Super Web LLC

Publisher Information

Super Web LLC is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising. There is one additional code signing certificate issued to this publisher.
Remove Super Web LLC Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
12/14/2012 1:00:00 AM

Valid to:
12/15/2013 12:59:59 AM

Subject:
CN=Super Web LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Super Web LLC, L=Los Angeles, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4119cf85506b9920a6b0ffa138c96637

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SuperWeb.H, PUP.Installer.SuperWeb.F, PUP.Service.SuperWeb.O, Adware.Yontoo.BHO.N, PUP.SuperWeb.K, PUP.Service.SuperWeb.Q, Adware.Yontoo.SuperWeb.S, PUP.SuperWeb.J, PUP.SuperWeb.P, PUP.Yontoo.SuperWeb.Installer (M), Adware.Yontoo.SuperWeb (M), PUP.Yontoo.SuperWeb (M)
100.00%

VIPRE Antivirus
Yontoo, Trojan.Win32.Generic, Threat.4741131
75.00%

Dr.Web
Adware.Shopper.361, Adware.Plugin.100, Trojan.BPlug.4
52.78%

ESET NOD32
Win32/BrowseFox, Win32/BrowseFox (variant), MSIL/BrowseFox (variant)
47.22%

Malwarebytes
PUP.Optional.WebConnect.A, PUP.Optional.WebLayers.A
38.89%

Sophos
Generic PUA CG, Generic PUA DP, Generic PUA AP, SuperWeb
36.11%

Trend Micro House Call
WORM_BAGLE.BMH, TROJ_GEN.F47V1003, TROJ_GEN.F47V1021, TROJ_GEN.F47V0924, TROJ_GEN.F47V0819, TROJ_GEN.R0CBOH0HQ13, TROJ_GEN.F47V1120
33.33%

Comodo Security
Application.Win32.Agent.~WBC, Application.Win32.Altbrowse.AK
30.56%

McAfee
Artemis!2121DE64D8C4, Artemis!BA7F639E24A4, Artemis!637F0422739D, Artemis!934BF096FE98, Artemis!E27337840CD5
27.78%

McAfee Web Gateway
Artemis!2121DE64D8C4, Artemis!BA7F639E24A4, Artemis!637F0422739D, Artemis!934BF096FE98, Artemis!E27337840CD5
25.00%

1 / 68      (Adware)
rwt3z0zq.s2g.exe (by WebConnect)  (e13a3d6c75625f3da2373cb39022ea5b)

1 / 68      (Adware)
a4j4k0vq.1tm.exe (by WebConnect)  (726c32a6876a97104fc8ad04a3143a89)

1 / 68      (Adware)
a3fidime.uhv.exe (by WebConnect)  (57f05ff5d05387042c1cf1eeaf67c9ba)

1 / 68      (Adware)
WebConnect.GCUpdate.dll  (d379c32a87deacb2a70ef75be710b2dd)

1 / 68      (Adware)
WebConnect.CompatibilityChecker.dll  (6de00471b3fa9388616a06ab42bc7c7f)

1 / 68      (Adware)
setup.exe  (3df37ac2a46f42589a014394b22ef31f)

7 / 68      (Adware)
ieclient.dll (Web Layers)  (5634c78e26d8776954e24707036b4569)

1 / 68      (Adware)
desktop.exe (Desktop by Microsoft)  (99cb5fa727bca627edebba5fc3dbb781)

1 / 68      (Adware)
Desktop.OS.Plugin.dll (Desktop.OS.Plugin)  (e7eb454731473e7a04b6af2648ecbf9f)

1 / 68      (Adware)
Desktop.OS.dll (Desktop)  (2e87129662a002826126ed66fe57f66d)

3 / 68      (Adware)
updater.exe (Desktop.Updater by Microsoft)  (7d38ccbfac137065d9155346c7639cd4)

2 / 68      (Adware)
WebConnect.GCUpdate.dll  (e0d7f5972b9fb5b0e7d7fe9f6d222e45)

2 / 68      (Adware)
WebConnect.IEUpdate.dll (by WebConnect)  (6f6483aeb98d80002513a8962949752c)

6 / 68      (Adware)
WebConnect.GCUpdate.dll (by BrowseFox)  (caa345d64206b6fb8d5457edac279ba8)

2 / 68      (Adware)
WebConnect.FFUpdate.dll (by WebConnect)  (33bbdbd91d2ce3696f0021b78b55b329)

2 / 68      (Adware)
WebConnect.IEUpdate.dll (by WebConnect)  (0dc3908b85b81b68f12eebe145a08fad)

2 / 68      (Adware)
WebConnect.FFUpdate.dll (by WebConnect)  (b5296b68c6fefd33ea4e985f1ea888ca)

12 / 68    (Adware)
setup.exe  (e27337840cd53edae6b6db7b6b34022b)

3 / 68      (Adware)
WebConnect.IEUpdate.dll  (8851587021a37b0a8bc7cadd859ebaae)

5 / 68      (Adware)
WebConnect.GCUpdate.dll  (6eb2f4cc9ea3033654f35ab6d68860ef)

3 / 68      (Adware)
WebConnect.FFUpdate.dll  (acd7ff4925183fcf81417b6be4ed5a1e)

21 / 68    (Adware)
webconnectbho.dll (WebConnect by Web Connect)  (f9aba2621fe9d8b5e2b200b726a08758)

7 / 68      (Adware)
webconnect.exe  (fba928ae43b7cdaed5f2e25ae55ca95c)

21 / 68    (Adware)
webconnectbho.dll (WebConnect by Web Connect)  (944e569a1ed4b0757ed053aae7d90745)

17 / 68    (Adware)
setup.exe  (934bf096fe983a4213ead5e22ed4a70a)

6 / 68      (Adware)
WebConnect.Common.dll (by WebConnect)  (1c6ead93b1352e1440a65801d1938b0e)

8 / 68      (Adware)
updatewebconnect.exe (by WebConnect)  (5a2fdd7c49fbb13a9fe500ecfc4da793)

21 / 68    (Adware)
webconnectbho.dll (WebConnect by Web Connect)  (4bb2c2727dc19323b95b7f26facccc93)

23 / 68    (Adware)
setup.exe  (637f0422739d3b0502f9a5f0e809c777)

6 / 68      (Adware)
updatewebconnect.exe  (a40e1fd669a794f219115c1f2b30d4e8)

 
Latest 30 of 36 files

Downloads URLs for files signed by Super Web LLC.

12 / 68    (Adware)
http://wpc.0952.edgecastcdn.net/800952/.../setup.exe  (e27337840cd53edae6b6db7b6b34022b)

11 / 68    (Adware)
http://cdn.airdlr8.com/downloads/offers/.../WebLayers.exe  (2121de64d8c420849d52ef31a7f2e20b)

8 / 68      (Adware)
http://wpc.0952.edgecastcdn.net/800952/.../setup.exe  (cb9fd9e8f4dbca1e640ce32e6d72e72a)

23 / 68    (Adware)
http://wpc.0952.edgecastcdn.net/800952/.../setup.exe  (637f0422739d3b0502f9a5f0e809c777)

The following websites host and distribute files published by Super Web LLC.

The following certificate is also signed by Super Web LLC.

27033EAA9AFF39A69AA31E701AC9D731  (Jan 03, 2014 to Jan 04, 2015)

The following publishers (by Authenticode signature organization name) are related.

30 of 146 publishers

Remove Super Web LLC Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Super Web LLC by VeriSign, Inc. on December 14, 2012 with the serial number '4119cf85506b9920a6b0ffa138c96637'.