Home / malware Adware:Win32/WebCake
First posted on 05 April 2019.
Source: MicrosoftAliases :
There are no other names known for Adware:Win32/WebCake.
Explanation :
Installation
The installer for this program creates a folder named one of the following in %ProgramFiles% and %APPDATA%:
Betcat Tepfel Movdap WebCake Web Cake
It might then install the following files there:
datDesktop.OS.dll datDora.dat datMaintain.dat datPaladin.dat datPhoenix.dat OptChrome.exe optimizer.exe PlugIns.cache sqlite3.exe WebCakeDesktop.exe WebCakeDesktop.Updater.exe WebCakeDesktop.Updater.InstallState WebCakeIEClient.dll WebCakeLayers.crx
It changes the following registry entry to ensure that it runs whenever you start your PC:
In subkey: HKCUSoftwareMicrosoftWindowsCurrentVersionRun
Sets value: "WebCake Desktop"
With data: ""
It also changes a number of registry entries to set up a service, called "WebCake Desktop Updater". This service tries to update the program every time you start your PC.
It adds itself as two Internet Explorer add-ons with the names "WebCake" and "WebCake API". In Chrome, it installs itself as an extension with the name "Web Cake". In Firefox, it installs itself as an add-on with the name "WebCake".
The program creates an installation entry in the Programs and Features section of the Control Panel. Running this uninstaller may remove some or all of the files related to the program from your PC.
If the uninstaller does not work, see the What to do now section on the Summary tab for instructions on how to remove the add-ons.
Adware:Win32/WebCake can be installed from the program's website or it might be bundled with some third-party software installation programs, like SoftwareBundler:Win32/Cakeport.
Behavior
The program displays ads to you as you browse the Internet, as in the following examples:
Analysis by Geoff McDonaldLast update 05 April 2019