4.exe  (935e90933704ef0e1cf5b89b9e86a19f)

The following websites host and distribute files published by Web Deals Interactive LLC.

The following certificate is also signed by Web Deals Interactive LLC.

07F91262CBD7E0  (May 09, 2011 to May 09, 2012)

The following publishers (by Authenticode signature organization name) are related.

* Note, the details and description above are based on the code signing digital signature issued to Web Deals Interactive LLC by GoDaddy.com, Inc. on May 15, 2012 with the serial number '2b7631e3d31fb1'.